Search in sources :

Example 11 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class OAuth2RestTemplateTests method open.

@Before
public void open() throws Exception {
    resource = new BaseOAuth2ProtectedResourceDetails();
    // Facebook and older specs:
    resource.setTokenName("bearer_token");
    restTemplate = new OAuth2RestTemplate(resource);
    restTemplate.setAccessTokenProvider(accessTokenProvider);
    request = Mockito.mock(ClientHttpRequest.class);
    headers = new HttpHeaders();
    Mockito.when(request.getHeaders()).thenReturn(headers);
    ClientHttpResponse response = Mockito.mock(ClientHttpResponse.class);
    HttpStatus statusCode = HttpStatus.OK;
    Mockito.when(response.getStatusCode()).thenReturn(statusCode);
    Mockito.when(request.execute()).thenReturn(response);
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpStatus(org.springframework.http.HttpStatus) BaseOAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails) ClientHttpRequest(org.springframework.http.client.ClientHttpRequest) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) Before(org.junit.Before)

Example 12 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class AbstractEmptyAuthorizationCodeProviderTests method verifyAuthorizationPage.

private void verifyAuthorizationPage(OAuth2RestTemplate restTemplate, String location) {
    final AtomicReference<String> confirmationPage = new AtomicReference<String>();
    AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider() {

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    confirmationPage.set(StreamUtils.copyToString(response.getBody(), Charset.forName("UTF-8")));
                    return new ResponseEntity<Void>(response.getHeaders(), response.getStatusCode());
                }
            };
        }
    };
    try {
        provider.obtainAuthorizationCode(restTemplate.getResource(), restTemplate.getOAuth2ClientContext().getAccessTokenRequest());
    } catch (UserApprovalRequiredException e) {
    // ignore
    }
    String page = confirmationPage.get();
    verifyAuthorizationPage(page);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) UserApprovalRequiredException(org.springframework.security.oauth2.client.resource.UserApprovalRequiredException) AtomicReference(java.util.concurrent.atomic.AtomicReference) ResponseExtractor(org.springframework.web.client.ResponseExtractor) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)

Example 13 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-security-oauth by spring-projects.

the class AbstractAuthorizationCodeProviderTests method verifyAuthorizationPage.

private void verifyAuthorizationPage(OAuth2RestTemplate restTemplate, String location) {
    final AtomicReference<String> confirmationPage = new AtomicReference<String>();
    AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider() {

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    confirmationPage.set(StreamUtils.copyToString(response.getBody(), Charset.forName("UTF-8")));
                    return new ResponseEntity<Void>(response.getHeaders(), response.getStatusCode());
                }
            };
        }
    };
    try {
        provider.obtainAuthorizationCode(restTemplate.getResource(), restTemplate.getOAuth2ClientContext().getAccessTokenRequest());
    } catch (UserApprovalRequiredException e) {
    // ignore
    }
    String page = confirmationPage.get();
    verifyAuthorizationPage(page);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) UserApprovalRequiredException(org.springframework.security.oauth2.client.resource.UserApprovalRequiredException) AtomicReference(java.util.concurrent.atomic.AtomicReference) ResponseExtractor(org.springframework.web.client.ResponseExtractor) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)

Example 14 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-boot by spring-projects.

the class UserInfoTokenServicesRefreshTokenTests method withRestTemplate.

@Test
public void withRestTemplate() {
    OAuth2ProtectedResourceDetails resource = new AuthorizationCodeResourceDetails();
    OAuth2ClientContext context = new DefaultOAuth2ClientContext();
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
    token.setRefreshToken(new DefaultExpiringOAuth2RefreshToken("BAR", new Date(0L)));
    context.setAccessToken(token);
    this.services.setRestTemplate(new OAuth2RestTemplate(resource, context));
    assertThat(this.services.loadAuthentication("FOO").getName()).isEqualTo("me");
    assertThat(context.getAccessToken().getValue()).isEqualTo("FOO");
    // The refresh token is still intact
    assertThat(context.getAccessToken().getRefreshToken()).isEqualTo(token.getRefreshToken());
}
Also used : DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) OAuth2ClientContext(org.springframework.security.oauth2.client.OAuth2ClientContext) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test) SpringBootTest(org.springframework.boot.test.context.SpringBootTest)

Example 15 with OAuth2RestTemplate

use of org.springframework.security.oauth2.client.OAuth2RestTemplate in project spring-boot by spring-projects.

the class UserInfoTokenServices method getMap.

@SuppressWarnings({ "unchecked" })
private Map<String, Object> getMap(String path, String accessToken) {
    if (this.logger.isDebugEnabled()) {
        this.logger.debug("Getting user info from: " + path);
    }
    try {
        OAuth2RestOperations restTemplate = this.restTemplate;
        if (restTemplate == null) {
            BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails();
            resource.setClientId(this.clientId);
            restTemplate = new OAuth2RestTemplate(resource);
        }
        OAuth2AccessToken existingToken = restTemplate.getOAuth2ClientContext().getAccessToken();
        if (existingToken == null || !accessToken.equals(existingToken.getValue())) {
            DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(accessToken);
            token.setTokenType(this.tokenType);
            restTemplate.getOAuth2ClientContext().setAccessToken(token);
        }
        return restTemplate.getForEntity(path, Map.class).getBody();
    } catch (Exception ex) {
        this.logger.warn("Could not fetch user details: " + ex.getClass() + ", " + ex.getMessage());
        return Collections.<String, Object>singletonMap("error", "Could not fetch user details");
    }
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) BaseOAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails) OAuth2RestOperations(org.springframework.security.oauth2.client.OAuth2RestOperations) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) Map(java.util.Map) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) AuthenticationException(org.springframework.security.core.AuthenticationException) InvalidTokenException(org.springframework.security.oauth2.common.exceptions.InvalidTokenException)

Aggregations

OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)12 Test (org.junit.Test)7 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)6 ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)4 AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)4 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 OAuth2ClientContext (org.springframework.security.oauth2.client.OAuth2ClientContext)3 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)3 DefaultAccessTokenRequest (org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest)3 ResourceOwnerPasswordResourceDetails (org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails)3 Date (java.util.Date)2 AtomicReference (java.util.concurrent.atomic.AtomicReference)2 Before (org.junit.Before)2 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2 ResponseEntity (org.springframework.http.ResponseEntity)2 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)2 UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)2 AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)2 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)2 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)2