Examples of org.springframework.security.oauth2.provider.OAuth2Request

• org.springframework.security.oauth2.provider.OAuth2Request
  Represents a stored authorization or token request. Used as part of the OAuth2Authentication object to store a request's authentication information. Does not expose public setters so that clients can not mutate state if they respect the declared type of the request. @author Amanda Anganes @author Dave Syer

    if (!(authentication instanceof OAuth2Authentication)) {
      return result;
    }

    OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication;
    OAuth2Request clientAuthentication = oauth2Authentication.getOAuth2Request();
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuthentication.getClientId());
    Set<String> scopes = clientAuthentication.getScope();
    if (oauth2Authentication.isClientOnly() && clientAuthoritiesAreScopes) {
      scopes = AuthorityUtils.authorityListToSet(clientAuthentication.getAuthorities());
    }

    for (ConfigAttribute attribute : attributes) {
      if (this.supports(attribute)) {

      if (denyAccess.equals(attribute.getAttribute())) {
        return ACCESS_DENIED;
      }
    }

    OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();

    for (ConfigAttribute attribute : attributes) {
      if (this.supports(attribute)) {
        result = ACCESS_DENIED;

        Set<String> scopes = clientAuthentication.getScope();
        for (String scope : scopes) {
          if (attribute.getAttribute().toUpperCase().equals((scopePrefix + scope).toUpperCase())) {
            return ACCESS_GRANTED;
          }
        }

        if (clientAuth.isAuthenticated()) {
          // Ensure the OAuth2Authentication is authenticated
          authorizationRequest.setApproved(true);
        }

        OAuth2Request storedOAuth2Request = oAuth2RequestFactory.createOAuth2Request(authorizationRequest);

        SecurityContextHolder.getContext().setAuthentication(
            new OAuth2Authentication(storedOAuth2Request, authResult));

        onSuccessfulAuthentication(request, response, authResult);

    }
    if (userAuth == null || !userAuth.isAuthenticated()) {
      throw new InvalidGrantException("Could not authenticate user: " + username);
    }

    OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
    return new OAuth2Authentication(storedOAuth2Request, userAuth);
  }

  public void store(OAuth2Request originalRequest, TokenRequest tokenRequest) {
    this.requestStore.put(tokenRequest, originalRequest);
  }

  public OAuth2Request remove(TokenRequest tokenRequest) {
    OAuth2Request request = this.requestStore.remove(tokenRequest);
    return request;
  }

    if (userAuth==null || !userAuth.isAuthenticated()) {
      throw new InsufficientAuthenticationException("There is no currently logged in user");
    }
    Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest.");

    OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request();

    return new OAuth2Authentication(requestForStorage, userAuth);

  }

    this.userTokenConverter = userTokenConverter;
  }

  public Map<String, ?> convertAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) {
    Map<String, Object> response = new HashMap<String, Object>();
    OAuth2Request clientToken = authentication.getOAuth2Request();

    if (!authentication.isClientOnly()) {
      response.putAll(userTokenConverter.convertUserAuthentication(authentication.getUserAuthentication()));
    } else {
      if (clientToken.getAuthorities()!=null && !clientToken.getAuthorities().isEmpty()) {
        response.put(UserAuthenticationConverter.AUTHORITIES, clientToken.getAuthorities());
      }
    }

    if (token.getScope()!=null) {
      response.put(SCOPE, token.getScope());
    }
    if (token.getAdditionalInformation().containsKey(JTI)) {
      response.put(JTI, token.getAdditionalInformation().get(JTI));
    }

    if (token.getExpiration() != null) {
      response.put(EXP, token.getExpiration().getTime() / 1000);
    }

    response.putAll(token.getAdditionalInformation());

    response.put(CLIENT_ID, clientToken.getClientId());
    if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) {
      response.put(AUD, clientToken.getResourceIds());
    }
    return response;
  }

    String clientId = (String) map.get(CLIENT_ID);
    parameters.put(CLIENT_ID, clientId);
    @SuppressWarnings("unchecked")
    Set<String> resourceIds = new LinkedHashSet<String>(map.containsKey(AUD) ? (Collection<String>) map.get(AUD)
        : Collections.<String>emptySet());
    OAuth2Request request = new OAuth2Request(parameters, clientId, null, true, scope, resourceIds, null, null,
        null);
    return new OAuth2Authentication(request, user);
  }

 */
public abstract class OAuth2ExpressionUtils {

  public static boolean clientHasAnyRole(Authentication authentication, String... roles) {
    if (authentication instanceof OAuth2Authentication) {
      OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();
      Collection<? extends GrantedAuthority> clientAuthorities = clientAuthentication.getAuthorities();
      if (clientAuthorities != null) {
        Set<String> roleSet = AuthorityUtils.authorityListToSet(clientAuthorities);
        for (String role : roles) {
          if (roleSet.contains(role)) {
            return true;

  }

  public static boolean hasAnyScope(Authentication authentication, String[] scopes) {

    if (authentication instanceof OAuth2Authentication) {
      OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();
      Collection<String> assigned = clientAuthentication.getScope();
      if (assigned != null) {
        for (String scope : scopes) {
          if (assigned.contains(scope)) {
            return true;
          }