Examples with OAuthConsumerToken org.springframework.security.oauth.consumer.OAuthConsumerToken used on opensource projects

Example 1 with OAuthConsumerToken

use of org.springframework.security.oauth.consumer.OAuthConsumerToken in project spring-security-oauth by spring-projects.

the class HttpSessionOAuthRememberMeServices method rememberTokens.

public void rememberTokens(Map<String, OAuthConsumerToken> tokens, HttpServletRequest request, HttpServletResponse response) {
    HttpSession session = request.getSession(false);
    if (session == null) {
        return;
    }
    Map<String, OAuthConsumerToken> requestTokensOnly = new HashMap<String, OAuthConsumerToken>();
    for (Map.Entry<String, OAuthConsumerToken> token : tokens.entrySet()) {
        if (storeAccessTokens && !token.getValue().isAccessToken())
            requestTokensOnly.put(token.getKey(), token.getValue());
    }
    session.setAttribute(REMEMBERED_TOKENS_KEY, requestTokensOnly);
}

Example 2 with OAuthConsumerToken

use of org.springframework.security.oauth.consumer.OAuthConsumerToken in project spring-security-oauth by spring-projects.

the class HttpSessionOAuthRememberMeServicesTests method testNoTokensRemembered.

@Test
public void testNoTokensRemembered() {
    MockHttpSession mockHttpSession = new MockHttpSession();
    MockHttpServletRequest request = new MockHttpServletRequest();
    MockHttpServletResponse response = new MockHttpServletResponse();
    request.setSession(mockHttpSession);
    HttpSessionOAuthRememberMeServices oAuthRememberMeService = new HttpSessionOAuthRememberMeServices();
    Map<String, OAuthConsumerToken> tokens = new HashMap<String, OAuthConsumerToken>();
    oAuthRememberMeService.rememberTokens(tokens, request, response);
    Assert.assertEquals(0, oAuthRememberMeService.loadRememberedTokens(request, response).size());
}

Example 3 with OAuthConsumerToken

use of org.springframework.security.oauth.consumer.OAuthConsumerToken in project spring-security-oauth by spring-projects.

the class CoreOAuthConsumerSupportTests method testGetOAuthQueryString.

/**
 * getOAuthQueryString
 */
@Test
public void testGetOAuthQueryString() throws Exception {
    final TreeMap<String, Set<CharSequence>> params = new TreeMap<String, Set<CharSequence>>();
    CoreOAuthConsumerSupport support = new CoreOAuthConsumerSupport() {

        @Override
        protected Map<String, Set<CharSequence>> loadOAuthParameters(ProtectedResourceDetails details, URL requestURL, OAuthConsumerToken requestToken, String httpMethod, Map<String, String> additionalParameters) {
            return params;
        }
    };
    URL url = new URL("https://myhost.com/somepath?with=some&query=params&too");
    OAuthConsumerToken token = new OAuthConsumerToken();
    when(details.isAcceptsAuthorizationHeader()).thenReturn(true);
    params.put("with", Collections.singleton((CharSequence) "some"));
    params.put("query", Collections.singleton((CharSequence) "params"));
    params.put("too", null);
    params.put(OAuthConsumerParameter.oauth_consumer_key.toString(), Collections.singleton((CharSequence) "mykey"));
    params.put(OAuthConsumerParameter.oauth_nonce.toString(), Collections.singleton((CharSequence) "mynonce"));
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), Collections.singleton((CharSequence) "myts"));
    assertEquals("query=params&too&with=some", support.getOAuthQueryString(details, token, url, "POST", null));
    when(details.isAcceptsAuthorizationHeader()).thenReturn(false);
    params.put("with", Collections.singleton((CharSequence) "some"));
    params.put("query", Collections.singleton((CharSequence) "params"));
    params.put("too", null);
    params.put(OAuthConsumerParameter.oauth_consumer_key.toString(), Collections.singleton((CharSequence) "mykey"));
    params.put(OAuthConsumerParameter.oauth_nonce.toString(), Collections.singleton((CharSequence) "mynonce"));
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), Collections.singleton((CharSequence) "myts"));
    assertEquals("oauth_consumer_key=mykey&oauth_nonce=mynonce&oauth_timestamp=myts&query=params&too&with=some", support.getOAuthQueryString(details, token, url, "POST", null));
    when(details.isAcceptsAuthorizationHeader()).thenReturn(false);
    params.put("with", Collections.singleton((CharSequence) "some"));
    String encoded_space = URLEncoder.encode(" ", "utf-8");
    params.put("query", Collections.singleton((CharSequence) ("params spaced")));
    params.put("too", null);
    params.put(OAuthConsumerParameter.oauth_consumer_key.toString(), Collections.singleton((CharSequence) "mykey"));
    params.put(OAuthConsumerParameter.oauth_nonce.toString(), Collections.singleton((CharSequence) "mynonce"));
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), Collections.singleton((CharSequence) "myts"));
    assertEquals("oauth_consumer_key=mykey&oauth_nonce=mynonce&oauth_timestamp=myts&query=params" + encoded_space + "spaced&too&with=some", support.getOAuthQueryString(details, token, url, "POST", null));
}

Example 4 with OAuthConsumerToken

use of org.springframework.security.oauth.consumer.OAuthConsumerToken in project spring-security-oauth by spring-projects.

the class CoreOAuthConsumerSupportTests method testLoadOAuthParameters.

