Search in sources :

Example 1 with CustomOAuth2AccessToken

use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class RedisTokenStoreCustomTokenTests method testCustomToken.

@Test
public void testCustomToken() {
    OAuth2Request request = RequestTokenFactory.createOAuth2Request(CLIENT_ID, false);
    TestingAuthenticationToken authentication = new TestingAuthenticationToken("user", "password");
    String token = "access-token-" + UUID.randomUUID();
    OAuth2AccessToken oauth2AccessToken = new CustomOAuth2AccessToken(token);
    OAuth2Authentication oauth2Authentication = new OAuth2Authentication(request, authentication);
    tokenStore.storeAccessToken(oauth2AccessToken, oauth2Authentication);
    Collection<OAuth2AccessToken> tokens = tokenStore.findTokensByClientId(request.getClientId());
    assertNotNull(tokens);
    assertFalse(tokens.isEmpty());
    for (OAuth2AccessToken oAuth2AccessToken : tokens) {
        if (token.equals(oAuth2AccessToken.getValue())) {
            return;
        }
    }
    fail("No token found!");
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 2 with CustomOAuth2AccessToken

use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class RedisTokenStoreCustomTokenTests method testNotAllowedCustomToken.

@Test(expected = SerializationFailedException.class)
public void testNotAllowedCustomToken() {
    OAuth2Request request = RequestTokenFactory.createOAuth2Request(CLIENT_ID, false);
    TestingAuthenticationToken authentication = new TestingAuthenticationToken("user", "password");
    String token = "access-token-" + UUID.randomUUID();
    OAuth2AccessToken oauth2AccessToken = new CustomOAuth2AccessToken(token);
    OAuth2Authentication oauth2Authentication = new OAuth2Authentication(request, authentication);
    WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy();
    SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
    try {
        SerializationUtils.setSerializationStrategy(newStrategy);
        tokenStore.storeAccessToken(oauth2AccessToken, oauth2Authentication);
        tokenStore.findTokensByClientId(request.getClientId());
    } finally {
        SerializationUtils.setSerializationStrategy(oldStrategy);
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) SerializationStrategy(org.springframework.security.oauth2.common.util.SerializationStrategy) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Example 3 with CustomOAuth2AccessToken

use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JdbcTokenStoreTests method testCustomToken.

@Test
public void testCustomToken() {
    OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new CustomOAuth2AccessToken("customToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByUserName("test2");
    assertFalse(actualOAuth2AccessTokens.isEmpty());
    for (OAuth2AccessToken token : actualOAuth2AccessTokens) {
        if (expectedOAuth2AccessToken.equals(token)) {
            return;
        }
    }
    fail("No token found!");
}
Also used : CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) Test(org.junit.Test)

Example 4 with CustomOAuth2AccessToken

use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JdbcTokenStoreTests method testAllowedCustomTokenWithCustomStrategy.

@Test
public void testAllowedCustomTokenWithCustomStrategy() {
    OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test3", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new CustomOAuth2AccessToken("customToken");
    JdbcTokenStore tokenStore = getTokenStore();
    List<String> allowedClasses = new ArrayList<String>();
    allowedClasses.add("java.util.");
    allowedClasses.add("org.springframework.security.");
    allowedClasses.add("org.company.oauth2.CustomOAuth2AccessToken");
    allowedClasses.add("org.company.oauth2.CustomOAuth2Authentication");
    WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(allowedClasses);
    SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
    try {
        SerializationUtils.setSerializationStrategy(newStrategy);
        tokenStore.storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
        Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByUserName("test3");
        assertEquals(1, actualOAuth2AccessTokens.size());
        OAuth2AccessToken actualToken = actualOAuth2AccessTokens.iterator().next();
        assertEquals(expectedOAuth2AccessToken, actualToken);
    } finally {
        SerializationUtils.setSerializationStrategy(oldStrategy);
    }
}
Also used : CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) ArrayList(java.util.ArrayList) DefaultSerializationStrategy(org.springframework.security.oauth2.common.util.DefaultSerializationStrategy) SerializationStrategy(org.springframework.security.oauth2.common.util.SerializationStrategy) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) Test(org.junit.Test)

Example 5 with CustomOAuth2AccessToken

use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class RedisTokenStoreCustomTokenTests method testCustomTokenWithCustomSerializationStrategy.

@Test
public void testCustomTokenWithCustomSerializationStrategy() {
    OAuth2Request request = RequestTokenFactory.createOAuth2Request(CLIENT_ID, false);
    TestingAuthenticationToken authentication = new TestingAuthenticationToken("user", "password");
    OAuth2AccessToken oauth2AccessToken = new CustomOAuth2AccessToken("access-token-" + UUID.randomUUID());
    OAuth2Authentication oauth2Authentication = new CustomOAuth2Authentication(request, authentication);
    WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(ALLOWED_CLASSES);
    SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
    try {
        SerializationUtils.setSerializationStrategy(newStrategy);
        tokenStore.storeAccessToken(oauth2AccessToken, oauth2Authentication);
        OAuth2AccessToken token = tokenStore.getAccessToken(oauth2Authentication);
        assertNotNull(token);
        assertEquals(oauth2AccessToken, token);
    } finally {
        SerializationUtils.setSerializationStrategy(oldStrategy);
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) CustomOAuth2AccessToken(org.company.oauth2.CustomOAuth2AccessToken) CustomOAuth2Authentication(org.company.oauth2.CustomOAuth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) SerializationStrategy(org.springframework.security.oauth2.common.util.SerializationStrategy) WhitelistedSerializationStrategy(org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)13 CustomOAuth2AccessToken (org.company.oauth2.CustomOAuth2AccessToken)12 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)11 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)9 CustomOAuth2Authentication (org.company.oauth2.CustomOAuth2Authentication)8 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8 SerializationStrategy (org.springframework.security.oauth2.common.util.SerializationStrategy)7 WhitelistedSerializationStrategy (org.springframework.security.oauth2.common.util.WhitelistedSerializationStrategy)7 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)5 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)4 ArrayList (java.util.ArrayList)3 CustomAuthentication (org.company.oauth2.CustomAuthentication)3 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)3 Authentication (org.springframework.security.core.Authentication)3 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)3 DefaultSerializationStrategy (org.springframework.security.oauth2.common.util.DefaultSerializationStrategy)2 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)1 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)1