Examples with AuthorizationRequest org.maxkey.authz.oauth2.provider.AuthorizationRequest used on opensource projects

Search in sources :

Example 11 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class UaaTokenServicesTests method ensureJKUHeaderIsSetWhenBuildingAnAccessToken.

@Test
void ensureJKUHeaderIsSetWhenBuildingAnAccessToken() {
    AuthorizationRequest authorizationRequest = constructAuthorizationRequest(clientId, GRANT_TYPE_CLIENT_CREDENTIALS, Strings.split(clientScopes, ','));
    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), null);
    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);
    Jwt decode = JwtHelper.decode(accessToken.getValue());
    assertThat(decode.getHeader().getJku(), is("https://uaa.some.test.domain.com:555/uaa/token_keys"));
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Jwt(org.cloudfoundry.identity.uaa.oauth.jwt.Jwt) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 12 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class UaaTokenServicesTests method constructAuthorizationRequest.

private AuthorizationRequest constructAuthorizationRequest(String clientId, String grantType, String... scopes) {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(clientId, Arrays.asList(scopes));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, grantType);
    authorizationRequest.setRequestParameters(azParameters);
    return authorizationRequest;
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) HashMap(java.util.HashMap)

Example 13 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class MultitenantJdbcClientDetailsServiceTests method authenticateAsUserAndReturnOldAuth.

private static Authentication authenticateAsUserAndReturnOldAuth(String userId) {
    Authentication authentication = new OAuth2Authentication(new AuthorizationRequest("client", Collections.singletonList("read")).createOAuth2Request(), UaaAuthenticationTestFactory.getAuthentication(userId, "joe", "joe@test.org"));
    Authentication currentAuth = SecurityContextHolder.getContext().getAuthentication();
    SecurityContextHolder.getContext().setAuthentication(authentication);
    return currentAuth;
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) UaaOauth2Authentication(org.cloudfoundry.identity.uaa.oauth.UaaOauth2Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)

Example 14 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class UaaAuthorizationEndpointTest method testBuildRedirectURI_doesNotIncludeSessionStateWhenNotPromptNone.

@Test
public void testBuildRedirectURI_doesNotIncludeSessionStateWhenNotPromptNone() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setRedirectUri("http://example.com/somepath");
    authorizationRequest.setResponseTypes(new HashSet<String>() {

        {
            add("code");
            add("token");
            add("id_token");
        }
    });
    authorizationRequest.setState("California");
    CompositeToken accessToken = new CompositeToken("TOKEN_VALUE+=");
    accessToken.setIdTokenValue("idTokenValue");
    UaaPrincipal principal = new UaaPrincipal("userid", "username", "email", "origin", "extid", "zoneid");
    UaaAuthenticationDetails details = new UaaAuthenticationDetails(true, "clientid", "origin", "SOMESESSIONID");
    Authentication authUser = new UaaAuthentication(principal, Collections.emptyList(), details);
    accessToken.setExpiration(Calendar.getInstance().getTime());
    OAuth2Request storedOAuth2Request = mock(OAuth2Request.class);
    when(oAuth2RequestFactory.createOAuth2Request(any())).thenReturn(storedOAuth2Request);
    when(authorizationCodeServices.createAuthorizationCode(any())).thenReturn("ABCD");
    String result = uaaAuthorizationEndpoint.buildRedirectURI(authorizationRequest, accessToken, authUser);
    assertThat(result, containsString("http://example.com/somepath#"));
    assertThat(result, containsString("token_type=bearer"));
    assertThat(result, containsString("access_token=TOKEN_VALUE+%3D"));
    assertThat(result, containsString("id_token=idTokenValue"));
    assertThat(result, containsString("code=ABCD"));
    assertThat(result, containsString("state=California"));
    assertThat(result, containsString("expires_in="));
    assertThat(result, containsString("scope=null"));
}
Also used : UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) UaaPrincipal(org.cloudfoundry.identity.uaa.authentication.UaaPrincipal) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) UaaAuthenticationDetails(org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationDetails) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UaaAuthentication(org.cloudfoundry.identity.uaa.authentication.UaaAuthentication) Authentication(org.springframework.security.core.Authentication) Matchers.containsString(org.hamcrest.Matchers.containsString) CompositeToken(org.cloudfoundry.identity.uaa.oauth.token.CompositeToken) Test(org.junit.Test)

Example 15 with AuthorizationRequest

use of org.maxkey.authz.oauth2.provider.AuthorizationRequest in project uaa by cloudfoundry.

the class UaaAuthorizationEndpointTest method testApproveWithModifiedClientId.

@Test(expected = InvalidRequestException.class)
public void testApproveWithModifiedClientId() {
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "state-1234", "read", Collections.singleton("code"));
    model.put(UaaAuthorizationEndpoint.AUTHORIZATION_REQUEST, authorizationRequest);
    model.put(UaaAuthorizationEndpoint.ORIGINAL_AUTHORIZATION_REQUEST, uaaAuthorizationEndpoint.unmodifiableMap(authorizationRequest));
    // Modify authorization request
    authorizationRequest.setClientId("bar");
    Map<String, String> approvalParameters = new HashMap<>();
    approvalParameters.put("user_oauth_approval", "true");
    uaaAuthorizationEndpoint.approveOrDeny(approvalParameters, model, sessionStatus, principal);
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) HashMap(java.util.HashMap) Matchers.containsString(org.hamcrest.Matchers.containsString) Test(org.junit.Test)

Aggregations

AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)215 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)107 Test (org.junit.Test)88 Authentication (org.springframework.security.core.Authentication)80 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)57 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)50 HashMap (java.util.HashMap)47 IsEmptyString.isEmptyString (org.hamcrest.text.IsEmptyString.isEmptyString)45 ModelAndView (org.springframework.web.servlet.ModelAndView)32 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)31 Approval (org.cloudfoundry.identity.uaa.approval.Approval)29 RedirectView (org.springframework.web.servlet.view.RedirectView)29 Test (org.junit.jupiter.api.Test)28 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)19 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)19 Map (java.util.Map)15 Date (java.util.Date)14 HashSet (java.util.HashSet)14 Matchers.containsString (org.hamcrest.Matchers.containsString)14 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)13
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial