Example 16 with ClientDetailsEntity
use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.
the class OrcidAuthorizationCodeServiceImpl method getDetailFromAuthorization.
private OrcidOauth2AuthoriziationCodeDetail getDetailFromAuthorization(String code, OAuth2Authentication authentication) {
OAuth2Request oAuth2Request = authentication.getOAuth2Request();
OrcidOauth2AuthoriziationCodeDetail detail = new OrcidOauth2AuthoriziationCodeDetail();
Map<String, String> requestParameters = oAuth2Request.getRequestParameters();
if (requestParameters != null && !requestParameters.isEmpty()) {
String clientId = (String) requestParameters.get(CLIENT_ID);
ClientDetailsEntity clientDetails = getClientDetails(clientId);
if (clientDetails == null) {
return null;
}
detail.setScopes(OAuth2Utils.parseParameterList((String) requestParameters.get(SCOPE)));
detail.setState((String) requestParameters.get(STATE));
detail.setRedirectUri((String) requestParameters.get(REDIRECT_URI));
detail.setResponseType((String) requestParameters.get(RESPONSE_TYPE));
detail.setClientDetailsEntity(clientDetails);
//persist the openID params if present
if (requestParameters.get(OrcidOauth2Constants.NONCE) != null)
detail.setNonce((String) requestParameters.get(OrcidOauth2Constants.NONCE));
}
detail.setId(code);
detail.setApproved(authentication.getOAuth2Request().isApproved());
Authentication userAuthentication = authentication.getUserAuthentication();
Object principal = userAuthentication.getPrincipal();
ProfileEntity entity = null;
if (principal instanceof OrcidProfileUserDetails) {
OrcidProfileUserDetails userDetails = (OrcidProfileUserDetails) principal;
String effectiveOrcid = userDetails.getOrcid();
if (effectiveOrcid != null) {
entity = profileEntityCacheManager.retrieve(effectiveOrcid);
}
}
if (entity == null) {
return null;
}
detail.setProfileEntity(entity);
detail.setAuthenticated(userAuthentication.isAuthenticated());
Set<String> authorities = getStringSetFromGrantedAuthorities(authentication.getAuthorities());
detail.setAuthorities(authorities);
Object authenticationDetails = userAuthentication.getDetails();
if (authenticationDetails instanceof WebAuthenticationDetails) {
detail.setSessionId(((WebAuthenticationDetails) authenticationDetails).getSessionId());
}
boolean isPersistentTokenEnabledByUser = false;
//Set token version to persistent token
//TODO: As of Jan 2015 all tokens will be new tokens, so, we will have to remove the token version code and
//treat all tokens as new tokens
detail.setVersion(Long.valueOf(OrcidOauth2Constants.PERSISTENT_TOKEN));
if (requestParameters.containsKey(OrcidOauth2Constants.GRANT_PERSISTENT_TOKEN)) {
String grantPersitentToken = (String) requestParameters.get(OrcidOauth2Constants.GRANT_PERSISTENT_TOKEN);
if (Boolean.parseBoolean(grantPersitentToken)) {
isPersistentTokenEnabledByUser = true;
}
}
detail.setPersistent(isPersistentTokenEnabledByUser);
return detail;
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OrcidOauth2AuthoriziationCodeDetail(org.orcid.persistence.jpa.entities.OrcidOauth2AuthoriziationCodeDetail)
OrcidOauth2UserAuthentication(org.orcid.core.oauth.OrcidOauth2UserAuthentication)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
WebAuthenticationDetails(org.springframework.security.web.authentication.WebAuthenticationDetails)
OrcidProfileUserDetails(org.orcid.core.oauth.OrcidProfileUserDetails)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Example 17 with ClientDetailsEntity
use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.
the class OrcidMultiSecretAuthenticationProvider method additionalAuthenticationChecks.
@SuppressWarnings("deprecation")
@Override
protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
if (authentication.getCredentials() == null) {
logger.debug("Authentication failed: no credentials provided");
throw new BadCredentialsException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
String presentedPassword = authentication.getCredentials().toString();
ClientDetailsEntity clientDetailsEntity = clientDetailsManager.findByClientId(userDetails.getUsername());
for (ClientSecretEntity clientSecretEntity : clientDetailsEntity.getClientSecrets()) {
if (getPasswordEncoder().isPasswordValid(encryptionManager.decryptForInternalUse(clientSecretEntity.getClientSecret()), presentedPassword, null)) {
return;
}
}
logger.debug("Authentication failed: password does not match any value");
throw new BadCredentialsException(messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
ClientSecretEntity(org.orcid.persistence.jpa.entities.ClientSecretEntity)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Example 18 with ClientDetailsEntity
use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.
the class SourceInActivitiesTest method sourceDoesntChange_Affiliation_Test.
