Examples with ClientDetails org.springframework.security.oauth2.provider.ClientDetails used on opensource projects

Example 1 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project ORCID-Source by ORCID.

the class T2OrcidApiServiceDelegatorImpl method setSponsorFromAuthentication.

public void setSponsorFromAuthentication(OrcidProfile profile) {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (profile.getOrcidHistory() == null) {
        OrcidHistory orcidHistory = new OrcidHistory();
        orcidHistory.setCreationMethod(CreationMethod.API);
        profile.setOrcidHistory(orcidHistory);
    }
    profile.getOrcidHistory().setSubmissionDate(new SubmissionDate(DateUtils.convertToXMLGregorianCalendar(new Date())));
    if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
        OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
        Source sponsor = new Source();
        String sponsorId = authorizationRequest.getClientId();
        ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(sponsorId);
        if (clientDetails != null) {
            sponsor.setSourceName(new SourceName(clientDetails.getClientName()));
            if (OrcidStringUtils.isClientId(sponsorId)) {
                sponsor.setSourceClientId(new SourceClientId(sponsorId));
            } else {
                sponsor.setSourceOrcid(new SourceOrcid(sponsorId));
            }
        }
        profile.getOrcidHistory().setSource(sponsor);
    }
}

Example 2 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method testReissuedAccessTokenHasUpdatedExpiration.

@Test
public void testReissuedAccessTokenHasUpdatedExpiration() throws InterruptedException {
    Date earliestExpiry = oneHoursTime();
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date latestExpiry = oneHoursTime();
    assertNotNull(oauth2AccessToken);
    assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
    Thread.sleep(1000);
    earliestExpiry = oneHoursTime();
    OAuth2AccessToken reissuedOauth2AccessToken = tokenServices.createAccessToken(authentication);
    latestExpiry = oneHoursTime();
    assertNotNull(reissuedOauth2AccessToken);
    assertFalse(reissuedOauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(reissuedOauth2AccessToken.getExpiration().after(latestExpiry));
}

Example 3 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method testCreateAddWorkAccessToken.

@Test
public void testCreateAddWorkAccessToken() {
    Date earliestExpiry = oneHoursTime();
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date latestExpiry = oneHoursTime();
    assertNotNull(oauth2AccessToken);
    assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
}

Example 4 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method testResourceServerOverride.

@Test
public void testResourceServerOverride() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(AuthorizationAndResourceServerConfiguration.class, CustomResourceServer.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    ClientDetails config = this.context.getBean(ClientDetails.class);
    assertThat(countBeans(AUTHORIZATION_SERVER_CONFIG)).isEqualTo(1);
    assertThat(countBeans(CustomResourceServer.class)).isEqualTo(1);
    assertThat(countBeans(RESOURCE_SERVER_CONFIG)).isEqualTo(1);
    verifyAuthentication(config);
}

Example 5 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method testJsr250SecurityAnnotationOverride.

@Test
public void testJsr250SecurityAnnotationOverride() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(Jsr250EnabledConfiguration.class, MinimalSecureWebApplication.class);
    this.context.refresh();
    this.context.getBean(OAuth2MethodSecurityConfiguration.class);
    ClientDetails config = this.context.getBean(ClientDetails.class);
    DelegatingMethodSecurityMetadataSource source = this.context.getBean(DelegatingMethodSecurityMetadataSource.class);
    List<MethodSecurityMetadataSource> sources = source.getMethodSecurityMetadataSources();
    assertThat(sources.size()).isEqualTo(1);
    assertThat(sources.get(0).getClass().getName()).isEqualTo(Jsr250MethodSecurityMetadataSource.class.getName());
    verifyAuthentication(config, HttpStatus.OK);
}