Examples of org.springframework.security.oauth2.provider.TokenRequest

• org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler
  Represents an OAuth2 token request, made at the {@link TokenEndpoint}. The requestParameters map should contain the original, unmodified parameters from the original OAuth2 request. In the implicit flow, a token is requested through the {@link AuthorizationEndpoint} directly, and in that case the{@link AuthorizationRequest} is converted into a {@link TokenRequest} for processing through the token grantingchain. @author Amanda Anganes @author Dave Syer

    authorizationParameters.put("code", code);

    //AuthorizationRequest oAuth2Request = createFromParameters(initialParameters);
    //oAuth2Request.setRequestParameters(authorizationParameters);

    TokenRequest tokenRequest = requestFactory.createTokenRequest(parameters, client);
    tokenRequest.setRequestParameters(authorizationParameters);

    AuthorizationCodeTokenGranter granter = new AuthorizationCodeTokenGranter(providerTokenServices,
        authorizationCodeServices, clientDetailsService, requestFactory);
    try {
      granter.getOAuth2Authentication(client, tokenRequest);

      }
    });

    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    assertTrue(accessToken.getValue().startsWith("I'mEnhanced"));
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(
        accessToken.getRefreshToken().getValue(), tokenRequest);
    assertTrue(refreshedAccessToken.getValue().startsWith("I'mEnhanced"));
  }

  @Test
  public void testRefreshTokenMaintainsState() throws Exception {
    getTokenServices().setSupportRefreshToken(true);
    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    OAuth2RefreshToken expectedExpiringRefreshToken = accessToken.getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(
        expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertNotNull(refreshedAccessToken);
    assertEquals(1, getAccessTokenCount());
  }

  public void testNotReuseRefreshTokenMaintainsState() throws Exception {
    getTokenServices().setSupportRefreshToken(true);
    getTokenServices().setReuseRefreshToken(false);
    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    OAuth2RefreshToken expectedExpiringRefreshToken = accessToken.getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(
        expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertNotNull(refreshedAccessToken);
    assertEquals(1, getRefreshTokenCount());
  }

  @Before
  public void init() {
    token = new DefaultOAuth2AccessToken("FOO");
    ClientDetails client = new BaseClientDetails("client", null, "read", "client_credentials", "ROLE_CLIENT");
    authentication = new OAuth2Authentication(
        new TokenRequest(null, "client", null, "client_credentials").createOAuth2Request(client), null);
    tokenStore.clear();
  }

  private Principal clientAuthentication = new UsernamePasswordAuthenticationToken("client", null,
      Collections.singleton(new SimpleGrantedAuthority("ROLE_CLIENT")));

  private TokenRequest createFromParameters(Map<String, String> parameters) {
    TokenRequest request = new TokenRequest(parameters, parameters.get(OAuth2Utils.CLIENT_ID),
        OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.SCOPE)),
        parameters.get(OAuth2Utils.GRANT_TYPE));
    return request;
  }

  }

  @Test
  public void testTransformedRequest() {
    service.store(oauth2Request, tokenRequest);
    TokenRequest tokenRequest = new TokenRequest(Collections.<String, String> emptyMap(), "client", Collections.singleton("read"), "implicit");
    assertEquals(oauth2Request, service.remove(tokenRequest));
    assertEquals(null, service.remove(tokenRequest));
  }

    return newClient;
  }

  private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {

    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
    OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

    if (config.getRegTokenLifeTime() != null) {

      try {
        // Re-issue the token if it has been issued before [currentTime - validity]

    return newClient;
  }

  private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {

    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
    OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

    if (config.getRegTokenLifeTime() != null) {

      try {
        // Re-issue the token if it has been issued before [currentTime - validity]

    @EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
    private static class GlobalSecurityConfiguration extends GlobalMethodSecurityConfiguration {<% if (authenticationType == 'token') { %>

        @Override
        protected MethodSecurityExpressionHandler createExpressionHandler() {
            return new OAuth2MethodSecurityExpressionHandler();
        }<% } %>