/**
 * loadOAuthParameters
 */
@Test
public void testLoadOAuthParameters() throws Exception {
    URL url = new URL("https://myhost.com/somepath?with=some&query=params&too");
    CoreOAuthConsumerSupport support = new CoreOAuthConsumerSupport() {

        @Override
        protected String getSignatureBaseString(Map<String, Set<CharSequence>> oauthParams, URL requestURL, String httpMethod) {
            return "MYSIGBASESTRING";
        }
    };
    OAuthSignatureMethodFactory sigFactory = mock(OAuthSignatureMethodFactory.class);
    support.setSignatureFactory(sigFactory);
    OAuthConsumerToken token = new OAuthConsumerToken();
    OAuthSignatureMethod sigMethod = mock(OAuthSignatureMethod.class);
    when(details.getConsumerKey()).thenReturn("my-consumer-key");
    when(details.getSignatureMethod()).thenReturn(HMAC_SHA1SignatureMethod.SIGNATURE_NAME);
    when(details.getSignatureMethod()).thenReturn(HMAC_SHA1SignatureMethod.SIGNATURE_NAME);
    SharedConsumerSecret secret = new SharedConsumerSecretImpl("shh!!!");
    when(details.getSharedSecret()).thenReturn(secret);
    when(sigFactory.getSignatureMethod(HMAC_SHA1SignatureMethod.SIGNATURE_NAME, secret, null)).thenReturn(sigMethod);
    when(sigMethod.sign("MYSIGBASESTRING")).thenReturn("MYSIGNATURE");
    Map<String, Set<CharSequence>> params = support.loadOAuthParameters(details, url, token, "POST", null);
    assertEquals("some", params.remove("with").iterator().next().toString());
    assertEquals("params", params.remove("query").iterator().next().toString());
    assertTrue(params.containsKey("too"));
    assertTrue(params.remove("too").isEmpty());
    assertNull(params.remove(OAuthConsumerParameter.oauth_token.toString()));
    assertNotNull(params.remove(OAuthConsumerParameter.oauth_nonce.toString()).iterator().next());
    assertEquals("my-consumer-key", params.remove(OAuthConsumerParameter.oauth_consumer_key.toString()).iterator().next());
    assertEquals("MYSIGNATURE", params.remove(OAuthConsumerParameter.oauth_signature.toString()).iterator().next());
    assertEquals("1.0", params.remove(OAuthConsumerParameter.oauth_version.toString()).iterator().next());
    assertEquals(HMAC_SHA1SignatureMethod.SIGNATURE_NAME, params.remove(OAuthConsumerParameter.oauth_signature_method.toString()).iterator().next());
    assertTrue(Long.parseLong(params.remove(OAuthConsumerParameter.oauth_timestamp.toString()).iterator().next().toString()) <= (System.currentTimeMillis() / 1000));
    assertTrue(params.isEmpty());
}

Example 5 with OAuthConsumerToken

use of org.springframework.security.oauth.consumer.OAuthConsumerToken in project spring-security-oauth by spring-projects.

the class CoreOAuthConsumerSupportTests method testGetAuthorizationHeader.

/**
 * test getAuthorizationHeader
 */
@Test
public void testGetAuthorizationHeader() throws Exception {
    final TreeMap<String, Set<CharSequence>> params = new TreeMap<String, Set<CharSequence>>();
    CoreOAuthConsumerSupport support = new CoreOAuthConsumerSupport() {

        @Override
        protected Map<String, Set<CharSequence>> loadOAuthParameters(ProtectedResourceDetails details, URL requestURL, OAuthConsumerToken requestToken, String httpMethod, Map<String, String> additionalParameters) {
            return params;
        }
    };
    URL url = new URL("https://myhost.com/somepath?with=some&query=params&too");
    OAuthConsumerToken token = new OAuthConsumerToken();
    when(details.isAcceptsAuthorizationHeader()).thenReturn(false);
    assertNull(support.getAuthorizationHeader(details, token, url, "POST", null));
    params.put("with", Collections.singleton((CharSequence) "some"));
    params.put("query", Collections.singleton((CharSequence) "params"));
    params.put("too", null);
    when(details.isAcceptsAuthorizationHeader()).thenReturn(true);
    when(details.getAuthorizationHeaderRealm()).thenReturn("myrealm");
    assertEquals("OAuth realm=\"myrealm\", query=\"params\", with=\"some\"", support.getAuthorizationHeader(details, token, url, "POST", null));
    params.put(OAuthConsumerParameter.oauth_consumer_key.toString(), Collections.singleton((CharSequence) "mykey"));
    params.put(OAuthConsumerParameter.oauth_nonce.toString(), Collections.singleton((CharSequence) "mynonce"));
    params.put(OAuthConsumerParameter.oauth_timestamp.toString(), Collections.singleton((CharSequence) "myts"));
    when(details.isAcceptsAuthorizationHeader()).thenReturn(true);
    when(details.getAuthorizationHeaderRealm()).thenReturn("myrealm");
    assertEquals("OAuth realm=\"myrealm\", oauth_consumer_key=\"mykey\", oauth_nonce=\"mynonce\", oauth_timestamp=\"myts\", query=\"params\", with=\"some\"", support.getAuthorizationHeader(details, token, url, "POST", null));
}