Package org.springframework.security.oauth2.provider

Examples of org.springframework.security.oauth2.provider.OAuth2Request


  }

  public static boolean hasAnyScopeMatching(Authentication authentication, String[] scopesRegex) {

    if (authentication instanceof OAuth2Authentication) {
      OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();
      for (String scope : clientAuthentication.getScope()) {
        for (String regex : scopesRegex) {
          if (scope.matches(regex)) {
            return true;
          }
        }
View Full Code Here


  protected OAuth2AccessToken getAccessToken(ClientDetails client, TokenRequest tokenRequest) {
    return tokenServices.createAccessToken(getOAuth2Authentication(client, tokenRequest));
  }

  protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
    OAuth2Request storedOAuth2Request = requestFactory.createOAuth2Request(client, tokenRequest);
    return new OAuth2Authentication(storedOAuth2Request, null);
  }
View Full Code Here

  // We can grant a token and return it with implicit approval.
  private ModelAndView getImplicitGrantResponse(AuthorizationRequest authorizationRequest) {
    try {
      TokenRequest tokenRequest = getOAuth2RequestFactory().createTokenRequest(authorizationRequest, "implicit");
      OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest);
      OAuth2AccessToken accessToken = getAccessTokenForImplicitGrant(tokenRequest, storedOAuth2Request);
      if (accessToken == null) {
        throw new UnsupportedResponseTypeException("Unsupported response type: token");
      }
      return new ModelAndView(new RedirectView(appendAccessToken(authorizationRequest, accessToken), false, true,
View Full Code Here

  private String generateCode(AuthorizationRequest authorizationRequest, Authentication authentication)
      throws AuthenticationException {

    try {

      OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest);

      OAuth2Authentication combinedAuth = new OAuth2Authentication(storedOAuth2Request, authentication);
      String code = authorizationCodeServices.createAuthorizationCode(combinedAuth);

      return code;
View Full Code Here

   * @throws InvalidScopeException If the scope requested is invalid or wider than the original scope.
   */
  private OAuth2Authentication createRefreshedAuthentication(OAuth2Authentication authentication, Set<String> scope) {
    OAuth2Authentication narrowed = authentication;
    if (scope != null && !scope.isEmpty()) {
      OAuth2Request clientAuth = authentication.getOAuth2Request();
      Set<String> originalScope = clientAuth.getScope();
      if (originalScope == null || !originalScope.containsAll(scope)) {
        throw new InvalidScopeException("Unable to narrow the scope of the client authentication to " + scope
            + ".", originalScope);
      }
      else {
        narrowed = new OAuth2Authentication(clientAuth.narrowScope(scope),
            authentication.getUserAuthentication());
      }
    }
    return narrowed;
  }
View Full Code Here

  public String getClientId(String tokenValue) {
    OAuth2Authentication authentication = tokenStore.readAuthentication(tokenValue);
    if (authentication == null) {
      throw new InvalidTokenException("Invalid access token: " + tokenValue);
    }
    OAuth2Request clientAuth = authentication.getOAuth2Request();
    if (clientAuth == null) {
      throw new InvalidTokenException("Invalid access token (no client id): " + tokenValue);
    }
    return clientAuth.getClientId();
  }
View Full Code Here

    assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).throwOnError(true));
  }

  @Test
  public void testSufficientScopeWithNoPreviousScopeDecision() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));

    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isClient());
    assertFalse(new OAuth2SecurityExpressionMethods(oAuth2Authentication).throwOnError(false));
View Full Code Here

    assertFalse(new OAuth2SecurityExpressionMethods(clientAuthentication).clientHasAnyRole("ROLE_USER"));
  }

  @Test
  public void testClientOnly() throws Exception {
    OAuth2Request request = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));

    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar",
        Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(request, userAuthentication);
    assertFalse(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isClient());
View Full Code Here

    assertTrue(new OAuth2SecurityExpressionMethods(new OAuth2Authentication(request, null)).isClient());
  }

  @Test
  public void testOAuthUser() throws Exception {
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request("foo", true, Collections.singleton("read"));

    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("foo", "bar",
        Collections.singleton(new SimpleGrantedAuthority("ROLE_USER")));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).isUser());
View Full Code Here

  abstract AuthorizationCodeServices getAuthorizationCodeServices();

  @Test
  public void testCreateAuthorizationCode() {
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(storedOAuth2Request,
        new TestAuthentication("test2", false));
    String code = getAuthorizationCodeServices().createAuthorizationCode(expectedAuthentication);
    assertNotNull(code);
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.provider.OAuth2Request

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.