Examples with OAuth2Authentication - org.maxkey.authz.oauth2.provider.OAuth2Authentication

Example 31 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project epoch by Marshal7cc.

the class RequestHelper method getCurrentUser.

public static User getCurrentUser() {
    // todo: fix better
    User user = RequestHelper.currentUser.get();
    if (user == null) {
        SecurityContext context = SecurityContextHolder.getContext();
        Authentication authentication = context.getAuthentication();
        if (!(authentication instanceof OAuth2Authentication)) {
            return ANONYMOUS_USER;
        }
        Authentication userAuthentication = ((OAuth2Authentication) authentication).getUserAuthentication();
        if (!(userAuthentication.getDetails() instanceof Map)) {
            return ANONYMOUS_USER;
        }
        Map<String, Object> details = Collections.unmodifiableMap((Map<String, Object>) userAuthentication.getDetails());
        LinkedHashMap<String, String> principal = (LinkedHashMap<String, String>) details.get(FILED_PRINCIPAL);
        user = new User();
        user.setUserId(Long.parseLong(String.valueOf(principal.get(User.FILED_USER_ID))));
        user.setUsername(principal.get(User.FILED_USER_NAME));
        setCurrentUser(user);
        return user;
    }
    return user;
}

Also used : User(org.epoch.starter.core.domain.User) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) SecurityContext(org.springframework.security.core.context.SecurityContext) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) LinkedHashMap(java.util.LinkedHashMap)

Example 32 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project ballcat by ballcat-projects.

the class CustomRedisTokenStore method removeAccessToken.

public void removeAccessToken(String tokenValue) {
    byte[] accessKey = serializeKey(ACCESS + tokenValue);
    byte[] authKey = serializeKey(AUTH + tokenValue);
    byte[] accessToRefreshKey = serializeKey(ACCESS_TO_REFRESH + tokenValue);
    RedisConnection conn = getConnection();
    try {
        conn.openPipeline();
        conn.get(accessKey);
        conn.get(authKey);
        conn.del(accessKey);
        conn.del(accessToRefreshKey);
        // Don't remove the refresh token - it's up to the caller to do that
        conn.del(authKey);
        List<Object> results = conn.closePipeline();
        byte[] access = (byte[]) results.get(0);
        byte[] auth = (byte[]) results.get(1);
        // ==== 当序列化异常时，删除缓存 key ====
        OAuth2Authentication authentication = null;
        try {
            authentication = deserializeAuthentication(auth);
        } catch (SerializationException e) {
            log.warn("[removeAccessToken] OAuth2Authentication 序列化异常", e);
        }
        if (authentication != null) {
            String key = authenticationKeyGenerator.extractKey(authentication);
            byte[] authToAccessKey = serializeKey(AUTH_TO_ACCESS + key);
            byte[] unameKey = serializeKey(UNAME_TO_ACCESS + getApprovalKey(authentication));
            byte[] clientId = serializeKey(CLIENT_ID_TO_ACCESS + authentication.getOAuth2Request().getClientId());
            conn.openPipeline();
            conn.del(authToAccessKey);
            conn.sRem(unameKey, access);
            conn.sRem(clientId, access);
            conn.del(serialize(ACCESS + key));
            conn.closePipeline();
        }
    } finally {
        conn.close();
    }
}

Also used : SerializationException(org.springframework.data.redis.serializer.SerializationException) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) RedisConnection(org.springframework.data.redis.connection.RedisConnection)

Example 33 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project ballcat by ballcat-projects.

the class SharedStoredOpaqueTokenIntrospector method introspect.

