Search in sources :

Example 1 with OAuth2ClientContext

use of org.springframework.security.oauth2.client.OAuth2ClientContext in project spring-boot by spring-projects.

the class UserInfoTokenServicesRefreshTokenTests method withRestTemplateChangesState.

@Test
public void withRestTemplateChangesState() {
    OAuth2ProtectedResourceDetails resource = new AuthorizationCodeResourceDetails();
    OAuth2ClientContext context = new DefaultOAuth2ClientContext();
    context.setAccessToken(new DefaultOAuth2AccessToken("FOO"));
    this.services.setRestTemplate(new OAuth2RestTemplate(resource, context));
    assertThat(this.services.loadAuthentication("BAR").getName()).isEqualTo("me");
    assertThat(context.getAccessToken().getValue()).isEqualTo("BAR");
}
Also used : DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) OAuth2ClientContext(org.springframework.security.oauth2.client.OAuth2ClientContext) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 2 with OAuth2ClientContext

use of org.springframework.security.oauth2.client.OAuth2ClientContext in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method testCanUseClientCredentialsWithEnableOAuth2Client.

@Test
public void testCanUseClientCredentialsWithEnableOAuth2Client() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(ClientConfiguration.class, MinimalSecureWebApplication.class);
    EnvironmentTestUtils.addEnvironment(this.context, "security.oauth2.client.clientId=client", "security.oauth2.client.grantType=client_credentials");
    this.context.refresh();
    // The primary context is fine (not session scoped):
    OAuth2ClientContext bean = this.context.getBean(OAuth2ClientContext.class);
    assertThat(bean.getAccessTokenRequest()).isNotNull();
    assertThat(countBeans(ClientCredentialsResourceDetails.class)).isEqualTo(1);
    // Kind of a bug (should ideally be 1), but the cause is in Spring OAuth2 (there
    // is no need for the extra session-scoped bean). What this test proves is that
    // even if the user screws up and does @EnableOAuth2Client for client credentials,
    // it will still just about work (because of the @Primary annotation on the
    // Boot-created instance of OAuth2ClientContext).
    assertThat(countBeans(OAuth2ClientContext.class)).isEqualTo(2);
}
Also used : AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) OAuth2ClientContext(org.springframework.security.oauth2.client.OAuth2ClientContext) Test(org.junit.Test)

Example 3 with OAuth2ClientContext

use of org.springframework.security.oauth2.client.OAuth2ClientContext in project spring-boot by spring-projects.

the class OAuth2AutoConfigurationTests method testCanUseClientCredentials.

@Test
public void testCanUseClientCredentials() {
    this.context = new AnnotationConfigServletWebServerApplicationContext();
    this.context.register(TestSecurityConfiguration.class, MinimalSecureWebApplication.class);
    EnvironmentTestUtils.addEnvironment(this.context, "security.oauth2.client.clientId=client", "security.oauth2.client.grantType=client_credentials");
    this.context.refresh();
    OAuth2ClientContext bean = this.context.getBean(OAuth2ClientContext.class);
    assertThat(bean.getAccessTokenRequest()).isNotNull();
    assertThat(countBeans(ClientCredentialsResourceDetails.class)).isEqualTo(1);
    assertThat(countBeans(OAuth2ClientContext.class)).isEqualTo(1);
}
Also used : AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext) OAuth2ClientContext(org.springframework.security.oauth2.client.OAuth2ClientContext) Test(org.junit.Test)

Example 4 with OAuth2ClientContext

use of org.springframework.security.oauth2.client.OAuth2ClientContext in project spring-security-oauth by spring-projects.

the class DefaultOAuth2RequestAuthenticator method authenticate.

@Override
public void authenticate(OAuth2ProtectedResourceDetails resource, OAuth2ClientContext clientContext, ClientHttpRequest request) {
    OAuth2AccessToken accessToken = clientContext.getAccessToken();
    if (accessToken == null) {
        throw new AccessTokenRequiredException(resource);
    }
    String tokenType = accessToken.getTokenType();
    if (!StringUtils.hasText(tokenType)) {
        // we'll assume basic bearer token type if none is specified.
        tokenType = OAuth2AccessToken.BEARER_TYPE;
    }
    request.getHeaders().set("Authorization", String.format("%s %s", tokenType, accessToken.getValue()));
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AccessTokenRequiredException(org.springframework.security.oauth2.client.http.AccessTokenRequiredException)

Example 5 with OAuth2ClientContext

use of org.springframework.security.oauth2.client.OAuth2ClientContext in project spring-security-oauth by spring-projects.

the class OAuth2RestTemplate method acquireAccessToken.

protected OAuth2AccessToken acquireAccessToken(OAuth2ClientContext oauth2Context) throws UserRedirectRequiredException {
    AccessTokenRequest accessTokenRequest = oauth2Context.getAccessTokenRequest();
    if (accessTokenRequest == null) {
        throw new AccessTokenRequiredException("No OAuth 2 security context has been established. Unable to access resource '" + this.resource.getId() + "'.", resource);
    }
    // Transfer the preserved state from the (longer lived) context to the current request.
    String stateKey = accessTokenRequest.getStateKey();
    if (stateKey != null) {
        accessTokenRequest.setPreservedState(oauth2Context.removePreservedState(stateKey));
    }
    OAuth2AccessToken existingToken = oauth2Context.getAccessToken();
    if (existingToken != null) {
        accessTokenRequest.setExistingToken(existingToken);
    }
    OAuth2AccessToken accessToken = null;
    accessToken = accessTokenProvider.obtainAccessToken(resource, accessTokenRequest);
    if (accessToken == null || accessToken.getValue() == null) {
        throw new IllegalStateException("Access token provider returned a null access token, which is illegal according to the contract.");
    }
    oauth2Context.setAccessToken(accessToken);
    return accessToken;
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AccessTokenRequiredException(org.springframework.security.oauth2.client.http.AccessTokenRequiredException) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)

Aggregations

Test (org.junit.Test)5 OAuth2ClientContext (org.springframework.security.oauth2.client.OAuth2ClientContext)5 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)3 OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)3 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)3 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)3 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 AnnotationConfigServletWebServerApplicationContext (org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)2 AccessTokenRequiredException (org.springframework.security.oauth2.client.http.AccessTokenRequiredException)2 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)2 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)2 IOException (java.io.IOException)1 Date (java.util.Date)1 ClientHttpRequest (org.springframework.http.client.ClientHttpRequest)1 ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)1 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)1 AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)1 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)1 DefaultResponseErrorHandler (org.springframework.web.client.DefaultResponseErrorHandler)1