Examples with OAuth2Authentication org.maxkey.authz.oauth2.provider.OAuth2Authentication used on opensource projects

Example 26 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project orcid-member-services by ORCID.

the class OAuth2AuthenticationService method getLoginResult.

private LoginResult getLoginResult(OAuth2AccessToken accessToken) {
    OAuth2Authentication authentication = tokenStore.readAuthentication(accessToken);
    Collection<GrantedAuthority> authorities = authentication.getAuthorities();
    LoginResult loginResult = new LoginResult();
    authorities.forEach(a -> {
        if (a.getAuthority().equals("PRE_AUTH")) {
            loginResult.setMfaRequired(true);
        }
    });
    return loginResult;
}

Example 27 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project orcid-member-services by ORCID.

the class OAuth2JwtAccessTokenConverter method extractAuthentication.

/**
 * Extract JWT claims and set it to OAuth2Authentication decoded details.
 * Here is how to get details:
 *
 * <pre>
 * <code>
 *  SecurityContext securityContext = SecurityContextHolder.getContext();
 *  Authentication authentication = securityContext.getAuthentication();
 *  if (authentication != null) {
 *      Object details = authentication.getDetails();
 *      if (details instanceof OAuth2AuthenticationDetails) {
 *          Object decodedDetails = ((OAuth2AuthenticationDetails) details).getDecodedDetails();
 *          if (decodedDetails != null &amp;&amp; decodedDetails instanceof Map) {
 *             String detailFoo = ((Map) decodedDetails).get("foo");
 *          }
 *      }
 *  }
 * </code>
 * </pre>
 *
 * @param claims
 *            OAuth2JWTToken claims.
 * @return {@link OAuth2Authentication}.
 */
@Override
public OAuth2Authentication extractAuthentication(Map<String, ?> claims) {
    OAuth2Authentication authentication = super.extractAuthentication(claims);
    authentication.setDetails(claims);
    return authentication;
}

Example 28 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project jmix by jmix-framework.

the class TokenRevoker method revokeAccessToken.

@Nullable
protected String revokeAccessToken(String token, @Nullable Authentication clientAuth, TokenRevocationInitiator revocationInitiator) {
    OAuth2AccessToken accessToken = tokenStore.readAccessToken(token);
    if (accessToken != null) {
        OAuth2Authentication authToRevoke = tokenStore.readAuthentication(accessToken);
        if (revocationInitiator == TokenRevocationInitiator.CLIENT) {
            checkIfTokenIsIssuedToClient(clientAuth, authToRevoke);
        }
        if (accessToken.getRefreshToken() != null) {
            tokenStore.removeRefreshToken(accessToken.getRefreshToken());
        }
        tokenStore.removeAccessToken(accessToken);
        log.debug("Access token removed: {}", tokenMasker.maskToken(token));
        if (applicationEventPublisher != null) {
            applicationEventPublisher.publishEvent(new OAuth2TokenRevokedEvent(accessToken, revocationInitiator));
        }
        return accessToken.getValue();
    }
    log.debug("No access token {} found in the token store", tokenMasker.maskToken(token));
    return null;
}

Example 29 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project jmix by jmix-framework.

the class TokenRevoker method revokeRefreshToken.

@Nullable
public String revokeRefreshToken(String tokenValue, Authentication clientAuth) {
    OAuth2RefreshToken refreshToken = tokenStore.readRefreshToken(tokenValue);
    if (refreshToken != null) {
        OAuth2Authentication authToRevoke = tokenStore.readAuthenticationForRefreshToken(refreshToken);
        checkIfTokenIsIssuedToClient(clientAuth, authToRevoke);
        tokenStore.removeAccessTokenUsingRefreshToken(refreshToken);
        tokenStore.removeRefreshToken(refreshToken);
        log.debug("Successfully removed refresh token {} (and any associated access token).", tokenMasker.maskToken(refreshToken.getValue()));
        return refreshToken.getValue();
    }
    log.debug("No refresh token {} found in the token store.", tokenMasker.maskToken(tokenValue));
    return null;
}

Example 30 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project ox-data-cloud by ox-data.

the class UserDetailsController method onLine.

@GetMapping("/on-line")
public ResponseEntity<List<OAuth2Authentication>> onLine() {
    Collection<OAuth2AccessToken> oAuth2AccessTokens = tokenStore.findTokensByClientId("butterfly");
    List<OAuth2Authentication> result = new ArrayList<>();
    for (OAuth2AccessToken oAuth2AccessToken : oAuth2AccessTokens) {
        OAuth2Authentication oAuth2Authentication = tokenStore.readAuthentication(oAuth2AccessToken);
        result.add(oAuth2Authentication);
    }
    return Results.success(result);
}