use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class JdbcTokenStoreTests method testCustomToken.
@Test
public void testCustomToken() {
OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
OAuth2AccessToken expectedOAuth2AccessToken = new CustomOAuth2AccessToken("customToken");
getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByUserName("test2");
assertFalse(actualOAuth2AccessTokens.isEmpty());
for (OAuth2AccessToken token : actualOAuth2AccessTokens) {
if (expectedOAuth2AccessToken.equals(token)) {
return;
}
}
fail("No token found!");
}
use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class JdbcTokenStoreTests method testAllowedCustomTokenWithCustomStrategy.
@Test
public void testAllowedCustomTokenWithCustomStrategy() {
OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test3", false));
OAuth2AccessToken expectedOAuth2AccessToken = new CustomOAuth2AccessToken("customToken");
JdbcTokenStore tokenStore = getTokenStore();
List<String> allowedClasses = new ArrayList<String>();
allowedClasses.add("java.util.");
allowedClasses.add("org.springframework.security.");
allowedClasses.add("org.company.oauth2.CustomOAuth2AccessToken");
allowedClasses.add("org.company.oauth2.CustomOAuth2Authentication");
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(allowedClasses);
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
tokenStore.storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByUserName("test3");
assertEquals(1, actualOAuth2AccessTokens.size());
OAuth2AccessToken actualToken = actualOAuth2AccessTokens.iterator().next();
assertEquals(expectedOAuth2AccessToken, actualToken);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class RedisTokenStoreCustomTokenTests method testCustomTokenWithCustomSerializationStrategy.
@Test
public void testCustomTokenWithCustomSerializationStrategy() {
OAuth2Request request = RequestTokenFactory.createOAuth2Request(CLIENT_ID, false);
TestingAuthenticationToken authentication = new TestingAuthenticationToken("user", "password");
OAuth2AccessToken oauth2AccessToken = new CustomOAuth2AccessToken("access-token-" + UUID.randomUUID());
OAuth2Authentication oauth2Authentication = new CustomOAuth2Authentication(request, authentication);
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy(ALLOWED_CLASSES);
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
tokenStore.storeAccessToken(oauth2AccessToken, oauth2Authentication);
OAuth2AccessToken token = tokenStore.getAccessToken(oauth2Authentication);
assertNotNull(token);
assertEquals(oauth2AccessToken, token);
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class JdbcAuthorizationCodeServicesTests method testCustomImplementation.
@Test
public void testCustomImplementation() {
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
OAuth2Authentication expectedAuthentication = new CustomOAuth2Authentication(storedOAuth2Request, new CustomAuthentication("test2", false));
String code = getAuthorizationCodeServices().createAuthorizationCode(expectedAuthentication);
assertNotNull(code);
OAuth2Authentication actualAuthentication = getAuthorizationCodeServices().consumeAuthorizationCode(code);
assertEquals(expectedAuthentication, actualAuthentication);
}
use of org.company.oauth2.CustomOAuth2Authentication in project spring-security-oauth by spring-projects.
the class JdbcTokenStoreTests method testNotAllowedCustomTokenWithCustomStrategy.
@Test
public void testNotAllowedCustomTokenWithCustomStrategy() {
OAuth2Authentication authentication = new CustomOAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new CustomAuthentication("test4", false));
OAuth2AccessToken accessToken = new CustomOAuth2AccessToken("customToken");
JdbcTokenStore tokenStore = getTokenStore();
WhitelistedSerializationStrategy newStrategy = new WhitelistedSerializationStrategy();
SerializationStrategy oldStrategy = SerializationUtils.getSerializationStrategy();
try {
SerializationUtils.setSerializationStrategy(newStrategy);
tokenStore.storeAccessToken(accessToken, authentication);
Collection<OAuth2AccessToken> tokens = tokenStore.findTokensByUserName("test4");
assertTrue(tokens.isEmpty());
} finally {
SerializationUtils.setSerializationStrategy(oldStrategy);
}
}
Aggregations