Examples of org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping

• org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory
  A handler mapping for framework endpoints (those annotated with @FrameworkEndpoint). @author Dave Syer

  private static final String USERNAME = "username";

  public String extractKey(OAuth2Authentication authentication) {
    Map<String, String> values = new LinkedHashMap<String, String>();
    OAuth2Request authorizationRequest = authentication.getOAuth2Request();
    if (!authentication.isClientOnly()) {
      values.put(USERNAME, authentication.getName());
    }
    values.put(CLIENT_ID, authorizationRequest.getClientId());
    if (authorizationRequest.getScope() != null) {
      values.put(SCOPE, OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
    }
    MessageDigest digest;
    try {
      digest = MessageDigest.getInstance("MD5");
    }

    refreshToken = Mockito.mock(OAuth2RefreshTokenEntity.class);
    Mockito.when(tokenRepository.getRefreshTokenByValue(refreshTokenValue)).thenReturn(refreshToken);
    Mockito.when(refreshToken.getClient()).thenReturn(client);
    Mockito.when(refreshToken.isExpired()).thenReturn(false);

    tokenRequest = new TokenRequest(null, clientId, null, null);

    storedAuthentication = authentication;
    storedAuthRequest = clientAuth;
    storedAuthHolder = Mockito.mock(AuthenticationHolderEntity.class);
    storedScope = Sets.newHashSet(scope);

    return newClient;
  }

  private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {

    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
    OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

    if (config.getRegTokenLifeTime() != null) {

      try {
        // Re-issue the token if it has been issued before [currentTime - validity]

    return newClient;
  }

  private OAuth2AccessTokenEntity fetchValidRegistrationToken(OAuth2Authentication auth, ClientDetailsEntity client) {

    OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) auth.getDetails();
    OAuth2AccessTokenEntity token = tokenService.readAccessToken(details.getTokenValue());

    if (config.getRegTokenLifeTime() != null) {

      try {
        // Re-issue the token if it has been issued before [currentTime - validity]

  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    AuthorizationServerSecurityConfigurer configurer = new AuthorizationServerSecurityConfigurer();
    FrameworkEndpointHandlerMapping handlerMapping = endpoints.oauth2EndpointHandlerMapping();
    http.setSharedObject(FrameworkEndpointHandlerMapping.class, handlerMapping);
    configure(configurer);
    http.apply(configurer);
    String tokenEndpointPath = handlerMapping.getServletPath("/oauth/token");
    String tokenKeyPath = handlerMapping.getServletPath("/oauth/token_key");
    String checkTokenPath = handlerMapping.getServletPath("/oauth/check_token");
    // @formatter:off
    http
          .authorizeRequests()
              .antMatchers(tokenEndpointPath).fullyAuthenticated()
              .antMatchers(tokenKeyPath).access(configurer.getTokenKeyAccess())

  }

  @Bean
  public AuthorizationEndpoint authorizationEndpoint() throws Exception {
    AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint();
    FrameworkEndpointHandlerMapping mapping = getEndpoints().getFrameworkEndpointHandlerMapping();
    authorizationEndpoint.setUserApprovalPage(extractPath(mapping, "/oauth/confirm_access"));
    authorizationEndpoint.setErrorPage(extractPath(mapping, "/oauth/error"));
    authorizationEndpoint.setTokenGranter(tokenGranter());
    authorizationEndpoint.setClientDetailsService(clientDetailsService);
    authorizationEndpoint.setAuthorizationCodeServices(authorizationCodeServices());

    return tokenGranter;
  }

  private FrameworkEndpointHandlerMapping frameworkEndpointHandlerMapping() {
    if (frameworkEndpointHandlerMapping == null) {
      frameworkEndpointHandlerMapping = new FrameworkEndpointHandlerMapping();
      frameworkEndpointHandlerMapping.setMappings(patternMap);
      frameworkEndpointHandlerMapping.setPrefix(prefix);
      frameworkEndpointHandlerMapping.setInterceptors(interceptors.toArray());
    }
    return frameworkEndpointHandlerMapping;

        return new WhitelabelApprovalEndpoint ();
    }

    @Bean
    public FrameworkEndpointHandlerMapping endpointHandlerMapping() {
        return new FrameworkEndpointHandlerMapping();
    }

    @EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
    private static class GlobalSecurityConfiguration extends GlobalMethodSecurityConfiguration {<% if (authenticationType == 'token') { %>

        @Override
        protected MethodSecurityExpressionHandler createExpressionHandler() {
            return new OAuth2MethodSecurityExpressionHandler();
        }<% } %>

  private OAuth2RequestFactory defaultOAuth2RequestFactory;

  public void afterPropertiesSet() throws Exception {
    Assert.state(tokenGranter != null, "TokenGranter must be provided");
    Assert.state(clientDetailsService != null, "ClientDetailsService must be provided");
    defaultOAuth2RequestFactory = new DefaultOAuth2RequestFactory(getClientDetailsService());
    if (oAuth2RequestFactory == null) {
      oAuth2RequestFactory = defaultOAuth2RequestFactory;
    }
  }