Search in sources :

Example 6 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class RefreshTokenGrantTests method testConnectDirectlyToResourceServer.

@Test
public void testConnectDirectlyToResourceServer() throws Exception {
    assertNotNull(existingToken.getRefreshToken());
    // It won't be expired on the server, but we can force the client to refresh it
    assertTrue(existingToken.isExpired());
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setExistingToken(existingToken);
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(request));
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/user/message"), String.class);
    assertEquals("Hello, Trusted User marissa", result);
    assertFalse("Tokens match so there was no refresh", existingToken.equals(template.getAccessToken()));
}
Also used : DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) Test(org.junit.Test)

Example 7 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class ResourceOwnerPasswordGrantTests method testConnectDirectlyToResourceServer.

@Test
public void testConnectDirectlyToResourceServer() throws Exception {
    ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
    resource.setAccessTokenUri(serverRunning.getUrl("/sparklr2/oauth/token"));
    resource.setClientId("my-trusted-client");
    resource.setId("sparklr");
    resource.setScope(Arrays.asList("trust"));
    resource.setUsername("marissa");
    resource.setPassword("koala");
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource);
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/user/message"), String.class);
    // System.err.println(result);
    assertEquals("Hello, Trusted User marissa", result);
}
Also used : ResourceOwnerPasswordResourceDetails(org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) Test(org.junit.Test)

Example 8 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class AbstractResourceOwnerPasswordProviderTests method testTokenEndpointWrongPassword.

@Test
@OAuth2ContextConfiguration(value = ResourceOwner.class, initialize = false)
public void testTokenEndpointWrongPassword() throws Exception {
    ResourceOwnerPasswordResourceDetails resource = (ResourceOwnerPasswordResourceDetails) context.getResource();
    resource.setPassword("bogus");
    try {
        new OAuth2RestTemplate(resource).getAccessToken();
    } catch (OAuth2AccessDeniedException e) {
        String summary = ((OAuth2Exception) e.getCause()).getSummary();
        assertTrue("Wrong summary: " + summary, summary.contains("Bad credentials"));
    }
}
Also used : ResourceOwnerPasswordResourceDetails(org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails) OAuth2AccessDeniedException(org.springframework.security.oauth2.client.resource.OAuth2AccessDeniedException) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) OAuth2ContextConfiguration(org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration) Test(org.junit.Test)

Example 9 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class AuthorizationCodeGrantTests method testCannotConnectWithoutToken.

@Test
public void testCannotConnectWithoutToken() throws Exception {
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource);
    resource.setPreEstablishedRedirectUri("http://anywhere.com");
    try {
        template.getForObject(serverRunning.getUrl("/tonr2/photos"), String.class);
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        String message = e.getMessage();
        assertTrue("Wrong message: " + message, message.contains("A redirect is required to get the users approval"));
    }
}
Also used : OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) UserRedirectRequiredException(org.springframework.security.oauth2.client.resource.UserRedirectRequiredException) Test(org.junit.Test)

Example 10 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class OAuth2ContextSetup method createRestTemplate.

private OAuth2RestTemplate createRestTemplate(OAuth2ProtectedResourceDetails resource, AccessTokenRequest request) {
    OAuth2ClientContext context = new DefaultOAuth2ClientContext(request);
    OAuth2RestTemplate client = new OAuth2RestTemplate(resource, context);
    setupConnectionFactory(client);
    client.setErrorHandler(new DefaultResponseErrorHandler() {

        // Pass errors through in response entity for status code analysis
        public boolean hasError(ClientHttpResponse response) throws IOException {
            return false;
        }
    });
    if (accessTokenProvider != null) {
        client.setAccessTokenProvider(accessTokenProvider);
    }
    return client;
}
Also used : DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) OAuth2ClientContext(org.springframework.security.oauth2.client.OAuth2ClientContext) IOException(java.io.IOException) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)

Aggregations

OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)12 Test (org.junit.Test)7 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)6 ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)4 AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)4 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 OAuth2ClientContext (org.springframework.security.oauth2.client.OAuth2ClientContext)3 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)3 DefaultAccessTokenRequest (org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest)3 ResourceOwnerPasswordResourceDetails (org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails)3 Date (java.util.Date)2 AtomicReference (java.util.concurrent.atomic.AtomicReference)2 Before (org.junit.Before)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 ResponseEntity (org.springframework.http.ResponseEntity)2 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)2 UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)2 AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)2 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)2 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)2