Examples with Gw2AuthUser com.gw2auth.oauth2.server.service.user.Gw2AuthUser used on opensource projects

Search in sources :

Example 1 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class ClientAuthorizationController method getClientAuthorizations.

@GetMapping(value = "/api/client/authorization/{clientId}", produces = MediaType.APPLICATION_JSON_VALUE)
public List<ClientAuthorizationResponse> getClientAuthorizations(@AuthenticationPrincipal Gw2AuthUser user, @PathVariable("clientId") UUID clientId) {
    final List<ClientAuthorization> clientAuthorizations = this.clientAuthorizationService.getClientAuthorizations(user.getAccountId(), clientId);
    // get all gw2-account ids for batch lookup
    final Set<UUID> gw2AccountIds = clientAuthorizations.stream().flatMap((v) -> v.gw2AccountIds().stream()).collect(Collectors.toSet());
    final Map<UUID, ApiToken> apiTokenByGw2AccountId = this.apiTokenService.getApiTokens(user.getAccountId(), gw2AccountIds).stream().collect(Collectors.toMap(ApiToken::gw2AccountId, Function.identity()));
    final List<ClientAuthorizationResponse> result = new ArrayList<>(clientAuthorizations.size());
    for (ClientAuthorization clientAuthorization : clientAuthorizations) {
        final List<ClientAuthorizationResponse.Token> tokens = new ArrayList<>(clientAuthorization.gw2AccountIds().size());
        for (UUID gw2AccountId : clientAuthorization.gw2AccountIds()) {
            final ApiToken apiToken = apiTokenByGw2AccountId.get(gw2AccountId);
            if (apiToken != null) {
                tokens.add(new ClientAuthorizationResponse.Token(gw2AccountId, apiToken.displayName()));
            }
        }
        result.add(ClientAuthorizationResponse.create(clientAuthorization, tokens));
    }
    return result;
}
Also used : Gw2AuthUser(com.gw2auth.oauth2.server.service.user.Gw2AuthUser) PathVariable(org.springframework.web.bind.annotation.PathVariable) AbstractRestController(com.gw2auth.oauth2.server.web.AbstractRestController) java.util(java.util) ApiTokenService(com.gw2auth.oauth2.server.service.apitoken.ApiTokenService) ClientAuthorizationService(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorizationService) MediaType(org.springframework.http.MediaType) Autowired(org.springframework.beans.factory.annotation.Autowired) RestController(org.springframework.web.bind.annotation.RestController) Function(java.util.function.Function) Collectors(java.util.stream.Collectors) HttpStatus(org.springframework.http.HttpStatus) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken) AuthenticationPrincipal(org.springframework.security.core.annotation.AuthenticationPrincipal) GetMapping(org.springframework.web.bind.annotation.GetMapping) ResponseEntity(org.springframework.http.ResponseEntity) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) DeleteMapping(org.springframework.web.bind.annotation.DeleteMapping) ClientAuthorization(com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken) ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 2 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class ClientConsentController method getClientConsents.

@GetMapping(value = "/api/client/consent", produces = MediaType.APPLICATION_JSON_VALUE)
public List<ClientConsentResponse> getClientConsents(@AuthenticationPrincipal Gw2AuthUser user) {
    final List<ClientConsent> clientConsents = this.clientConsentService.getClientConsents(user.getAccountId());
    // get all client registration ids for batch lookup
    final Set<Long> clientRegistrationIds = clientConsents.stream().map(ClientConsent::clientRegistrationId).collect(Collectors.toSet());
    final Map<Long, ClientRegistration> clientRegistrationById = this.clientRegistrationService.getClientRegistrations(clientRegistrationIds).stream().collect(Collectors.toMap(ClientRegistration::id, Function.identity()));
    final List<ClientConsentResponse> result = new ArrayList<>(clientConsents.size());
    for (ClientConsent clientConsent : clientConsents) {
        final ClientRegistration clientRegistration = clientRegistrationById.get(clientConsent.clientRegistrationId());
        // only happens if theres a race, but dont want to add locks here
        if (clientRegistration != null) {
            result.add(ClientConsentResponse.create(clientConsent, clientRegistration));
        }
    }
    return result;
}
Also used : ClientRegistration(com.gw2auth.oauth2.server.service.client.registration.ClientRegistration) ClientConsent(com.gw2auth.oauth2.server.service.client.consent.ClientConsent)

Example 3 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class AbstractUserService method loadUser.

