Package org.springframework.security.oauth2.provider

Examples of org.springframework.security.oauth2.provider.TokenGranter

1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(holder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
View Full Code Here
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
  @Override
  public OAuth2AccessTokenEntity createAccessToken(OAuth2Authentication authentication) throws AuthenticationException, InvalidClientException {
    if (authentication != null && authentication.getOAuth2Request() != null) {
      // look up our client
      OAuth2Request clientAuth = authentication.getOAuth2Request();

      ClientDetailsEntity client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());

      if (client == null) {
        throw new InvalidClientException("Client not found: " + clientAuth.getClientId());
      }

      OAuth2AccessTokenEntity token = new OAuth2AccessTokenEntity();//accessTokenFactory.createNewAccessToken();

      // attach the client
      token.setClient(client);

      // inherit the scope from the auth, but make a new set so it is
      //not unmodifiable. Unmodifiables don't play nicely with Eclipselink, which
      //wants to use the clone operation.
      Set<String> scopes = Sets.newHashSet(clientAuth.getScope());
      // remove any of the special system scopes
      scopes = scopeService.removeRestrictedScopes(scopes);
      token.setScope(scopes);

      // make it expire if necessary
      if (client.getAccessTokenValiditySeconds() != null && client.getAccessTokenValiditySeconds() > 0) {
        Date expiration = new Date(System.currentTimeMillis() + (client.getAccessTokenValiditySeconds() * 1000L));
        token.setExpiration(expiration);
      }

      // attach the authorization so that we can look it up later
      AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity();
      authHolder.setAuthentication(authentication);
      authHolder = authenticationHolderRepository.save(authHolder);

      token.setAuthenticationHolder(authHolder);

      // attach a refresh token, if this client is allowed to request them and the user gets the offline scope
      if (client.isAllowRefresh() && scopes.contains(SystemScopeService.OFFLINE_ACCESS)) {
        OAuth2RefreshTokenEntity refreshToken = new OAuth2RefreshTokenEntity(); //refreshTokenFactory.createNewRefreshToken();
        JWTClaimsSet refreshClaims = new JWTClaimsSet();


        // make it expire if necessary
        if (client.getRefreshTokenValiditySeconds() != null) {
          Date expiration = new Date(System.currentTimeMillis() + (client.getRefreshTokenValiditySeconds() * 1000L));
          refreshToken.setExpiration(expiration);
          refreshClaims.setExpirationTime(expiration);
        }

        // set a random identifier
        refreshClaims.setJWTID(UUID.randomUUID().toString());

        // TODO: add issuer fields, signature to JWT

        PlainJWT refreshJwt = new PlainJWT(refreshClaims);
        refreshToken.setJwt(refreshJwt);

        //Add the authentication
        refreshToken.setAuthenticationHolder(authHolder);
        refreshToken.setClient(client);



        // save the token first so that we can set it to a member of the access token (NOTE: is this step necessary?)
        OAuth2RefreshTokenEntity savedRefreshToken = tokenRepository.saveRefreshToken(refreshToken);

        token.setRefreshToken(savedRefreshToken);
      }
     
      OAuth2AccessTokenEntity enhancedToken = (OAuth2AccessTokenEntity) tokenEnhancer.enhance(token, authentication);

      OAuth2AccessTokenEntity savedToken = tokenRepository.saveAccessToken(enhancedToken);

      //Add approved site reference, if any
      OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();

      if (originalAuthRequest.getExtensions() != null && originalAuthRequest.getExtensions().containsKey("approved_site")) {

        Long apId = (Long) originalAuthRequest.getExtensions().get("approved_site");
        ApprovedSite ap = approvedSiteService.getById(apId);
        Set<OAuth2AccessTokenEntity> apTokens = ap.getApprovedAccessTokens();
        apTokens.add(savedToken);
        ap.setApprovedAccessTokens(apTokens);
        approvedSiteService.save(ap);
View Full Code Here
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
        assertThat(savedSites.get(1).getApprovedAccessTokens().size(), equalTo(site2.getApprovedAccessTokens().size()));
    }
   
    @Test
    public void testImportAuthenticationHolders() throws IOException {
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
View Full Code Here
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
        Date expirationDate1 = DateUtil.utcToDate(expiration1);
       
        ClientDetailsEntity mockedClient1 = mock(ClientDetailsEntity.class);
        when(mockedClient1.getClientId()).thenReturn("mocked_client_1");
       
        OAuth2Request req1 = new OAuth2Request(new HashMap<String, String>(), "client1", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://foo.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth1 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth1 = new OAuth2Authentication(req1, mockAuth1);
       
