Search in sources :

Example 1 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-boot by spring-projects.

the class UserInfoTokenServicesRefreshTokenTests method withRestTemplateChangesState.

@Test
public void withRestTemplateChangesState() {
    OAuth2ProtectedResourceDetails resource = new AuthorizationCodeResourceDetails();
    OAuth2ClientContext context = new DefaultOAuth2ClientContext();
    context.setAccessToken(new DefaultOAuth2AccessToken("FOO"));
    this.services.setRestTemplate(new OAuth2RestTemplate(resource, context));
    assertThat(this.services.loadAuthentication("BAR").getName()).isEqualTo("me");
    assertThat(context.getAccessToken().getValue()).isEqualTo("BAR");
}
Also used : DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) OAuth2ClientContext(org.springframework.security.oauth2.client.OAuth2ClientContext) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 2 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-boot by spring-projects.

the class DefaultUserInfoRestTemplateFactory method getUserInfoRestTemplate.

@Override
public OAuth2RestTemplate getUserInfoRestTemplate() {
    if (this.oauth2RestTemplate == null) {
        this.oauth2RestTemplate = createOAuth2RestTemplate(this.details == null ? DEFAULT_RESOURCE_DETAILS : this.details);
        this.oauth2RestTemplate.getInterceptors().add(new AcceptJsonRequestInterceptor());
        AuthorizationCodeAccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider();
        accessTokenProvider.setTokenRequestEnhancer(new AcceptJsonRequestEnhancer());
        this.oauth2RestTemplate.setAccessTokenProvider(accessTokenProvider);
        if (!CollectionUtils.isEmpty(this.customizers)) {
            AnnotationAwareOrderComparator.sort(this.customizers);
            for (UserInfoRestTemplateCustomizer customizer : this.customizers) {
                customizer.customize(this.oauth2RestTemplate);
            }
        }
    }
    return this.oauth2RestTemplate;
}
Also used : AcceptJsonRequestEnhancer(org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestEnhancer) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) AcceptJsonRequestInterceptor(org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestInterceptor)

Example 3 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class OAuth2ContextSetup method initializeIfNecessary.

private void initializeIfNecessary(FrameworkMethod method, final Object target) {
    final TestClass testClass = new TestClass(target.getClass());
    OAuth2ContextConfiguration contextConfiguration = findOAuthContextConfiguration(method, testClass);
    if (contextConfiguration == null) {
        // Nothing to do
        return;
    }
    this.initializeAccessToken = contextConfiguration.initialize();
    this.resource = creatResource(target, contextConfiguration);
    final List<FrameworkMethod> befores = testClass.getAnnotatedMethods(BeforeOAuth2Context.class);
    if (!befores.isEmpty()) {
        logger.debug("Running @BeforeOAuth2Context methods");
        for (FrameworkMethod before : befores) {
            RestOperations savedServerClient = clientHolder.getRestTemplate();
            OAuth2ContextConfiguration beforeConfiguration = findOAuthContextConfiguration(before, testClass);
            if (beforeConfiguration != null) {
                OAuth2ProtectedResourceDetails resource = creatResource(target, beforeConfiguration);
                AccessTokenRequest beforeRequest = new DefaultAccessTokenRequest();
                beforeRequest.setAll(parameters);
                OAuth2RestTemplate client = createRestTemplate(resource, beforeRequest);
                clientHolder.setRestTemplate(client);
            }
            AccessTokenRequest request = new DefaultAccessTokenRequest();
            request.setAll(parameters);
            this.client = createRestTemplate(this.resource, request);
            List<FrameworkMethod> list = Arrays.asList(before);
            try {
                new RunBefores(new Statement() {

                    public void evaluate() {
                    }
                }, list, target).evaluate();
            } catch (AssumptionViolatedException e) {
                throw e;
            } catch (RuntimeException e) {
                throw e;
            } catch (AssertionError e) {
                throw e;
            } catch (Throwable e) {
                logger.debug("Exception in befores", e);
                Assert.assertThat(e, CoreMatchers.not(CoreMatchers.anything()));
            } finally {
                clientHolder.setRestTemplate(savedServerClient);
            }
        }
    }
}
Also used : AssumptionViolatedException(org.junit.internal.AssumptionViolatedException) Statement(org.junit.runners.model.Statement) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) TestClass(org.junit.runners.model.TestClass) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest) RestOperations(org.springframework.web.client.RestOperations) RunBefores(org.junit.internal.runners.statements.RunBefores) FrameworkMethod(org.junit.runners.model.FrameworkMethod) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest)

Example 4 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class ClientCredentialsGrantTests method testConnectDirectlyToResourceServer.

@Test
public void testConnectDirectlyToResourceServer() throws Exception {
    ClientCredentialsResourceDetails resource = new ClientCredentialsResourceDetails();
    resource.setAccessTokenUri(serverRunning.getUrl("/sparklr2/oauth/token"));
    resource.setClientId("my-client-with-registered-redirect");
    resource.setId("sparklr");
    resource.setScope(Arrays.asList("trust"));
    ClientCredentialsAccessTokenProvider provider = new ClientCredentialsAccessTokenProvider();
    OAuth2AccessToken accessToken = provider.obtainAccessToken(resource, new DefaultAccessTokenRequest());
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(accessToken));
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/trusted/message"), String.class);
    assertEquals("Hello, Trusted Client", result);
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) ClientCredentialsResourceDetails(org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails) ClientCredentialsAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) Test(org.junit.Test)

Example 5 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class RefreshTokenGrantTests method setup.

@Before
public void setup() {
    resource = new ResourceOwnerPasswordResourceDetails();
    resource.setAccessTokenUri(serverRunning.getUrl("/sparklr2/oauth/token"));
    resource.setClientId("my-trusted-client");
    resource.setId("sparklr");
    resource.setScope(Arrays.asList("trust"));
    resource.setUsername("marissa");
    resource.setPassword("koala");
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource);
    existingToken = template.getAccessToken();
    ((DefaultOAuth2AccessToken) existingToken).setExpiration(new Date(0L));
    SecurityContextImpl securityContext = new SecurityContextImpl();
    securityContext.setAuthentication(new TestingAuthenticationToken("marissa", "koala", "ROLE_USER"));
    SecurityContextHolder.setContext(securityContext);
}
Also used : ResourceOwnerPasswordResourceDetails(org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails) SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl) TestingAuthenticationToken(org.springframework.security.authentication.TestingAuthenticationToken) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Before(org.junit.Before)

Aggregations

OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)12 Test (org.junit.Test)7 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)6 ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)4 AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)4 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 OAuth2ClientContext (org.springframework.security.oauth2.client.OAuth2ClientContext)3 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)3 DefaultAccessTokenRequest (org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest)3 ResourceOwnerPasswordResourceDetails (org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails)3 Date (java.util.Date)2 AtomicReference (java.util.concurrent.atomic.AtomicReference)2 Before (org.junit.Before)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 ResponseEntity (org.springframework.http.ResponseEntity)2 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)2 UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)2 AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)2 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)2 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)2