Example 16 with AuthorizationRequest
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class DefaultUserApprovalHandlerTests method testBasicApproval.
@Test
public void testBasicApproval() {
AuthorizationRequest request = new AuthorizationRequest(new HashMap<String, String>(), null, null, null, null, null, false, null, null, null);
// This is enough to be explicitly approved
request.setApproved(true);
assertTrue(handler.isApproved(request, new TestAuthentication("marissa", true)));
}
Also used :
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
Test(org.junit.Test)
Example 17 with AuthorizationRequest
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class TokenApprovalStoreTests method addApprovals.
@Override
protected boolean addApprovals(Collection<Approval> approvals) {
Map<String, Map<String, Set<String>>> clientIds = new HashMap<String, Map<String, Set<String>>>();
for (Approval approval : approvals) {
String clientId = approval.getClientId();
if (!clientIds.containsKey(clientId)) {
clientIds.put(clientId, new HashMap<String, Set<String>>());
}
String userId = approval.getUserId();
Map<String, Set<String>> users = clientIds.get(clientId);
if (!users.containsKey(userId)) {
users.put(userId, new HashSet<String>());
}
Set<String> scopes = users.get(userId);
scopes.add(approval.getScope());
}
for (String clientId : clientIds.keySet()) {
Map<String, Set<String>> users = clientIds.get(clientId);
for (String userId : users.keySet()) {
Authentication user = new UsernamePasswordAuthenticationToken(userId, "N/A", AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
AuthorizationRequest authorizationRequest = new AuthorizationRequest();
authorizationRequest.setClientId(clientId);
Set<String> scopes = users.get(userId);
authorizationRequest.setScope(scopes);
OAuth2Request request = authorizationRequest.createOAuth2Request();
OAuth2Authentication authentication = new OAuth2Authentication(request, user);
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
token.setScope(scopes);
tokenStore.storeAccessToken(token, authentication);
}
}
return super.addApprovals(approvals);
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
HashMap(java.util.HashMap)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
HashMap(java.util.HashMap)
Map(java.util.Map)
Example 18 with AuthorizationRequest
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class TokenStoreUserApprovalHandlerTests method testBasicApproval.
@Test
public void testBasicApproval() {
HashMap<String, String> parameters = new HashMap<String, String>();
parameters.put(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
AuthorizationRequest request = new AuthorizationRequest(parameters, null, null, null, null, null, false, null, null, null);
// This is enough to be explicitly approved
request.setApproved(true);
assertTrue(handler.isApproved(request, new TestAuthentication("marissa", true)));
}
Also used :
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
HashMap(java.util.HashMap)
Test(org.junit.Test)
Example 19 with AuthorizationRequest
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class TokenStoreUserApprovalHandlerTests method testMemorizedApproval.
@Test
public void testMemorizedApproval() {
HashMap<String, String> parameters = new HashMap<String, String>();
parameters.put(OAuth2Utils.USER_OAUTH_APPROVAL, "false");
parameters.put("client_id", "foo");
AuthorizationRequest authorizationRequest = new AuthorizationRequest(parameters, null, "foo", null, null, null, false, null, null, null);
authorizationRequest.setApproved(false);
TestAuthentication userAuthentication = new TestAuthentication("marissa", true);
OAuth2Request storedOAuth2Request = requestFactory.createOAuth2Request(authorizationRequest);
tokenServices.createAccessToken(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
authorizationRequest = handler.checkForPreApproval(authorizationRequest, userAuthentication);
assertTrue(handler.isApproved(authorizationRequest, userAuthentication));
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
HashMap(java.util.HashMap)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Test(org.junit.Test)
Example 20 with AuthorizationRequest
use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.
the class ApprovalStoreUserApprovalHandlerTests method testApprovalLongExpiry.
@Test
public void testApprovalLongExpiry() throws Exception {
handler.setApprovalExpiryInSeconds(365 * 24 * 60 * 60);
AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
authorizationRequest.setApprovalParameters(Collections.singletonMap("scope.read", "approved"));
AuthorizationRequest result = handler.updateAfterApproval(authorizationRequest, userAuthentication);
assertTrue(handler.isApproved(result, userAuthentication));
}
Also used :
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
Test(org.junit.Test)
Aggregations
OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)101
Test (org.junit.jupiter.api.Test)87
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)69
Test (org.junit.Test)58
Authentication (org.springframework.security.core.Authentication)58
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)52
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)51
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)48
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)42
HashMap (java.util.HashMap)36
OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)21
MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)19
OAuth2AuthorizationExchange (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)19
ModelAndView (org.springframework.web.servlet.ModelAndView)18
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)16
HashSet (java.util.HashSet)15
OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)15
RedirectView (org.springframework.web.servlet.view.RedirectView)14
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)13
LinkedHashMap (java.util.LinkedHashMap)12
