use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class DefaultPermissionChecker method checkScopes.
private void checkScopes(OAuth2Authentication oAuth2Authentication, ScopePathType requiredScope) {
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
Set<String> requestedScopes = authorizationRequest.getScope();
if (requiredScope.isUserGrantWriteScope()) {
OrcidOAuth2Authentication orcidOauth2Authentication = (OrcidOAuth2Authentication) oAuth2Authentication;
String activeToken = orcidOauth2Authentication.getActiveToken();
if (activeToken != null) {
OrcidOauth2TokenDetail tokenDetail = orcidOauthTokenDetailService.findNonDisabledByTokenValue(activeToken);
if (removeUserGrantWriteScopePastValitity(tokenDetail)) {
throw new AccessControlException("Write scopes for this token have expired ");
}
}
}
if (!hasRequiredScope(requestedScopes, requiredScope)) {
throw new AccessControlException("Insufficient or wrong scope " + requestedScopes);
}
}
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class ProfileEntityManagerImplTest method createToken.
private OrcidOauth2TokenDetail createToken(String clientId, String tokenValue, String userOrcid, Date expirationDate, String scopes, boolean disabled) {
OrcidOauth2TokenDetail token = new OrcidOauth2TokenDetail();
token.setApproved(true);
token.setClientDetailsId(clientId);
token.setDateCreated(new Date());
token.setLastModified(new Date());
token.setProfile(new ProfileEntity(userOrcid));
token.setScope(scopes);
token.setTokenDisabled(disabled);
token.setTokenExpiration(expirationDate);
token.setTokenType("bearer");
token.setTokenValue(tokenValue);
orcidOauth2TokenDetailService.saveOrUpdate(token);
return token;
}
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class OrcidOauth2AuthorizationDetailsDaoTest method testFindByTokenValue.
@Test
@Transactional
@Rollback
public void testFindByTokenValue() throws Exception {
List<OrcidOauth2TokenDetail> all = orcidOauth2TokenDetailDao.getAll();
assertEquals(5, all.size());
for (OrcidOauth2TokenDetail detail : all) {
List<OrcidOauth2TokenDetail> another = orcidOauth2TokenDetailDao.findByAuthenticationKey(detail.getAuthenticationKey());
assertNotNull(another);
assertFalse(another.isEmpty());
for (OrcidOauth2TokenDetail token : another) {
assertEquals(detail.getId(), token.getId());
assertTrue(detail.getTokenExpiration().after(new Date()));
assertTrue(detail.getRefreshTokenExpiration().after(new Date()));
}
}
}
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class OrcidOauth2AuthorizationDetailsDaoTest method testFindByUsername.
@Test
@Transactional
@Rollback
public void testFindByUsername() throws Exception {
List<OrcidOauth2TokenDetail> all = orcidOauth2TokenDetailDao.getAll();
assertEquals(5, all.size());
for (OrcidOauth2TokenDetail detail : all) {
List<OrcidOauth2TokenDetail> allForClient = orcidOauth2TokenDetailDao.findByUserName(detail.getProfile().getId());
assertEquals(1, allForClient.size());
}
}
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenTest.
@Test
public void createRefreshTokenTest() {
// Create token, create refresh, parent should be disabled, scopes
// should be equal
long time = System.currentTimeMillis();
String scope = "/activities/update";
String tokenValue = "parent-token-" + time;
String refreshTokenValue = "refresh-token-" + time;
Boolean revokeOld = null;
Date parentTokenExpiration = new Date(time + 10000);
Long expireIn = null;
OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, scope);
OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn, scope);
assertNotNull(refresh);
OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
assertNotNull(parentToken);
assertEquals(tokenValue, parentToken.getTokenValue());
assertTrue(parentToken.getTokenDisabled());
assertEquals(scope, parentToken.getScope());
assertNotNull(parentToken.getTokenExpiration());
OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
assertNotNull(refreshToken);
assertNotNull(refreshToken.getTokenValue());
assertNotNull(refreshToken.getRefreshTokenValue());
assertFalse(refreshToken.getTokenDisabled());
assertEquals(scope, refreshToken.getScope());
assertNotNull(refreshToken.getTokenExpiration());
assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
}
Aggregations