Example 1 with OAuthPartner
use of com.oauth.server.dto.OAuthPartner in project alexa-oauth-sample by alexa-samples.
the class SampleDataLoader method loadSampleData.
public void loadSampleData() {
OAuthClientDetails testAlexaClient = OAuthClientDetails.builder().clientId("test_alexa_client").clientSecret(passwordEncoder.encode("test_client_secret")).scopes("profile").webServerRedirectUri("https://pitangui.amazon.com/api/skill/link/M3KVOEXUO4ALBL").accessTokenValidity(3600).refreshTokenValidity(0).authorizedGrantTypes("implicit,authorization_code,refresh_token").build();
OAuthClientDetails adminClient = OAuthClientDetails.builder().clientId("test_admin_client").clientSecret(passwordEncoder.encode("test_client_secret")).scopes("test_scope").webServerRedirectUri("http://localhost:5000/redirect").accessTokenValidity(3600).refreshTokenValidity(0).authorities(RoleEnum.ROLE_CLIENT_ADMIN.name()).authorizedGrantTypes("client_credentials,implicit,authorization_code,password,refresh_token").build();
OAuthPartner testAlexaPartner = OAuthPartner.builder().partnerId("test_alexa_client").clientId("amzn1.application-oa2-client.0897266ee6fb480ead86d615e2653558").clientSecret("8241c286e8eb9c9741ce5b9e009c892f0bd4d603b21e51dc37efb5981245191a").scopes("alexa::health:profile:write").accessTokenUri("https://api.amazon.com/auth/o2/token").userAuthorizationUri("https://www.amazon.com/ap/oa").preEstablishedRedirectUri("").build();
dynamoDBMapper.batchSave(ImmutableList.of(testAlexaClient, adminClient, testAlexaPartner));
}
Also used :
OAuthPartner(com.oauth.server.dto.OAuthPartner)
OAuthClientDetails(com.oauth.server.dto.OAuthClientDetails)
Example 2 with OAuthPartner
use of com.oauth.server.dto.OAuthPartner in project alexa-oauth-sample by alexa-samples.
the class ReciprocalAuthorizationEndpoint method postReciprocalCode.
@RequestMapping(value = "/api/reciprocal/authorize", method = RequestMethod.POST)
public void postReciprocalCode(@RequestBody @RequestParam final Map<String, String> parameters) {
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
String grantType = parameters.get("grant_type");
// It is not the client_id we got from partner, but the client id we vend out to partner (partnerId).
String partnerId = parameters.get("client_id");
String authorizationCode = parameters.get("code");
if (!StringUtils.equals(grantType, GRANT_TYPE)) {
throw new UnsupportedGrantTypeException("Only reciprocal_authorization_code is supported in this endpoint");
}
OAuthPartner partner = partnerDetailsRepository.loadPartnerByPartnerId(partnerId);
if (partner == null) {
throw new NoSuchClientException("Invalid partner id: " + partnerId);
}
OAuth2ProtectedResourceDetails resourceDetails = partner.toProtectedResourceDetails();
AuthorizationCodeAccessTokenProvider tokenProvider = new AuthorizationCodeAccessTokenProvider();
tokenProvider.setStateMandatory(false);
OAuth2AccessToken accessToken = tokenProvider.obtainAccessToken(resourceDetails, createAccessTokenRequest(authorizationCode));
partnerTokenRepository.saveAccessToken(resourceDetails, auth, accessToken);
}
Also used :
Authentication(org.springframework.security.core.Authentication)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuthPartner(com.oauth.server.dto.OAuthPartner)
AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)
OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)
UnsupportedGrantTypeException(org.springframework.security.oauth2.common.exceptions.UnsupportedGrantTypeException)
NoSuchClientException(org.springframework.security.oauth2.provider.NoSuchClientException)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 3 with OAuthPartner
use of com.oauth.server.dto.OAuthPartner in project alexa-oauth-sample by alexa-samples.
the class PartnersController method showEditForm.
@RequestMapping(value = "/form", method = RequestMethod.GET)
@PreAuthorize("hasRole('ROLE_ADMIN')")
public String showEditForm(@RequestParam(value = "partnerId", required = false) String partnerId, Model model) {
OAuthPartner partner;
if (partnerId != null) {
partner = partnerDetailsRepository.loadPartnerByPartnerId(partnerId);
} else {
partner = OAuthPartner.builder().build();
}
model.addAttribute("partner", partner);
return "partnerForm";
}
Also used :
OAuthPartner(com.oauth.server.dto.OAuthPartner)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 4 with OAuthPartner
use of com.oauth.server.dto.OAuthPartner in project alexa-oauth-sample by alexa-samples.
the class PartnerTokenEndpoint method getPartnerToken.
/**
* Endpoint to retrieve a client token from ClientTokenService.
*/
@RequestMapping(value = "/api/partner/token")
public OAuth2AccessToken getPartnerToken(@RequestParam final Map<String, String> parameters) {
final String userID = parameters.get("user_id");
final String partnerId = parameters.get("partner_id");
OAuthPartner partner = partnerDetailsService.loadPartnerByPartnerId(partnerId);
if (partner == null) {
throw new InvalidClientException("Invalid partner id: " + partnerId);
}
OAuth2ProtectedResourceDetails resourceDetails = partner.toProtectedResourceDetails();
OAuth2AccessToken accessToken = partnerTokenService.getAccessToken(resourceDetails, new UserIDAuthenticationToken(userID));
if (accessToken == null) {
throw new OAuth2Exception("No token found for user: " + userID);
} else {
accessToken = refreshClientToken(accessToken, resourceDetails);
}
partnerTokenService.removeAccessToken(resourceDetails, new UserIDAuthenticationToken(userID));
partnerTokenService.saveAccessToken(resourceDetails, new UserIDAuthenticationToken(userID), accessToken);
return accessToken;
}
Also used :
UserIDAuthenticationToken(com.oauth.server.authentication.UserIDAuthenticationToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuthPartner(com.oauth.server.dto.OAuthPartner)
InvalidClientException(org.springframework.security.oauth2.common.exceptions.InvalidClientException)
OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)
OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
OAuthPartner (com.oauth.server.dto.OAuthPartner)4
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)3
OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)2
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)2
UserIDAuthenticationToken (com.oauth.server.authentication.UserIDAuthenticationToken)1
OAuthClientDetails (com.oauth.server.dto.OAuthClientDetails)1
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)1
Authentication (org.springframework.security.core.Authentication)1
AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)1
InvalidClientException (org.springframework.security.oauth2.common.exceptions.InvalidClientException)1
OAuth2Exception (org.springframework.security.oauth2.common.exceptions.OAuth2Exception)1
UnsupportedGrantTypeException (org.springframework.security.oauth2.common.exceptions.UnsupportedGrantTypeException)1
NoSuchClientException (org.springframework.security.oauth2.provider.NoSuchClientException)1
