Examples with OAuthAccessProviderToken org.springframework.security.oauth.provider.token.OAuthAccessProviderToken used on opensource projects

Search in sources :

Example 1 with OAuthAccessProviderToken

use of org.springframework.security.oauth.provider.token.OAuthAccessProviderToken in project spring-security-oauth by spring-projects.

the class ProtectedResourceProcessingFilterTests method testOnValidSignature.

/**
	 * test onValidSignature
	 */
@Test
public void testOnValidSignature() throws Exception {
    ProtectedResourceProcessingFilter filter = new ProtectedResourceProcessingFilter();
    HttpServletRequest request = mock(HttpServletRequest.class);
    HttpServletResponse response = mock(HttpServletResponse.class);
    FilterChain chain = mock(FilterChain.class);
    ConsumerCredentials creds = new ConsumerCredentials("key", "sig", "meth", "base", "tok");
    ConsumerAuthentication authentication = new ConsumerAuthentication(mock(ConsumerDetails.class), creds);
    authentication.setAuthenticated(true);
    SecurityContextHolder.getContext().setAuthentication(authentication);
    OAuthProviderTokenServices tokenServices = mock(OAuthProviderTokenServices.class);
    OAuthAccessProviderToken token = mock(OAuthAccessProviderToken.class);
    filter.setTokenServices(tokenServices);
    when(tokenServices.getToken("tok")).thenReturn(token);
    when(token.isAccessToken()).thenReturn(true);
    Authentication userAuthentication = mock(Authentication.class);
    when(token.getUserAuthentication()).thenReturn(userAuthentication);
    filter.onValidSignature(request, response, chain);
    verify(chain).doFilter(request, response);
    assertSame(userAuthentication, SecurityContextHolder.getContext().getAuthentication());
    SecurityContextHolder.getContext().setAuthentication(null);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ProtectedResourceProcessingFilter(org.springframework.security.oauth.provider.filter.ProtectedResourceProcessingFilter) OAuthProviderTokenServices(org.springframework.security.oauth.provider.token.OAuthProviderTokenServices) ConsumerCredentials(org.springframework.security.oauth.provider.ConsumerCredentials) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) Authentication(org.springframework.security.core.Authentication) FilterChain(javax.servlet.FilterChain) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) HttpServletResponse(javax.servlet.http.HttpServletResponse) OAuthAccessProviderToken(org.springframework.security.oauth.provider.token.OAuthAccessProviderToken) ConsumerDetails(org.springframework.security.oauth.provider.ConsumerDetails) Test(org.junit.Test)

Example 2 with OAuthAccessProviderToken

use of org.springframework.security.oauth.provider.token.OAuthAccessProviderToken in project spring-security-oauth by spring-projects.

the class ProtectedResourceProcessingFilter method onValidSignature.

protected void onValidSignature(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
    ConsumerAuthentication authentication = (ConsumerAuthentication) SecurityContextHolder.getContext().getAuthentication();
    String token = authentication.getConsumerCredentials().getToken();
    OAuthAccessProviderToken accessToken = null;
    if (StringUtils.hasText(token)) {
        OAuthProviderToken authToken = getTokenServices().getToken(token);
        if (authToken == null) {
            throw new AccessDeniedException("Invalid access token.");
        } else if (!authToken.isAccessToken()) {
            throw new AccessDeniedException("Token should be an access token.");
        } else if (authToken instanceof OAuthAccessProviderToken) {
            accessToken = (OAuthAccessProviderToken) authToken;
        }
    } else if ((!(authentication.getConsumerDetails() instanceof ExtraTrustConsumerDetails)) || ((ExtraTrustConsumerDetails) authentication.getConsumerDetails()).isRequiredToObtainAuthenticatedToken()) {
        throw new InvalidOAuthParametersException(messages.getMessage("ProtectedResourceProcessingFilter.missingToken", "Missing auth token."));
    }
    Authentication userAuthentication = authHandler.createAuthentication(request, authentication, accessToken);
    SecurityContextHolder.getContext().setAuthentication(userAuthentication);
    chain.doFilter(request, response);
}
Also used : OAuthProviderToken(org.springframework.security.oauth.provider.token.OAuthProviderToken) AccessDeniedException(org.springframework.security.access.AccessDeniedException) InvalidOAuthParametersException(org.springframework.security.oauth.provider.InvalidOAuthParametersException) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) Authentication(org.springframework.security.core.Authentication) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) ExtraTrustConsumerDetails(org.springframework.security.oauth.provider.ExtraTrustConsumerDetails) OAuthAccessProviderToken(org.springframework.security.oauth.provider.token.OAuthAccessProviderToken)

Example 3 with OAuthAccessProviderToken

use of org.springframework.security.oauth.provider.token.OAuthAccessProviderToken in project spring-security-oauth by spring-projects.

the class UnauthenticatedRequestTokenProcessingFilterTests method testCreateOAuthToken.

/**
	 * tests creating the oauth token.
	 */
@Test
public void testCreateOAuthToken() throws Exception {
    ConsumerDetails consumerDetails = mock(ConsumerDetails.class);
    ConsumerCredentials creds = new ConsumerCredentials("key", "sig", "meth", "base", "tok");
    OAuthProviderTokenServices tokenServices = mock(OAuthProviderTokenServices.class);
    OAuthAccessProviderToken token = mock(OAuthAccessProviderToken.class);
    UnauthenticatedRequestTokenProcessingFilter filter = new UnauthenticatedRequestTokenProcessingFilter();
    filter.setTokenServices(tokenServices);
    when(consumerDetails.getConsumerKey()).thenReturn("chi");
    when(consumerDetails.getAuthorities()).thenReturn(new ArrayList<GrantedAuthority>());
    when(tokenServices.createUnauthorizedRequestToken("chi", "callback")).thenReturn(token);
    TreeMap<String, String> map = new TreeMap<String, String>();
    map.put(OAuthConsumerParameter.oauth_callback.toString(), "callback");
    ConsumerAuthentication authentication = new ConsumerAuthentication(consumerDetails, creds, map);
    assertSame(token, filter.createOAuthToken(authentication));
}
Also used : UnauthenticatedRequestTokenProcessingFilter(org.springframework.security.oauth.provider.filter.UnauthenticatedRequestTokenProcessingFilter) OAuthProviderTokenServices(org.springframework.security.oauth.provider.token.OAuthProviderTokenServices) ConsumerCredentials(org.springframework.security.oauth.provider.ConsumerCredentials) GrantedAuthority(org.springframework.security.core.GrantedAuthority) ConsumerAuthentication(org.springframework.security.oauth.provider.ConsumerAuthentication) OAuthAccessProviderToken(org.springframework.security.oauth.provider.token.OAuthAccessProviderToken) TreeMap(java.util.TreeMap) ConsumerDetails(org.springframework.security.oauth.provider.ConsumerDetails) Test(org.junit.Test)

Aggregations

ConsumerAuthentication (org.springframework.security.oauth.provider.ConsumerAuthentication)3 OAuthAccessProviderToken (org.springframework.security.oauth.provider.token.OAuthAccessProviderToken)3 Test (org.junit.Test)2 Authentication (org.springframework.security.core.Authentication)2 ConsumerCredentials (org.springframework.security.oauth.provider.ConsumerCredentials)2 ConsumerDetails (org.springframework.security.oauth.provider.ConsumerDetails)2 OAuthProviderTokenServices (org.springframework.security.oauth.provider.token.OAuthProviderTokenServices)2 TreeMap (java.util.TreeMap)1 FilterChain (javax.servlet.FilterChain)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1 HttpServletResponse (javax.servlet.http.HttpServletResponse)1 AccessDeniedException (org.springframework.security.access.AccessDeniedException)1 GrantedAuthority (org.springframework.security.core.GrantedAuthority)1 ExtraTrustConsumerDetails (org.springframework.security.oauth.provider.ExtraTrustConsumerDetails)1 InvalidOAuthParametersException (org.springframework.security.oauth.provider.InvalidOAuthParametersException)1 ProtectedResourceProcessingFilter (org.springframework.security.oauth.provider.filter.ProtectedResourceProcessingFilter)1 UnauthenticatedRequestTokenProcessingFilter (org.springframework.security.oauth.provider.filter.UnauthenticatedRequestTokenProcessingFilter)1 OAuthProviderToken (org.springframework.security.oauth.provider.token.OAuthProviderToken)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial