Search in sources :

Example 6 with OrcidOauth2UserAuthentication

use of org.orcid.core.oauth.OrcidOauth2UserAuthentication in project ORCID-Source by ORCID.

the class DefaultPermissionCheckerTest method testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessage.

@Test
@Rollback
@Transactional
public void testCheckUserPermissionsAuthenticationScopesOrcidAndOrcidMessage() throws Exception {
    Set<String> resourceIds = new HashSet<String>(Arrays.asList("orcid"));
    HashSet<GrantedAuthority> grantedAuthorities = new HashSet<GrantedAuthority>(Arrays.asList(new SimpleGrantedAuthority("ROLE_CLIENT")));
    AuthorizationRequest request = new AuthorizationRequest("4444-4444-4444-4441", Arrays.asList("/orcid-bio/external-identifiers/create"));
    request.setAuthorities(grantedAuthorities);
    request.setResourceIds(resourceIds);
    ProfileEntity entity = profileEntityManager.findByOrcid("4444-4444-4444-4446");
    OrcidOauth2UserAuthentication oauth2UserAuthentication = new OrcidOauth2UserAuthentication(entity, true);
    OAuth2Authentication oAuth2Authentication = new OrcidOAuth2Authentication(request, oauth2UserAuthentication, "made-up-token");
    ScopePathType requiredScope = ScopePathType.ORCID_BIO_EXTERNAL_IDENTIFIERS_CREATE;
    OrcidMessage orcidMessage = getOrcidMessage();
    String messageOrcid = orcidMessage.getOrcidProfile().getOrcidIdentifier().getPath();
    defaultPermissionChecker.checkPermissions(oAuth2Authentication, requiredScope, messageOrcid, orcidMessage);
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) GrantedAuthority(org.springframework.security.core.GrantedAuthority) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) ScopePathType(org.orcid.jaxb.model.message.ScopePathType) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication) OrcidMessage(org.orcid.jaxb.model.message.OrcidMessage) OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication) HashSet(java.util.HashSet) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test) Rollback(org.springframework.test.annotation.Rollback) Transactional(org.springframework.transaction.annotation.Transactional)

Example 7 with OrcidOauth2UserAuthentication

use of org.orcid.core.oauth.OrcidOauth2UserAuthentication in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceTest method testGetAccessToken.

@Test
@Transactional
public void testGetAccessToken() throws Exception {
    String clientId = "4444-4444-4444-4441";
    Map<String, String> parameters = new HashMap<String, String>();
    parameters.put("client_id", clientId);
    parameters.put("state", "read");
    parameters.put("scope", "/orcid-profile/write");
    parameters.put("redirect_uri", "http://www.google.com/");
    parameters.put("response_type", "bearer");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ProfileEntity profileEntity = profileEntityManager.findByOrcid("4444-4444-4444-4444");
    OrcidOauth2UserAuthentication userAuthentication = new OrcidOauth2UserAuthentication(profileEntity, true);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("4444-4444-4444-4441");
    token.setExpiration(new Date());
    token.setScope(OAuth2Utils.parseParameterList("/orcid-profile/read,/orcid-profile/write"));
    token.setTokenType("bearer");
    token.setRefreshToken(new DefaultExpiringOAuth2RefreshToken("a-refresh-token", new Date()));
    orcidTokenStoreService.storeAccessToken(token, authentication);
    OAuth2AccessToken accessToken = orcidTokenStoreService.getAccessToken(authentication);
    assertNotNull(accessToken);
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) HashMap(java.util.HashMap) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

OrcidOauth2UserAuthentication (org.orcid.core.oauth.OrcidOauth2UserAuthentication)7 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)7 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)6 Transactional (org.springframework.transaction.annotation.Transactional)6 Test (org.junit.Test)5 OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)5 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)5 Date (java.util.Date)4 HashSet (java.util.HashSet)4 DBUnitTest (org.orcid.test.DBUnitTest)4 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)3 GrantedAuthority (org.springframework.security.core.GrantedAuthority)3 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)3 Rollback (org.springframework.test.annotation.Rollback)3 HashMap (java.util.HashMap)2 OrcidMessage (org.orcid.jaxb.model.message.OrcidMessage)2 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)2 OrcidOauth2TokenDetail (org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)2 Authentication (org.springframework.security.core.Authentication)2 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)2