Example 1 with OauthAuthenticationToken
use of com.thoughtworks.go.server.security.OauthAuthenticationToken in project gocd by gocd.
the class OauthAuthenticationProvider method authenticate.
public OauthAuthenticationToken authenticate(Authentication authentication) throws AuthenticationException {
OauthAuthenticationToken authenticationToken = (OauthAuthenticationToken) authentication;
String token = authenticationToken.getCredentials();
OauthDataSource.OauthTokenDTO oauthToken = oauthDataSource.findOauthTokenByAccessToken(token);
if (oauthToken == null) {
throw new BadCredentialsException("No match for OAuth token: " + token);
}
String username = oauthToken.getUserId();
UserDetails user = new User(username, token, true, true, true, true, oauthAuthority());
return new OauthAuthenticationToken(user);
}
Also used :
UserDetails(org.springframework.security.userdetails.UserDetails)
User(org.springframework.security.userdetails.User)
BadCredentialsException(org.springframework.security.BadCredentialsException)
OauthDataSource(com.thoughtworks.go.server.oauth.OauthDataSource)
OauthAuthenticationToken(com.thoughtworks.go.server.security.OauthAuthenticationToken)
Example 2 with OauthAuthenticationToken
use of com.thoughtworks.go.server.security.OauthAuthenticationToken in project gocd by gocd.
the class OauthAuthenticationProviderTest method shouldReturnOAUTH_USERAsTheGrantedAuthority.
@Test
public void shouldReturnOAUTH_USERAsTheGrantedAuthority() {
when(dataSource.findOauthTokenByAccessToken("token-string")).thenReturn(oauthTokenDto("user-id"));
GrantedAuthority[] grantedAuthorities = { GoAuthority.ROLE_OAUTH_USER.asAuthority() };
OauthAuthenticationToken authentication = provider.authenticate(new OauthAuthenticationToken("token-string"));
assertThat(authentication.isAuthenticated(), is(true));
UserDetails userDetails = authentication.getPrincipal();
assertThat(userDetails.getUsername(), is("user-id"));
assertThat(userDetails.getAuthorities(), is(grantedAuthorities));
assertThat(authentication.getAuthorities(), is(grantedAuthorities));
}
Also used :
UserDetails(org.springframework.security.userdetails.UserDetails)
GrantedAuthority(org.springframework.security.GrantedAuthority)
OauthAuthenticationToken(com.thoughtworks.go.server.security.OauthAuthenticationToken)
Test(org.junit.Test)
Example 3 with OauthAuthenticationToken
use of com.thoughtworks.go.server.security.OauthAuthenticationToken in project gocd by gocd.
the class OauthAuthenticationProviderTest method shouldRaiseAuthenticationExceptionWhenNoMatchForTokenExists.
@Test
public void shouldRaiseAuthenticationExceptionWhenNoMatchForTokenExists() {
when(dataSource.findOauthTokenByAccessToken("token-string")).thenReturn(null);
try {
provider.authenticate(new OauthAuthenticationToken("token-string"));
fail("should have thrown an AuthenticationException");
} catch (AuthenticationException e) {
assertThat(e.getMessage(), is("No match for OAuth token: token-string"));
}
}
Also used :
AuthenticationException(org.springframework.security.AuthenticationException)
OauthAuthenticationToken(com.thoughtworks.go.server.security.OauthAuthenticationToken)
Test(org.junit.Test)
Aggregations
OauthAuthenticationToken (com.thoughtworks.go.server.security.OauthAuthenticationToken)3
Test (org.junit.Test)2
UserDetails (org.springframework.security.userdetails.UserDetails)2
OauthDataSource (com.thoughtworks.go.server.oauth.OauthDataSource)1
AuthenticationException (org.springframework.security.AuthenticationException)1
BadCredentialsException (org.springframework.security.BadCredentialsException)1
GrantedAuthority (org.springframework.security.GrantedAuthority)1
User (org.springframework.security.userdetails.User)1
