Package org.springframework.security.oauth2.provider.expression

Examples of org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandlerTests


        return false;
      }
      // create an OAuth2Authentication
      OAuth2Authentication auth = new OAuth2Authentication(createStoredRequest(tokenResponse), createAuthentication(tokenResponse));
      // create an OAuth2AccessToken
      OAuth2AccessToken token = createAccessToken(tokenResponse, accessToken);

      if (token.getExpiration().after(new Date())) {
        // Store them in the cache
        authCache.put(accessToken, new TokenCacheObject(token, auth));

        return true;
      }
View Full Code Here


//    String userJson = getRestTemplate().getForObject(getUrl("/v2/users/{guid}"), String.class, user);
//    Map<String, Object> userInfo = (Map<String, Object>) JsonUtil.convertJsonToMap(userJson);
//    return userInfo();
    //TODO: remove this temporary hack once the /v2/users/ uri can be accessed by mere mortals
    String userJson = "{}";
    OAuth2AccessToken accessToken = oauthClient.getToken();
    if (accessToken != null) {
      String tokenString = accessToken.getValue();
      int x = tokenString.indexOf('.');
      int y = tokenString.indexOf('.', x + 1);
      String encodedString = tokenString.substring(x + 1, y);
      try {
        byte[] decodedBytes = new sun.misc.BASE64Decoder().decodeBuffer(encodedString);
View Full Code Here

   * Retrieve Token from ~/.cf/tokens.yml
   *
   * @return token (String)
   */
  protected OAuth2AccessToken retrieveToken() throws MojoExecutionException {
    final OAuth2AccessToken token = tokensFile.retrieveToken(getTarget());

    if (token == null) {
      throw new MojoExecutionException(String.format("Can not authenticate to target '%s'. " +
          "Configure a username and password, or use the login goal.", getTarget().toString()));
    }
View Full Code Here

    super.execute();
  }

  @Override
  protected void doExecute() throws MojoExecutionException {
    final OAuth2AccessToken token = getClient().login();
    final CloudInfo cloudInfo = getClient().getCloudInfo();
    final CloudSpace space = getCurrentSpace();

    tokensFile.saveToken(getTarget(), token, cloudInfo, space);
View Full Code Here

    return token;
  }

  public String getAuthorizationHeader() {
    OAuth2AccessToken accessToken = getToken();
    if (accessToken != null) {
      return accessToken.getTokenType() + " " + accessToken.getValue();
    }
    return null;
  }
View Full Code Here

    this.allowRefresh = allowRefresh;
  }

  @Override
  public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
    OAuth2AccessToken token = super.grant(grantType, tokenRequest);
    if (token != null) {
      DefaultOAuth2AccessToken norefresh = new DefaultOAuth2AccessToken(token);
      // The spec says that client credentials should not be allowed to get a refresh token
      if (!allowRefresh) {
        norefresh.setRefreshToken(null);
View Full Code Here

      builder.append(", scope=" + scopes);
      builder.append(" and username=" + userAuthentication.getName());
      logger.debug(builder.toString());
    }

    OAuth2AccessToken accessToken = tokenStore.getAccessToken(authentication);
    logger.debug("Existing access token=" + accessToken);
    if (accessToken != null && !accessToken.isExpired()) {
      logger.debug("User already approved with token=" + accessToken);
      // A token was already granted and is still valid, so this is already approved
      approved = true;
    }
    else {
View Full Code Here

  public void setAuthenticationKeyGenerator(AuthenticationKeyGenerator authenticationKeyGenerator) {
    this.authenticationKeyGenerator = authenticationKeyGenerator;
  }

  public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) {
    OAuth2AccessToken accessToken = null;

    String key = authenticationKeyGenerator.extractKey(authentication);
    try {
      accessToken = jdbcTemplate.queryForObject(selectAccessTokenFromAuthenticationSql,
          new RowMapper<OAuth2AccessToken>() {
            public OAuth2AccessToken mapRow(ResultSet rs, int rowNum) throws SQLException {
              return deserializeAccessToken(rs.getBytes(2));
            }
          }, key);
    }
    catch (EmptyResultDataAccessException e) {
      if (LOG.isDebugEnabled()) {
        LOG.debug("Failed to find access token for authentication " + authentication);
      }
    }
    catch (IllegalArgumentException e) {
      LOG.error("Could not extract access token for authentication " + authentication, e);
    }

    if (accessToken != null
        && !key.equals(authenticationKeyGenerator.extractKey(readAuthentication(accessToken.getValue())))) {
      removeAccessToken(accessToken.getValue());
      // Keep the store consistent (maybe the same user is represented by this authentication but the details have
      // changed)
      storeAccessToken(accessToken, authentication);
    }
    return accessToken;
View Full Code Here

        new SqlLobValue(serializeAuthentication(authentication)), extractTokenKey(refreshToken) }, new int[] {
        Types.VARCHAR, Types.BLOB, Types.VARCHAR, Types.VARCHAR, Types.VARCHAR, Types.BLOB, Types.VARCHAR });
  }

  public OAuth2AccessToken readAccessToken(String tokenValue) {
    OAuth2AccessToken accessToken = null;

    try {
      accessToken = jdbcTemplate.queryForObject(selectAccessTokenSql, new RowMapper<OAuth2AccessToken>() {
        public OAuth2AccessToken mapRow(ResultSet rs, int rowNum) throws SQLException {
          return deserializeAccessToken(rs.getBytes(2));
View Full Code Here

        new SqlLobValue(serializeAuthentication(authentication)) }, new int[] { Types.VARCHAR, Types.BLOB,
        Types.BLOB });
  }

  public OAuth2RefreshToken readRefreshToken(String token) {
    OAuth2RefreshToken refreshToken = null;

    try {
      refreshToken = jdbcTemplate.queryForObject(selectRefreshTokenSql, new RowMapper<OAuth2RefreshToken>() {
        public OAuth2RefreshToken mapRow(ResultSet rs, int rowNum) throws SQLException {
          return deserializeRefreshToken(rs.getBytes(2));
View Full Code Here

TOP

Related Classes of org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandlerTests

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.