Search in sources :

Example 1 with OAuth2RestOperations

use of org.springframework.security.oauth2.client.OAuth2RestOperations in project spring-boot by spring-projects.

the class SsoSecurityConfigurer method oauth2SsoFilter.

private OAuth2ClientAuthenticationProcessingFilter oauth2SsoFilter(OAuth2SsoProperties sso) {
    OAuth2RestOperations restTemplate = this.applicationContext.getBean(UserInfoRestTemplateFactory.class).getUserInfoRestTemplate();
    ResourceServerTokenServices tokenServices = this.applicationContext.getBean(ResourceServerTokenServices.class);
    OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(sso.getLoginPath());
    filter.setRestTemplate(restTemplate);
    filter.setTokenServices(tokenServices);
    filter.setApplicationEventPublisher(this.applicationContext);
    return filter;
}
Also used : OAuth2RestOperations(org.springframework.security.oauth2.client.OAuth2RestOperations) UserInfoRestTemplateFactory(org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory) OAuth2ClientAuthenticationProcessingFilter(org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter) ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices)

Example 2 with OAuth2RestOperations

use of org.springframework.security.oauth2.client.OAuth2RestOperations in project spring-boot by spring-projects.

the class UserInfoTokenServices method getMap.

@SuppressWarnings({ "unchecked" })
private Map<String, Object> getMap(String path, String accessToken) {
    if (this.logger.isDebugEnabled()) {
        this.logger.debug("Getting user info from: " + path);
    }
    try {
        OAuth2RestOperations restTemplate = this.restTemplate;
        if (restTemplate == null) {
            BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails();
            resource.setClientId(this.clientId);
            restTemplate = new OAuth2RestTemplate(resource);
        }
        OAuth2AccessToken existingToken = restTemplate.getOAuth2ClientContext().getAccessToken();
        if (existingToken == null || !accessToken.equals(existingToken.getValue())) {
            DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(accessToken);
            token.setTokenType(this.tokenType);
            restTemplate.getOAuth2ClientContext().setAccessToken(token);
        }
        return restTemplate.getForEntity(path, Map.class).getBody();
    } catch (Exception ex) {
        this.logger.warn("Could not fetch user details: " + ex.getClass() + ", " + ex.getMessage());
        return Collections.<String, Object>singletonMap("error", "Could not fetch user details");
    }
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) BaseOAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails) OAuth2RestOperations(org.springframework.security.oauth2.client.OAuth2RestOperations) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) Map(java.util.Map) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) AuthenticationException(org.springframework.security.core.AuthenticationException) InvalidTokenException(org.springframework.security.oauth2.common.exceptions.InvalidTokenException)

Example 3 with OAuth2RestOperations

use of org.springframework.security.oauth2.client.OAuth2RestOperations in project spring-security-oauth by spring-projects.

the class ClientApplication method restTemplate.

@Bean
@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
public OAuth2RestOperations restTemplate() {
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(accessTokenRequest));
    AccessTokenProviderChain provider = new AccessTokenProviderChain(Arrays.asList(new AuthorizationCodeAccessTokenProvider()));
    provider.setClientTokenServices(clientTokenServices());
    return template;
}
Also used : DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) AccessTokenProviderChain(org.springframework.security.oauth2.client.token.AccessTokenProviderChain) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) Scope(org.springframework.context.annotation.Scope) Bean(org.springframework.context.annotation.Bean)

Aggregations

OAuth2RestOperations (org.springframework.security.oauth2.client.OAuth2RestOperations)2 OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)2 Map (java.util.Map)1 UserInfoRestTemplateFactory (org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory)1 Bean (org.springframework.context.annotation.Bean)1 Scope (org.springframework.context.annotation.Scope)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)1 OAuth2ClientAuthenticationProcessingFilter (org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter)1 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)1 AccessTokenProviderChain (org.springframework.security.oauth2.client.token.AccessTokenProviderChain)1 AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)1 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)1 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)1 InvalidTokenException (org.springframework.security.oauth2.common.exceptions.InvalidTokenException)1 ResourceServerTokenServices (org.springframework.security.oauth2.provider.token.ResourceServerTokenServices)1