Examples with OAuth2AuthenticationToken org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken used on opensource projects

Search in sources :

Example 1 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project tutorials by eugenp.

the class LoginController method getLoginInfo.

@GetMapping("/loginSuccess")
public String getLoginInfo(Model model, OAuth2AuthenticationToken authentication) {
    OAuth2AuthorizedClient client = authorizedClientService.loadAuthorizedClient(authentication.getAuthorizedClientRegistrationId(), authentication.getName());
    String userInfoEndpointUri = client.getClientRegistration().getProviderDetails().getUserInfoEndpoint().getUri();
    if (!StringUtils.isEmpty(userInfoEndpointUri)) {
        RestTemplate restTemplate = new RestTemplate();
        HttpHeaders headers = new HttpHeaders();
        headers.add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken().getTokenValue());
        HttpEntity<String> entity = new HttpEntity<String>("", headers);
        ResponseEntity<Map> response = restTemplate.exchange(userInfoEndpointUri, HttpMethod.GET, entity, Map.class);
        Map userAttributes = response.getBody();
        model.addAttribute("name", userAttributes.get("name"));
    }
    return "loginSuccess";
}
Also used : HttpHeaders(org.springframework.http.HttpHeaders) HttpEntity(org.springframework.http.HttpEntity) RestTemplate(org.springframework.web.client.RestTemplate) OAuth2AuthorizedClient(org.springframework.security.oauth2.client.OAuth2AuthorizedClient) HashMap(java.util.HashMap) Map(java.util.Map) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Example 2 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class OAuth2AuthorizedClientArgumentResolver method resolveClientRegistrationId.

private String resolveClientRegistrationId(MethodParameter parameter) {
    RegisteredOAuth2AuthorizedClient authorizedClientAnnotation = AnnotatedElementUtils.findMergedAnnotation(parameter.getParameter(), RegisteredOAuth2AuthorizedClient.class);
    Authentication principal = SecurityContextHolder.getContext().getAuthentication();
    if (!StringUtils.isEmpty(authorizedClientAnnotation.registrationId())) {
        return authorizedClientAnnotation.registrationId();
    }
    if (!StringUtils.isEmpty(authorizedClientAnnotation.value())) {
        return authorizedClientAnnotation.value();
    }
    if (principal != null && OAuth2AuthenticationToken.class.isAssignableFrom(principal.getClass())) {
        return ((OAuth2AuthenticationToken) principal).getAuthorizedClientRegistrationId();
    }
    return null;
}
Also used : RegisteredOAuth2AuthorizedClient(org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) Authentication(org.springframework.security.core.Authentication)

Example 3 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class OidcClientInitiatedServerLogoutSuccessHandler method onLogoutSuccess.

@Override
public Mono<Void> onLogoutSuccess(WebFilterExchange exchange, Authentication authentication) {
    // @formatter:off
    return Mono.just(authentication).filter(OAuth2AuthenticationToken.class::isInstance).filter((token) -> authentication.getPrincipal() instanceof OidcUser).map(OAuth2AuthenticationToken.class::cast).map(OAuth2AuthenticationToken::getAuthorizedClientRegistrationId).flatMap(this.clientRegistrationRepository::findByRegistrationId).flatMap((clientRegistration) -> {
        URI endSessionEndpoint = endSessionEndpoint(clientRegistration);
        if (endSessionEndpoint == null) {
            return Mono.empty();
        }
        String idToken = idToken(authentication);
        URI postLogoutRedirectUri = postLogoutRedirectUri(exchange.getExchange().getRequest());
        return Mono.just(endpointUri(endSessionEndpoint, idToken, postLogoutRedirectUri));
    }).switchIfEmpty(this.serverLogoutSuccessHandler.onLogoutSuccess(exchange, authentication).then(Mono.empty())).flatMap((endpointUri) -> this.redirectStrategy.sendRedirect(exchange.getExchange(), endpointUri));
// @formatter:on
}
Also used : OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) URI(java.net.URI) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser)

Example 4 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class ServletOAuth2AuthorizedClientExchangeFilterFunction method resolveClientRegistrationId.

private String resolveClientRegistrationId(ClientRequest request) {
    Map<String, Object> attrs = request.attributes();
    String clientRegistrationId = getClientRegistrationId(attrs);
    if (clientRegistrationId == null) {
        clientRegistrationId = this.defaultClientRegistrationId;
    }
    Authentication authentication = getAuthentication(attrs);
    if (clientRegistrationId == null && this.defaultOAuth2AuthorizedClient && authentication instanceof OAuth2AuthenticationToken) {
        clientRegistrationId = ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId();
    }
    return clientRegistrationId;
}
Also used : OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) Authentication(org.springframework.security.core.Authentication)

Example 5 with OAuth2AuthenticationToken

use of org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken in project spring-security by spring-projects.

the class OidcClientInitiatedLogoutSuccessHandler method determineTargetUrl.

@Override
protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
    String targetUrl = null;
    if (authentication instanceof OAuth2AuthenticationToken && authentication.getPrincipal() instanceof OidcUser) {
        String registrationId = ((OAuth2AuthenticationToken) authentication).getAuthorizedClientRegistrationId();
        ClientRegistration clientRegistration = this.clientRegistrationRepository.findByRegistrationId(registrationId);
        URI endSessionEndpoint = this.endSessionEndpoint(clientRegistration);
        if (endSessionEndpoint != null) {
            String idToken = idToken(authentication);
            String postLogoutRedirectUri = postLogoutRedirectUri(request);
            targetUrl = endpointUri(endSessionEndpoint, idToken, postLogoutRedirectUri);
        }
    }
    return (targetUrl != null) ? targetUrl : super.determineTargetUrl(request, response);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) OAuth2AuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken) URI(java.net.URI) OidcUser(org.springframework.security.oauth2.core.oidc.user.OidcUser)

Aggregations

OAuth2AuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken)41 Test (org.junit.jupiter.api.Test)34 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)11 Collection (java.util.Collection)6 SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)6 DefaultOidcUser (org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser)6 DefaultOAuth2User (org.springframework.security.oauth2.core.user.DefaultOAuth2User)6 RegisteredOAuth2AuthorizedClient (org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient)5 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)5 OAuth2User (org.springframework.security.oauth2.core.user.OAuth2User)5 WebFilterExchange (org.springframework.security.web.server.WebFilterExchange)5 HttpHeaders (org.springframework.http.HttpHeaders)4 URI (java.net.URI)3 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)3 BeforeEach (org.junit.jupiter.api.BeforeEach)3 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)3 Mock (org.mockito.Mock)3 MockitoExtension (org.mockito.junit.jupiter.MockitoExtension)3 GrantedAuthority (org.springframework.security.core.GrantedAuthority)3 AuthorityUtils (org.springframework.security.core.authority.AuthorityUtils)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial