Examples with ExpiringOAuth2RefreshToken org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken used on opensource projects

Example 1 with ExpiringOAuth2RefreshToken

use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class AbstractDefaultTokenServicesTests method testRefreshedTokenInvalidWithWrongClient.

@Test(expected = InvalidGrantException.class)
public void testRefreshedTokenInvalidWithWrongClient() throws Exception {
    ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "wrong"), "wrong", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertEquals("[read]", refreshedAccessToken.getScope().toString());
}

Example 2 with ExpiringOAuth2RefreshToken

use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class AbstractDefaultTokenServicesTests method testRefreshedTokenHasNarrowedScopes.

@Test
public void testRefreshedTokenHasNarrowedScopes() throws Exception {
    ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertEquals("[read]", refreshedAccessToken.getScope().toString());
}

Example 3 with ExpiringOAuth2RefreshToken

use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class AbstractDefaultTokenServicesTests method testRefreshTokenRequestHasRefreshFlag.

@Test
public void testRefreshTokenRequestHasRefreshFlag() throws Exception {
    ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
    final AtomicBoolean called = new AtomicBoolean(false);
    getTokenServices().setTokenEnhancer(new TokenEnhancer() {

        @Override
        public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
            assertTrue(authentication.getOAuth2Request().isRefresh());
            called.set(true);
            return accessToken;
        }
    });
    getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertTrue(called.get());
}

Example 4 with ExpiringOAuth2RefreshToken

use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testExpiredRefreshTokenIsRenewedWithNewAccessToken.

@Test
public void testExpiredRefreshTokenIsRenewedWithNewAccessToken() throws Exception {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    assertNotNull(firstAccessToken.getRefreshToken());
    // Make it expire (and rely on mutable state in volatile token store)
    ReflectionTestUtils.setField(firstAccessToken.getRefreshToken(), "expiration", new Date(System.currentTimeMillis() - 1000));
    firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    DefaultOAuth2AccessToken secondAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    ExpiringOAuth2RefreshToken refreshToken = (ExpiringOAuth2RefreshToken) secondAccessToken.getRefreshToken();
    assertNotNull(refreshToken);
    assertTrue(refreshToken.getExpiration().getTime() > System.currentTimeMillis());
}

Example 5 with ExpiringOAuth2RefreshToken

use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithJwtTests method testRefreshedTokenHasIdThatMatchesAccessToken.

@Test
public void testRefreshedTokenHasIdThatMatchesAccessToken() throws Exception {
    JsonParser parser = JsonParserFactory.create();
    OAuth2Authentication authentication = createAuthentication();
    OAuth2AccessToken initialToken = getTokenServices().createAccessToken(authentication);
    ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) initialToken.getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    Map<String, ?> accessTokenInfo = parser.parseMap(JwtHelper.decode(refreshedAccessToken.getValue()).getClaims());
    Map<String, ?> refreshTokenInfo = parser.parseMap(JwtHelper.decode(refreshedAccessToken.getRefreshToken().getValue()).getClaims());
    assertEquals("Access token ID does not match refresh token ATI", accessTokenInfo.get(AccessTokenConverter.JTI), refreshTokenInfo.get(AccessTokenConverter.ATI));
    assertNotSame("Refresh token re-used", expectedExpiringRefreshToken.getValue(), refreshedAccessToken.getRefreshToken().getValue());
}