use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JdbcClientTokenServicesTests method testSaveAndRetrieveCustomTokenWithCustomSerializationStrategy.
@Test
public void testSaveAndRetrieveCustomTokenWithCustomSerializationStrategy() {
List<String> allowedClasses = new ArrayList<String>();
allowedClasses.add("java.util.");
allowedClasses.add("org.springframework.security.");
allowedClasses.add("org.company.oauth2.CustomOAuth2AccessToken");
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(allowedClasses);
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
OAuth2AccessToken accessToken = new CustomOAuth2AccessToken("FOO");
Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setClientId("client");
resource.setScope(Arrays.asList("foo", "bar"));
tokenStore.saveAccessToken(resource, authentication, accessToken);
OAuth2AccessToken result = tokenStore.getAccessToken(resource, authentication);
assertNotNull(result);
assertEquals(accessToken, result);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JdbcClientTokenServicesTests method testSaveAndRetrieveNotAllowedCustomToken.
@Test(expected = IllegalArgumentException.class)
public void testSaveAndRetrieveNotAllowedCustomToken() {
OAuth2AccessToken accessToken = new CustomOAuth2AccessToken("FOO");
Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setClientId("client");
resource.setScope(Arrays.asList("foo", "bar"));
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy();
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
tokenStore.saveAccessToken(resource, authentication, accessToken);
tokenStore.getAccessToken(resource, authentication);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JdbcClientTokenServicesTests method testSaveAndRetrieveCustomToken.
@Test
public void testSaveAndRetrieveCustomToken() {
OAuth2AccessToken accessToken = new CustomOAuth2AccessToken("FOO");
Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setClientId("client");
resource.setScope(Arrays.asList("foo", "bar"));
tokenStore.saveAccessToken(resource, authentication, accessToken);
OAuth2AccessToken result = tokenStore.getAccessToken(resource, authentication);
assertNotNull(result);
assertEquals(accessToken, result);
}
use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JdbcTokenStoreTests method testNotAllowedCustomTokenWithCustomStrategy.
@Test
public void testNotAllowedCustomTokenWithCustomStrategy() {
OAuth2Authentication authentication = new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new CustomAuthentication("test4", false));
OAuth2AccessToken accessToken = new CustomOAuth2AccessToken("customToken");
JdbcTokenStore tokenStore = getTokenStore();
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy();
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
tokenStore.storeAccessToken(accessToken, authentication);
Collection<OAuth2AccessToken> tokens = tokenStore.findTokensByUserName("test4");
assertTrue(tokens.isEmpty());
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JdbcAuthorizationCodeServicesTests method testCustomImplementationWithCustomStrategy.
@Test
public void testCustomImplementationWithCustomStrategy() {
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(storedOAuth2Request, new CustomAuthentication("test3", false));
AuthorizationCodeServices jdbcAuthorizationCodeServices = getAuthorizationCodeServices();
List<String> allowedClasses = new ArrayList<String>();
allowedClasses.add("java.util.");
allowedClasses.add("org.springframework.security.");
allowedClasses.add("org.company.oauth2.CustomOAuth2AccessToken");
allowedClasses.add("org.company.oauth2.CustomOAuth2Authentication");
allowedClasses.add("org.company.oauth2.CustomAuthentication");
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(allowedClasses);
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
String code = jdbcAuthorizationCodeServices.createAuthorizationCode(expectedAuthentication);
assertNotNull(code);
OAuth2Authentication actualAuthentication = getAuthorizationCodeServices().consumeAuthorizationCode(code);
assertEquals(expectedAuthentication, actualAuthentication);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
Aggregations