/**
 * @see DefaultTokenServices#loadAuthentication(java.lang.String)
 * @param accessTokenValue token
 * @return OAuth2User
 */
@Override
public OAuth2AuthenticatedPrincipal introspect(String accessTokenValue) {
    OAuth2AccessToken accessToken = tokenStore.readAccessToken(accessTokenValue);
    if (accessToken == null) {
        throw new BadOpaqueTokenException("Invalid access token: " + accessTokenValue);
    } else if (accessToken.isExpired()) {
        tokenStore.removeAccessToken(accessToken);
        throw new BadOpaqueTokenException("Access token expired: " + accessTokenValue);
    }
    OAuth2Authentication oAuth2Authentication = tokenStore.readAuthentication(accessToken);
    if (oAuth2Authentication == null) {
        // in case of race condition
        throw new BadOpaqueTokenException("Invalid access token: " + accessTokenValue);
    }
    ClientPrincipal clientPrincipal = getClientPrincipal(oAuth2Authentication);
    if (clientPrincipal != null) {
        return clientPrincipal;
    }
    return (OAuth2User) oAuth2Authentication.getPrincipal();
}

Also used : OAuth2User(org.springframework.security.oauth2.core.user.OAuth2User) BadOpaqueTokenException(org.springframework.security.oauth2.server.resource.introspection.BadOpaqueTokenException) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) ClientPrincipal(com.hccake.ballcat.common.security.userdetails.ClientPrincipal)

Example 34 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project ballcat by ballcat-projects.

the class CustomTokenEnhancer method enhance.

/**
 * 处理 token 增强
 * @param accessToken token信息
 * @param authentication 鉴权信息
 * @return OAuth2AccessToken 增强后的token
 */
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
    Authentication userAuthentication = authentication.getUserAuthentication();
    if (userAuthentication == null) {
        return accessToken;
    }
    Object principal = userAuthentication.getPrincipal();
    if (principal instanceof User) {
        User user = (User) principal;
        // token 附属信息
        Map<String, Object> additionalInfo = new HashMap<>(8);
        // 用户基本信息
        SysUserInfo sysUserInfo = getSysUserInfo(user);
        additionalInfo.put(TokenAttributeNameConstants.INFO, sysUserInfo);
        // 默认在登陆时只把角色和权限的信息返回
        Map<String, Object> resultAttributes = new HashMap<>(2);
        Map<String, Object> attributes = user.getAttributes();
        resultAttributes.put(UserAttributeNameConstants.ROLE_CODES, attributes.get(UserAttributeNameConstants.ROLE_CODES));
        resultAttributes.put(UserAttributeNameConstants.PERMISSIONS, attributes.get(UserAttributeNameConstants.PERMISSIONS));
        additionalInfo.put(TokenAttributeNameConstants.ATTRIBUTES, resultAttributes);
        ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
    }
    return accessToken;
}

Also used : User(com.hccake.ballcat.common.security.userdetails.User) HashMap(java.util.HashMap) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) SysUserInfo(com.hccake.ballcat.system.model.vo.SysUserInfo) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)

Example 35 with OAuth2Authentication

use of org.maxkey.authz.oauth2.provider.OAuth2Authentication in project JBM by numen06.

the class OpenJwtTokenService method loadAuthentication.

@Override
public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException, InvalidTokenException {
    OAuth2Authentication oAuth2Authentication = tokenStore.readAuthentication(accessToken);
    Map<String, ?> map = jwtAccessTokenConverter.convertAccessToken(readAccessToken(accessToken), oAuth2Authentication);
    return defaultAccessTokenConverter.extractAuthentication(map);
}

Also used : OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)

Aggregations

OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)538 Authentication (org.springframework.security.core.Authentication)211 Test (org.junit.Test)192 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)177 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)159 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)107 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)91 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)68 HashMap (java.util.HashMap)67 Date (java.util.Date)47 IsEmptyString.isEmptyString (org.hamcrest.text.IsEmptyString.isEmptyString)42 GrantedAuthority (org.springframework.security.core.GrantedAuthority)35 Map (java.util.Map)32 OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)30 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)30 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)29 InvalidTokenException (org.springframework.security.oauth2.common.exceptions.InvalidTokenException)28 OAuth2Authentication (org.maxkey.authz.oauth2.provider.OAuth2Authentication)27 UaaAuthentication (org.cloudfoundry.identity.uaa.authentication.UaaAuthentication)26 HashSet (java.util.HashSet)23