Package org.springframework.security.oauth2.provider

Examples of org.springframework.security.oauth2.provider.OAuth2Authentication


    try {

      OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest);

      OAuth2Authentication combinedAuth = new OAuth2Authentication(storedOAuth2Request, authentication);
      String code = authorizationCodeServices.createAuthorizationCode(combinedAuth);

      return code;

    }
View Full Code Here


   * @param scope The scope for the refreshed token.
   * @return The refreshed authentication.
   * @throws InvalidScopeException If the scope requested is invalid or wider than the original scope.
   */
  private OAuth2Authentication createRefreshedAuthentication(OAuth2Authentication authentication, Set<String> scope) {
    OAuth2Authentication narrowed = authentication;
    if (scope != null && !scope.isEmpty()) {
      OAuth2Request clientAuth = authentication.getOAuth2Request();
      Set<String> originalScope = clientAuth.getScope();
      if (originalScope == null || !originalScope.containsAll(scope)) {
        throw new InvalidScopeException("Unable to narrow the scope of the client authentication to " + scope
            + ".", originalScope);
      }
      else {
        narrowed = new OAuth2Authentication(clientAuth.narrowScope(scope),
            authentication.getUserAuthentication());
      }
    }
    return narrowed;
  }
View Full Code Here

    else if (accessToken.isExpired()) {
      tokenStore.removeAccessToken(accessToken);
      throw new InvalidTokenException("Access token expired: " + accessTokenValue);
    }

    OAuth2Authentication result = tokenStore.readAuthentication(accessToken);
    if (clientDetailsService != null) {
      String clientId = result.getOAuth2Request().getClientId();
      try {
        clientDetailsService.loadClientByClientId(clientId);
      }
      catch (ClientRegistrationException e) {
        throw new InvalidTokenException("Client not valid: " + clientId, e);
View Full Code Here

    }
    return result;
  }

  public String getClientId(String tokenValue) {
    OAuth2Authentication authentication = tokenStore.readAuthentication(tokenValue);
    if (authentication == null) {
      throw new InvalidTokenException("Invalid access token: " + tokenValue);
    }
    OAuth2Request clientAuth = authentication.getOAuth2Request();
    if (clientAuth == null) {
      throw new InvalidTokenException("Invalid access token (no client id): " + tokenValue);
    }
    return clientAuth.getClientId();
  }
View Full Code Here

    assertEquals("[read]", refreshedAccessToken.getScope().toString());
  }

  @Test
  public void testTokenRevoked() throws Exception {
    OAuth2Authentication authentication = createAuthentication();
    OAuth2AccessToken original = getTokenServices().createAccessToken(authentication);
    getTokenStore().removeAccessToken(original);
    assertEquals(0, getTokenStore().findTokensByClientId(authentication.getOAuth2Request().getClientId()).size());
  }
View Full Code Here

  }

  protected abstract TokenStore createTokenStore();

  protected OAuth2Authentication createAuthentication() {
    return new OAuth2Authentication(RequestTokenFactory.createOAuth2Request(null, "id", null, false,
        new LinkedHashSet<String>(Arrays.asList("read", "write")), null, null, null, null),
        new TestAuthentication("test2", false));
  }
View Full Code Here

  }

  @Test
  public void extractAuthentication() {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    token.setScope(authentication.getOAuth2Request().getScope());
    Map<String, ?> map = converter.convertAccessToken(token, authentication);
    assertTrue(map.containsKey(AccessTokenConverter.AUD));
    assertTrue(map.containsKey(AccessTokenConverter.SCOPE));
    assertTrue(map.containsKey(AccessTokenConverter.AUTHORITIES));
    OAuth2Authentication extracted = converter.extractAuthentication(map);
    assertTrue(extracted.getOAuth2Request().getResourceIds().contains("resource"));
  }
View Full Code Here

  }

  @Test
  public void extractAuthenticationFromClientToken() {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
    OAuth2Authentication authentication = new OAuth2Authentication(request, null);
    token.setScope(authentication.getOAuth2Request().getScope());
    Map<String, ?> map = converter.convertAccessToken(token, authentication);
    assertTrue(map.containsKey(AccessTokenConverter.AUD));
    assertTrue(map.containsKey(AccessTokenConverter.SCOPE));
    assertTrue(map.containsKey(AccessTokenConverter.AUTHORITIES));
    OAuth2Authentication extracted = converter.extractAuthentication(map);
    assertTrue(extracted.getOAuth2Request().getResourceIds().contains("resource"));
  }
View Full Code Here

  @Before
  public void init() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setClientId("client");
    authorizationRequest.setScope(Arrays.asList("read", "write"));
    authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication);
    InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();
    client = new BaseClientDetails("client", "source", "read,write", "authorization_code,client_credentials",
        "read");
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    voter.setClientDetailsService(clientDetailsService);
View Full Code Here

  abstract AuthorizationCodeServices getAuthorizationCodeServices();

  @Test
  public void testCreateAuthorizationCode() {
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(storedOAuth2Request,
        new TestAuthentication("test2", false));
    String code = getAuthorizationCodeServices().createAuthorizationCode(expectedAuthentication);
    assertNotNull(code);

    OAuth2Authentication actualAuthentication = getAuthorizationCodeServices().consumeAuthorizationCode(code);
    assertEquals(expectedAuthentication, actualAuthentication);
  }
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.provider.OAuth2Authentication

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.