@Test
public void sourceDoesntChange_Affiliation_Test() {
when(sourceManager.retrieveSourceEntity()).thenReturn(new SourceEntity(new ProfileEntity(userOrcid)));
Education education1 = getEducation(userOrcid);
assertNotNull(education1);
assertEquals(userOrcid, education1.retrieveSourcePath());
when(sourceManager.retrieveSourceEntity()).thenReturn(new SourceEntity(new ClientDetailsEntity(CLIENT_1_ID)));
Education education2 = getEducation(userOrcid);
assertNotNull(education2);
assertEquals(CLIENT_1_ID, education2.retrieveSourcePath());
when(sourceManager.retrieveSourceEntity()).thenReturn(new SourceEntity(new ClientDetailsEntity(CLIENT_2_ID)));
Education education3 = getEducation(userOrcid);
assertNotNull(education3);
assertEquals(CLIENT_2_ID, education3.retrieveSourcePath());
when(sourceManager.retrieveSourceEntity()).thenReturn(new SourceEntity(new ProfileEntity(userOrcid)));
Education education4 = getEducation(userOrcid);
assertNotNull(education4);
assertEquals(userOrcid, education4.retrieveSourcePath());
Education fromDb1 = affiliationsManager.getEducationAffiliation(userOrcid, education1.getPutCode());
assertNotNull(fromDb1);
assertEquals(userOrcid, fromDb1.retrieveSourcePath());
Education fromDb2 = affiliationsManager.getEducationAffiliation(userOrcid, education2.getPutCode());
assertNotNull(fromDb2);
assertEquals(CLIENT_1_ID, fromDb2.retrieveSourcePath());
Education fromDb3 = affiliationsManager.getEducationAffiliation(userOrcid, education3.getPutCode());
assertNotNull(fromDb3);
assertEquals(CLIENT_2_ID, fromDb3.retrieveSourcePath());
Education fromDb4 = affiliationsManager.getEducationAffiliation(userOrcid, education4.getPutCode());
assertNotNull(fromDb4);
assertEquals(userOrcid, fromDb4.retrieveSourcePath());
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
Education(org.orcid.jaxb.model.record_v2.Education)
SourceEntity(org.orcid.persistence.jpa.entities.SourceEntity)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Test(org.junit.Test)
Example 19 with ClientDetailsEntity
use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method testReissuedAccessTokenHasUpdatedExpiration.
@Test
public void testReissuedAccessTokenHasUpdatedExpiration() throws InterruptedException {
Date earliestExpiry = oneHoursTime();
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date latestExpiry = oneHoursTime();
assertNotNull(oauth2AccessToken);
assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
Thread.sleep(1000);
earliestExpiry = oneHoursTime();
OAuth2AccessToken reissuedOauth2AccessToken = tokenServices.createAccessToken(authentication);
latestExpiry = oneHoursTime();
assertNotNull(reissuedOauth2AccessToken);
assertFalse(reissuedOauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(reissuedOauth2AccessToken.getExpiration().after(latestExpiry));
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
HashMap(java.util.HashMap)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Date(java.util.Date)
OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Example 20 with ClientDetailsEntity
use of org.orcid.persistence.jpa.entities.ClientDetailsEntity in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method tokenExpireIn20YearsTest.
/**
* Check that the token created with a persistent code will expire within 20 years
* */
@Test
public void tokenExpireIn20YearsTest() throws InterruptedException {
Date in20years = twentyYearsTime();
Thread.sleep(2000);
Map<String, String> requestParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
requestParameters.put(OAuth2Utils.CLIENT_ID, clientId);
requestParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
requestParameters.put("code", "code1");
requestParameters.put(OrcidOauth2Constants.IS_PERSISTENT, "true");
OAuth2Request request = new OAuth2Request(requestParameters, clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date tokenExpiration = oauth2AccessToken.getExpiration();
//The token expires in 20 years
assertFalse(in20years.after(tokenExpiration));
in20years = twentyYearsTime();
//Confirm the token expires in 20 years
assertFalse(tokenExpiration.after(in20years));
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
HashMap(java.util.HashMap)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication)
Authentication(org.springframework.security.core.Authentication)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Date(java.util.Date)
OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Aggregations
ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)149
Test (org.junit.Test)75
SourceEntity (org.orcid.persistence.jpa.entities.SourceEntity)57
BaseTest (org.orcid.core.BaseTest)51
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)33
Date (java.util.Date)23
Transactional (org.springframework.transaction.annotation.Transactional)16
HashSet (java.util.HashSet)15
DBUnitTest (org.orcid.test.DBUnitTest)15
HashMap (java.util.HashMap)14
Authentication (org.springframework.security.core.Authentication)13
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)13
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)11
Work (org.orcid.jaxb.model.record_v2.Work)9
Before (org.junit.Before)8
ArrayList (java.util.ArrayList)7
OrcidClient (org.orcid.jaxb.model.clientgroup.OrcidClient)7
ClientSecretEntity (org.orcid.persistence.jpa.entities.ClientSecretEntity)7
OrcidProfile (org.orcid.jaxb.model.message.OrcidProfile)6
Funding (org.orcid.jaxb.model.record_v2.Funding)6