        AuthenticationHolderEntity holder1 = new AuthenticationHolderEntity();
        holder1.setId(1L);
        holder1.setAuthentication(auth1);
       
        OAuth2RefreshTokenEntity token1 = new OAuth2RefreshTokenEntity();
        token1.setId(1L);
        token1.setClient(mockedClient1);
        token1.setExpiration(expirationDate1);
        token1.setValue("eyJhbGciOiJub25lIn0.eyJqdGkiOiJmOTg4OWQyOS0xMTk1LTQ4ODEtODgwZC1lZjVlYzAwY2Y4NDIifQ.");
        token1.setAuthenticationHolder(holder1);
       
        String expiration2 = "2015-01-07T18:31:50.079+0000";
        Date expirationDate2 = DateUtil.utcToDate(expiration2);
       
        ClientDetailsEntity mockedClient2 = mock(ClientDetailsEntity.class);
        when(mockedClient2.getClientId()).thenReturn("mocked_client_2");
       
        OAuth2Request req2 = new OAuth2Request(new HashMap<String, String>(), "client2", new ArrayList<GrantedAuthority>(),
                                               true, new HashSet<String>(), new HashSet<String>(), "http://bar.com",
                                               new HashSet<String>(), null);
        Authentication mockAuth2 = mock(Authentication.class, withSettings().serializable());
        OAuth2Authentication auth2 = new OAuth2Authentication(req2, mockAuth2);
       
View Full Code Here
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
  private static final String USERNAME = "username";

  public String extractKey(OAuth2Authentication authentication) {
    Map<String, String> values = new LinkedHashMap<String, String>();
    OAuth2Request authorizationRequest = authentication.getOAuth2Request();
    if (!authentication.isClientOnly()) {
      values.put(USERNAME, authentication.getName());
    }
    values.put(CLIENT_ID, authorizationRequest.getClientId());
    if (authorizationRequest.getScope() != null) {
      values.put(SCOPE, OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
    }
    MessageDigest digest;
    try {
      digest = MessageDigest.getInstance("MD5");
    }
View Full Code Here
26
27
28
29
30
31
32
33
    context = new GenericXmlApplicationContext(getClass(), RESOURCE_NAME);
  }
 
  @Test
  public void testCustomGrantRegistered() {
    TokenGranter granter = context.getBean(CompositeTokenGranter.class);
    assertNotNull("Custom grant registration failed!", granter.grant("test-grant", null));
  }
View Full Code Here
23
24
25
26
27
28
29
30
  @Test
  public void testCustomGrantRegistered() {
    expected.expect(BeanDefinitionParsingException.class);
    expected.expectMessage("ClientDetailsService");
    context = new GenericXmlApplicationContext(getClass(), RESOURCE_NAME);
    TokenGranter granter = context.getBean(CompositeTokenGranter.class);
    assertNotNull(granter);
  }
View Full Code Here
371
372
373
374
375
376
377
378
379
380
381
    assertTrue("Wrong scope: " + result, url.contains("&scope=read%20write"));
  }

  @Test(expected = InvalidScopeException.class)
  public void testImplicitPreApprovedButInvalid() throws Exception {
    endpoint.setTokenGranter(new TokenGranter() {
      public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
        throw new IllegalStateException("Shouldn't be called");
      }
    });
    endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {
View Full Code Here
402
403
404
405
406
407
408
409
410
411
412
    assertTrue("Wrong view: " + result, url.startsWith("http://anywhere.com"));
  }

  @Test
  public void testImplicitUnapproved() throws Exception {
    endpoint.setTokenGranter(new TokenGranter() {
      public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
        return null;
      }
    });
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate",
View Full Code Here
431
432
433
434
435
436
437
438
439
440
441
      public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
        return true;
      }
    });
    endpoint.setTokenGranter(new TokenGranter() {
      public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
        return null;
      }
    });
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate",
View Full Code Here
TOP

Related Classes of org.springframework.security.oauth2.provider.TokenGranter

  • client.ClientServerInteractionTests
  • com.springsource.greenhouse.settings.SettingsControllerTest
  • demo.Application
  • demo.Application$OAuth2Config
  • demo.Application$TokenEndpointSecurity
  • OAuth2AuthenticationReadConverter
  • org.codehaus.jackson.map.ObjectMapper
  • org.mitre.oauth2.introspectingfilter.IntrospectingTokenService
  • org.mitre.oauth2.repository.impl.JpaAuthorizationCodeRepository
  • org.mitre.oauth2.service.impl.DefaultIntrospectionResultAssembler
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.