Examples with OAuth2Request org.springframework.security.oauth2.provider.OAuth2Request used on opensource projects

Search in sources :

Example 1 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class T2OrcidApiServiceDelegatorImpl method setSponsorFromAuthentication.

public void setSponsorFromAuthentication(OrcidProfile profile) {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (profile.getOrcidHistory() == null) {
        OrcidHistory orcidHistory = new OrcidHistory();
        orcidHistory.setCreationMethod(CreationMethod.API);
        profile.setOrcidHistory(orcidHistory);
    }
    profile.getOrcidHistory().setSubmissionDate(new SubmissionDate(DateUtils.convertToXMLGregorianCalendar(new Date())));
    if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
        OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
        Source sponsor = new Source();
        String sponsorId = authorizationRequest.getClientId();
        ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(sponsorId);
        if (clientDetails != null) {
            sponsor.setSourceName(new SourceName(clientDetails.getClientName()));
            if (OrcidStringUtils.isClientId(sponsorId)) {
                sponsor.setSourceClientId(new SourceClientId(sponsorId));
            } else {
                sponsor.setSourceOrcid(new SourceOrcid(sponsorId));
            }
        }
        profile.getOrcidHistory().setSource(sponsor);
    }
}
Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OrcidHistory(org.orcid.jaxb.model.message.OrcidHistory) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) SourceClientId(org.orcid.jaxb.model.message.SourceClientId) SourceName(org.orcid.jaxb.model.message.SourceName) SourceOrcid(org.orcid.jaxb.model.message.SourceOrcid) SubmissionDate(org.orcid.jaxb.model.message.SubmissionDate) Date(java.util.Date) SubmissionDate(org.orcid.jaxb.model.message.SubmissionDate) Source(org.orcid.jaxb.model.message.Source)

Example 2 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method testReissuedAccessTokenHasUpdatedExpiration.

@Test
public void testReissuedAccessTokenHasUpdatedExpiration() throws InterruptedException {
    Date earliestExpiry = oneHoursTime();
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date latestExpiry = oneHoursTime();
    assertNotNull(oauth2AccessToken);
    assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
    Thread.sleep(1000);
    earliestExpiry = oneHoursTime();
    OAuth2AccessToken reissuedOauth2AccessToken = tokenServices.createAccessToken(authentication);
    latestExpiry = oneHoursTime();
    assertNotNull(reissuedOauth2AccessToken);
    assertFalse(reissuedOauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(reissuedOauth2AccessToken.getExpiration().after(latestExpiry));
}
Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) HashMap(java.util.HashMap) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) Authentication(org.springframework.security.core.Authentication) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Date(java.util.Date) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 3 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method testCreateAddWorkAccessToken.

@Test
public void testCreateAddWorkAccessToken() {
    Date earliestExpiry = oneHoursTime();
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date latestExpiry = oneHoursTime();
    assertNotNull(oauth2AccessToken);
    assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
}
Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) HashMap(java.util.HashMap) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) Authentication(org.springframework.security.core.Authentication) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Date(java.util.Date) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 4 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceTest method testReadAuthentication.

@Test
@Transactional
public void testReadAuthentication() throws Exception {
    OAuth2Authentication oAuth2Authentication = orcidTokenStoreService.readAuthentication("persistent-token-2");
    assertNotNull(oAuth2Authentication);
    OAuth2Request oAuth2Request = oAuth2Authentication.getOAuth2Request();
    assertNotNull(oAuth2Request);
    Object principal = oAuth2Authentication.getPrincipal();
    assertNotNull(principal);
    assertTrue(!oAuth2Authentication.isClientOnly());
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 5 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidSecurityManagerImpl method isNonClientCredentialScope.

private boolean isNonClientCredentialScope(OAuth2Authentication oAuth2Authentication) {
    OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
    Set<String> requestedScopes = ScopePathType.getCombinedScopesFromStringsAsStrings(authorizationRequest.getScope());
    for (String scopeName : requestedScopes) {
        ScopePathType scopePathType = ScopePathType.fromValue(scopeName);
        if (!scopePathType.isClientCreditalScope()) {
            return true;
        }
    }
    return false;
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ScopePathType(org.orcid.jaxb.model.message.ScopePathType)

Aggregations

OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)120 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)93 Authentication (org.springframework.security.core.Authentication)66 Test (org.junit.Test)58 HashMap (java.util.HashMap)23 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)23 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)21 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)15 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)14 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)13 HashSet (java.util.HashSet)12 Date (java.util.Date)11 Expression (org.springframework.expression.Expression)10 DBUnitTest (org.orcid.test.DBUnitTest)8 EvaluationContext (org.springframework.expression.EvaluationContext)8 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)8 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)8 MethodInvocation (org.aopalliance.intercept.MethodInvocation)7 OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)7 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial