Examples with AuthorizationRequest org.maxkey.authz.oauth2.provider.AuthorizationRequest used on opensource projects

Example 1 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class DeviceEndpoint method readUserCode.

@PreAuthorize("hasRole('ROLE_USER')")
@RequestMapping(value = "/" + USER_URL + "/verify", method = RequestMethod.POST)
public String readUserCode(@RequestParam("user_code") String userCode, ModelMap model, HttpSession session) {
    // look up the request based on the user code
    DeviceCode dc = deviceCodeService.lookUpByUserCode(userCode);
    // we couldn't find the device code
    if (dc == null) {
        model.addAttribute("error", "noUserCode");
        return "requestUserCode";
    }
    // make sure the code hasn't expired yet
    if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) {
        model.addAttribute("error", "expiredUserCode");
        return "requestUserCode";
    }
    // make sure the device code hasn't already been approved
    if (dc.isApproved()) {
        model.addAttribute("error", "userCodeAlreadyApproved");
        return "requestUserCode";
    }
    ClientDetailsEntity client = clientService.loadClientByClientId(dc.getClientId());
    model.put("client", client);
    model.put("dc", dc);
    // pre-process the scopes
    Set<SystemScope> scopes = scopeService.fromStrings(dc.getScope());
    Set<SystemScope> sortedScopes = new LinkedHashSet<>(scopes.size());
    Set<SystemScope> systemScopes = scopeService.getAll();
    // sort scopes for display based on the inherent order of system scopes
    for (SystemScope s : systemScopes) {
        if (scopes.contains(s)) {
            sortedScopes.add(s);
        }
    }
    // add in any scopes that aren't system scopes to the end of the list
    sortedScopes.addAll(Sets.difference(scopes, systemScopes));
    model.put("scopes", sortedScopes);
    AuthorizationRequest authorizationRequest = oAuth2RequestFactory.createAuthorizationRequest(dc.getRequestParameters());
    session.setAttribute("authorizationRequest", authorizationRequest);
    session.setAttribute("deviceCode", dc);
    return "approveDevice";
}

Example 2 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project OpenID-Connect-Java-Spring-Server by mitreid-connect.

the class DeviceEndpoint method approveDevice.

@PreAuthorize("hasRole('ROLE_USER')")
@RequestMapping(value = "/" + USER_URL + "/approve", method = RequestMethod.POST)
public String approveDevice(@RequestParam("user_code") String userCode, @RequestParam(value = "user_oauth_approval") Boolean approve, ModelMap model, Authentication auth, HttpSession session) {
    AuthorizationRequest authorizationRequest = (AuthorizationRequest) session.getAttribute("authorizationRequest");
    DeviceCode dc = (DeviceCode) session.getAttribute("deviceCode");
    // make sure the form that was submitted is the one that we were expecting
    if (!dc.getUserCode().equals(userCode)) {
        model.addAttribute("error", "userCodeMismatch");
        return "requestUserCode";
    }
    // make sure the code hasn't expired yet
    if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) {
        model.addAttribute("error", "expiredUserCode");
        return "requestUserCode";
    }
    ClientDetailsEntity client = clientService.loadClientByClientId(dc.getClientId());
    model.put("client", client);
    // user did not approve
    if (!approve) {
        model.addAttribute("approved", false);
        return "deviceApproved";
    }
    // create an OAuth request for storage
    OAuth2Request o2req = oAuth2RequestFactory.createOAuth2Request(authorizationRequest);
    OAuth2Authentication o2Auth = new OAuth2Authentication(o2req, auth);
    DeviceCode approvedCode = deviceCodeService.approveDeviceCode(dc, o2Auth);
    // pre-process the scopes
    Set<SystemScope> scopes = scopeService.fromStrings(dc.getScope());
    Set<SystemScope> sortedScopes = new LinkedHashSet<>(scopes.size());
    Set<SystemScope> systemScopes = scopeService.getAll();
    // sort scopes for display based on the inherent order of system scopes
    for (SystemScope s : systemScopes) {
        if (scopes.contains(s)) {
            sortedScopes.add(s);
        }
    }
    // add in any scopes that aren't system scopes to the end of the list
    sortedScopes.addAll(Sets.difference(scopes, systemScopes));
    model.put("scopes", sortedScopes);
    model.put("approved", true);
    return "deviceApproved";
}

Example 3 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class CheckTokenEndpointTests method testClientWildcard.

@Test
public void testClientWildcard() throws Exception {
    BaseClientDetails client = new BaseClientDetails("client", "zones", "zones.*.admin", "authorization_code, password", "scim.read, scim.write", "http://localhost:8080/uaa");
    client.setAutoApproveScopes(Collections.singletonList("zones.*.admin"));
    Map<String, BaseClientDetails> clientDetailsStore = Collections.singletonMap("client", client);
    clientDetailsService.setClientDetailsStore(IdentityZoneHolder.get().getId(), clientDetailsStore);
    tokenServices.setClientDetailsService(clientDetailsService);
    authorizationRequest = new AuthorizationRequest("client", Collections.singleton("zones.myzone.admin"));
    authorizationRequest.setResourceIds(new HashSet<>(Arrays.asList("client", "zones")));
    authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), UaaAuthenticationTestFactory.getAuthentication(userId, userName, "olds@vmware.com"));
    endpoint.checkToken(tokenServices.createAccessToken(authentication).getValue(), Collections.emptyList(), request);
}

Example 4 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class LoginAuthenticationManagerTests method setUp.

@BeforeEach
void setUp() {
    publisher = TestApplicationEventPublisher.forEventClass(IdentityProviderAuthenticationSuccessEvent.class);
    mockIdentityZoneManager = mock(IdentityZoneManager.class);
    manager = new LoginAuthenticationManager(mockIdentityZoneManager);
    manager.setApplicationEventPublisher(publisher);
    userDatabase = mock(UaaUserDatabase.class);
    manager.setUserDatabase(userDatabase);
    OAuth2Authentication oauth2Authentication = new OAuth2Authentication(new AuthorizationRequest("client", Arrays.asList("read", "write")).createOAuth2Request(), null);
    SecurityContextImpl context = new SecurityContextImpl();
    context.setAuthentication(oauth2Authentication);
    SecurityContextHolder.setContext(context);
}

Example 5 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class PasswordChangeEventPublisherTests method setUp.

@BeforeEach
void setUp() {
    mockScimUserProvisioning = mock(ScimUserProvisioning.class);
    mockApplicationEventPublisher = mock(ApplicationEventPublisher.class);
    mockIdentityZoneManager = mock(IdentityZoneManager.class);
    currentZoneId = "currentZoneId-" + RandomStringUtils.random(8);
    subject = new PasswordChangeEventPublisher(mockScimUserProvisioning, mockIdentityZoneManager);
    subject.setApplicationEventPublisher(mockApplicationEventPublisher);
    authentication = new OAuth2Authentication(new AuthorizationRequest("client", Collections.singletonList("read")).createOAuth2Request(), UaaPasswordTestFactory.getAuthentication("ID", "joe", "joe@test.org"));
    SecurityContextHolder.getContext().setAuthentication(authentication);
}