Example 11 with OrcidOauth2TokenDetail
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class DefaultPermissionChecker method checkScopes.
private void checkScopes(OAuth2Authentication oAuth2Authentication, ScopePathType requiredScope) {
OAuth2Request authorizationRequest = oAuth2Authentication.getOAuth2Request();
Set<String> requestedScopes = authorizationRequest.getScope();
if (requiredScope.isUserGrantWriteScope()) {
OrcidOAuth2Authentication orcidOauth2Authentication = (OrcidOAuth2Authentication) oAuth2Authentication;
String activeToken = orcidOauth2Authentication.getActiveToken();
if (activeToken != null) {
OrcidOauth2TokenDetail tokenDetail = orcidOauthTokenDetailService.findNonDisabledByTokenValue(activeToken);
if (removeUserGrantWriteScopePastValitity(tokenDetail)) {
throw new AccessControlException("Write scopes for this token have expired ");
}
}
}
if (!hasRequiredScope(requestedScopes, requiredScope)) {
throw new AccessControlException("Insufficient or wrong scope " + requestedScopes);
}
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
AccessControlException(java.security.AccessControlException)
OrcidOAuth2Authentication(org.orcid.core.oauth.OrcidOAuth2Authentication)
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
Example 12 with OrcidOauth2TokenDetail
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class ProfileEntityManagerImplTest method createToken.
private OrcidOauth2TokenDetail createToken(String clientId, String tokenValue, String userOrcid, Date expirationDate, String scopes, boolean disabled) {
OrcidOauth2TokenDetail token = new OrcidOauth2TokenDetail();
token.setApproved(true);
token.setClientDetailsId(clientId);
token.setDateCreated(new Date());
token.setLastModified(new Date());
token.setProfile(new ProfileEntity(userOrcid));
token.setScope(scopes);
token.setTokenDisabled(disabled);
token.setTokenExpiration(expirationDate);
token.setTokenType("bearer");
token.setTokenValue(tokenValue);
orcidOauth2TokenDetailService.saveOrUpdate(token);
return token;
}
Also used :
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
Date(java.util.Date)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Example 13 with OrcidOauth2TokenDetail
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class OrcidOauth2AuthorizationDetailsDaoTest method testFindByTokenValue.
@Test
@Transactional
@Rollback
public void testFindByTokenValue() throws Exception {
List<OrcidOauth2TokenDetail> all = orcidOauth2TokenDetailDao.getAll();
assertEquals(5, all.size());
for (OrcidOauth2TokenDetail detail : all) {
List<OrcidOauth2TokenDetail> another = orcidOauth2TokenDetailDao.findByAuthenticationKey(detail.getAuthenticationKey());
assertNotNull(another);
assertFalse(another.isEmpty());
for (OrcidOauth2TokenDetail token : another) {
assertEquals(detail.getId(), token.getId());
assertTrue(detail.getTokenExpiration().after(new Date()));
assertTrue(detail.getRefreshTokenExpiration().after(new Date()));
}
}
}
Also used :
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
Date(java.util.Date)
Test(org.junit.Test)
DBUnitTest(org.orcid.test.DBUnitTest)
Rollback(org.springframework.test.annotation.Rollback)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 14 with OrcidOauth2TokenDetail
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class OrcidOauth2AuthorizationDetailsDaoTest method testFindByUsername.
@Test
@Transactional
@Rollback
public void testFindByUsername() throws Exception {
List<OrcidOauth2TokenDetail> all = orcidOauth2TokenDetailDao.getAll();
assertEquals(5, all.size());
for (OrcidOauth2TokenDetail detail : all) {
List<OrcidOauth2TokenDetail> allForClient = orcidOauth2TokenDetailDao.findByUserName(detail.getProfile().getId());
assertEquals(1, allForClient.size());
}
}
Also used :
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
Test(org.junit.Test)
DBUnitTest(org.orcid.test.DBUnitTest)
Rollback(org.springframework.test.annotation.Rollback)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 15 with OrcidOauth2TokenDetail
use of org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail in project ORCID-Source by ORCID.
the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenTest.
@Test
public void createRefreshTokenTest() {
// Create token, create refresh, parent should be disabled, scopes
// should be equal
long time = System.currentTimeMillis();
String scope = "/activities/update";
String tokenValue = "parent-token-" + time;
String refreshTokenValue = "refresh-token-" + time;
Boolean revokeOld = null;
Date parentTokenExpiration = new Date(time + 10000);
Long expireIn = null;
OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, scope);
OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn, scope);
assertNotNull(refresh);
OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
assertNotNull(parentToken);
assertEquals(tokenValue, parentToken.getTokenValue());
assertTrue(parentToken.getTokenDisabled());
assertEquals(scope, parentToken.getScope());
assertNotNull(parentToken.getTokenExpiration());
OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
assertNotNull(refreshToken);
assertNotNull(refreshToken.getTokenValue());
assertNotNull(refreshToken.getRefreshTokenValue());
assertFalse(refreshToken.getTokenDisabled());
assertEquals(scope, refreshToken.getScope());
assertNotNull(refreshToken.getTokenExpiration());
assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
}
Also used :
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
Date(java.util.Date)
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Aggregations
OrcidOauth2TokenDetail (org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)45
Date (java.util.Date)29
Test (org.junit.Test)27
DBUnitTest (org.orcid.test.DBUnitTest)26
Transactional (org.springframework.transaction.annotation.Transactional)13
Rollback (org.springframework.test.annotation.Rollback)12
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)10
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)9
InvalidTokenException (org.springframework.security.oauth2.common.exceptions.InvalidTokenException)8
InvalidScopeException (org.springframework.security.oauth2.common.exceptions.InvalidScopeException)7
NoResultException (javax.persistence.NoResultException)6
ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)5
ArrayList (java.util.ArrayList)4
ScopePathType (org.orcid.jaxb.model.message.ScopePathType)4
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4
OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)3
ApplicationSummary (org.orcid.pojo.ApplicationSummary)3
HashSet (java.util.HashSet)2
OrcidOauth2UserAuthentication (org.orcid.core.oauth.OrcidOauth2UserAuthentication)2
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)2