protected Gw2AuthUser loadUser(OAuth2UserRequest userRequest, OAuth2User user) throws OAuth2AuthenticationException {
    final HttpSession session = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest().getSession(false);
    final String issuer = userRequest.getClientRegistration().getRegistrationId();
    final String idAtIssuer = user.getName();
    final Gw2AuthUser currentlyLoggedInUser = AuthenticationHelper.getUser().orElse(null);
    boolean addFederation = false;
    // check if the user tried to add this federation
    if (session != null) {
        final Object addAuthProviderValue = session.getAttribute(ADD_FEDERATION_SESSION_KEY);
        session.removeAttribute(ADD_FEDERATION_SESSION_KEY);
        if (issuer.equals(addAuthProviderValue)) {
            addFederation = true;
        }
    }
    Account account = null;
    if (addFederation) {
        // if this federation should be added, only allow if the user is currently logged in
        if (currentlyLoggedInUser != null) {
            final Account resultAccount = this.accountService.addAccountFederationOrReturnExisting(currentlyLoggedInUser.getAccountId(), issuer, idAtIssuer);
            // only allow if this federation was not yet linked to another account
            if (resultAccount.id() == currentlyLoggedInUser.getAccountId()) {
                account = resultAccount;
            }
        }
    } else {
        // if no federation should be added (normal login), only allow if the user is not currently logged in
        if (currentlyLoggedInUser == null) {
            account = this.accountService.getOrCreateAccount(issuer, idAtIssuer);
        }
    }
    if (account == null) {
        throw new OAuth2AuthenticationException(new OAuth2Error(OAuth2ErrorCodes.ACCESS_DENIED));
    }
    return new Gw2AuthUser(user, account.id(), new Pair<>(issuer, idAtIssuer));
}
Also used : Account(com.gw2auth.oauth2.server.service.account.Account) HttpSession(javax.servlet.http.HttpSession) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)

Example 4 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class ApiTokenController method addApiToken.

@PostMapping(value = "/api/token", produces = MediaType.APPLICATION_JSON_VALUE)
public ApiTokenResponse addApiToken(@AuthenticationPrincipal Gw2AuthUser user, @RequestBody String token) {
    final ApiToken apiToken = this.apiTokenService.addApiToken(user.getAccountId(), token);
    final boolean isVerified = this.verificationService.getVerifiedAccountId(apiToken.gw2AccountId()).orElse(-1L) == user.getAccountId();
    return ApiTokenResponse.create(apiToken, isVerified, List.of());
}
Also used : ApiToken(com.gw2auth.oauth2.server.service.apitoken.ApiToken)

Example 5 with Gw2AuthUser

use of com.gw2auth.oauth2.server.service.user.Gw2AuthUser in project oauth2-server by gw2auth.

the class OAuth2TokenCustomizerService method customize.

@Override
@Transactional
public void customize(JwtEncodingContext ctx) {
    if (ctx.getTokenType().equals(OAuth2TokenType.ACCESS_TOKEN)) {
        final OAuth2Authorization authorization = ctx.getAuthorization();
        // the client of the application the user wants to access
        final RegisteredClient registeredClient = ctx.getRegisteredClient();
        final OAuth2AuthenticationToken auth = ctx.getPrincipal();
        // the user
        final OAuth2User oAuth2User = auth.getPrincipal();
        if (authorization != null && oAuth2User instanceof Gw2AuthUser) {
            final long accountId = ((Gw2AuthUser) oAuth2User).getAccountId();
            final long clientRegistrationId = Long.parseLong(registeredClient.getId());
            customize(ctx, authorization.getId(), accountId, clientRegistrationId);
        } else {
            throw new OAuth2AuthenticationException(new OAuth2Error(OAuth2ErrorCodes.SERVER_ERROR));
        }
    }
}
Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) OAuth2Authorization(org.springframework.security.oauth2.server.authorization.OAuth2Authorization) OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) Gw2AuthUser(com.gw2auth.oauth2.server.service.user.Gw2AuthUser) RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

ApiToken (com.gw2auth.oauth2.server.service.apitoken.ApiToken)5 ClientAuthorization (com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorization)4 Gw2AuthUser (com.gw2auth.oauth2.server.service.user.Gw2AuthUser)4 ApiTokenService (com.gw2auth.oauth2.server.service.apitoken.ApiTokenService)3 ClientAuthorizationService (com.gw2auth.oauth2.server.service.client.authorization.ClientAuthorizationService)3 ClientRegistration (com.gw2auth.oauth2.server.service.client.registration.ClientRegistration)3 AbstractRestController (com.gw2auth.oauth2.server.web.AbstractRestController)3 Collectors (java.util.stream.Collectors)3 Autowired (org.springframework.beans.factory.annotation.Autowired)3 MediaType (org.springframework.http.MediaType)3 AuthenticationPrincipal (org.springframework.security.core.annotation.AuthenticationPrincipal)3 ClientRegistrationService (com.gw2auth.oauth2.server.service.client.registration.ClientRegistrationService)2 VerificationService (com.gw2auth.oauth2.server.service.verification.VerificationService)2 java.util (java.util)2 Function (java.util.function.Function)2 HttpStatus (org.springframework.http.HttpStatus)2 ResponseEntity (org.springframework.http.ResponseEntity)2 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)2 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)2 OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial