Examples with OAuth2ClientCredentialsGrantRequest org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest used on opensource projects

Example 1 with OAuth2ClientCredentialsGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest in project spring-security by spring-projects.

the class OAuth2ClientCredentialsGrantRequestEntityConverter method createParameters.

@Override
protected MultiValueMap<String, String> createParameters(OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest) {
    ClientRegistration clientRegistration = clientCredentialsGrantRequest.getClientRegistration();
    MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
    parameters.add(OAuth2ParameterNames.GRANT_TYPE, clientCredentialsGrantRequest.getGrantType().getValue());
    if (!CollectionUtils.isEmpty(clientRegistration.getScopes())) {
        parameters.add(OAuth2ParameterNames.SCOPE, StringUtils.collectionToDelimitedString(clientRegistration.getScopes(), " "));
    }
    if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
        parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
        parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
    }
    return parameters;
}

Example 2 with OAuth2ClientCredentialsGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest in project spring-security by spring-projects.

the class DefaultClientCredentialsTokenResponseClient method getTokenResponse.

@Override
public OAuth2AccessTokenResponse getTokenResponse(OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest) {
    Assert.notNull(clientCredentialsGrantRequest, "clientCredentialsGrantRequest cannot be null");
    RequestEntity<?> request = this.requestEntityConverter.convert(clientCredentialsGrantRequest);
    ResponseEntity<OAuth2AccessTokenResponse> response = getResponse(request);
    OAuth2AccessTokenResponse tokenResponse = response.getBody();
    if (CollectionUtils.isEmpty(tokenResponse.getAccessToken().getScopes())) {
        // As per spec, in Section 5.1 Successful Access Token Response
        // https://tools.ietf.org/html/rfc6749#section-5.1
        // If AccessTokenResponse.scope is empty, then default to the scope
        // originally requested by the client in the Token Request
        // @formatter:off
        tokenResponse = OAuth2AccessTokenResponse.withResponse(tokenResponse).scopes(clientCredentialsGrantRequest.getClientRegistration().getScopes()).build();
    // @formatter:on
    }
    return tokenResponse;
}

Example 3 with OAuth2ClientCredentialsGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest in project spring-security by spring-projects.

the class OAuth2ClientCredentialsGrantRequestEntityConverterTests method convertWhenSpecialCharactersThenConvertsWithEncodedClientCredentials.

// gh-9610
@SuppressWarnings("unchecked")
@Test
public void convertWhenSpecialCharactersThenConvertsWithEncodedClientCredentials() throws UnsupportedEncodingException {
    String clientCredentialWithAnsiKeyboardSpecialCharacters = "~!@#$%^&*()_+{}|:\"<>?`-=[]\\;',./ ";
    // @formatter:off
    ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().clientId(clientCredentialWithAnsiKeyboardSpecialCharacters).clientSecret(clientCredentialWithAnsiKeyboardSpecialCharacters).build();
    // @formatter:on
    OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest = new OAuth2ClientCredentialsGrantRequest(clientRegistration);
    RequestEntity<?> requestEntity = this.converter.convert(clientCredentialsGrantRequest);
    assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.POST);
    assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getTokenUri());
    HttpHeaders headers = requestEntity.getHeaders();
    assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON_UTF8);
    assertThat(headers.getContentType()).isEqualTo(MediaType.valueOf(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"));
    String urlEncodedClientCredential = URLEncoder.encode(clientCredentialWithAnsiKeyboardSpecialCharacters, StandardCharsets.UTF_8.toString());
    String clientCredentials = Base64.getEncoder().encodeToString((urlEncodedClientCredential + ":" + urlEncodedClientCredential).getBytes(StandardCharsets.UTF_8));
    assertThat(headers.getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Basic " + clientCredentials);
    MultiValueMap<String, String> formParameters = (MultiValueMap<String, String>) requestEntity.getBody();
    assertThat(formParameters.getFirst(OAuth2ParameterNames.GRANT_TYPE)).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.SCOPE)).contains(clientRegistration.getScopes());
}

Example 4 with OAuth2ClientCredentialsGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest in project spring-security by spring-projects.

the class OAuth2ClientCredentialsGrantRequestEntityConverterTests method convertWhenHeadersConverterSetThenCalled.

@Test
public void convertWhenHeadersConverterSetThenCalled() {
    Converter<OAuth2ClientCredentialsGrantRequest, HttpHeaders> headersConverter1 = mock(Converter.class);
    this.converter.setHeadersConverter(headersConverter1);
    Converter<OAuth2ClientCredentialsGrantRequest, HttpHeaders> headersConverter2 = mock(Converter.class);
    this.converter.addHeadersConverter(headersConverter2);
    ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().build();
    OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest = new OAuth2ClientCredentialsGrantRequest(clientRegistration);
    this.converter.convert(clientCredentialsGrantRequest);
    InOrder inOrder = inOrder(headersConverter1, headersConverter2);
    inOrder.verify(headersConverter1).convert(any(OAuth2ClientCredentialsGrantRequest.class));
    inOrder.verify(headersConverter2).convert(any(OAuth2ClientCredentialsGrantRequest.class));
}

Example 5 with OAuth2ClientCredentialsGrantRequest

use of org.springframework.security.oauth2.client.endpoint.OAuth2ClientCredentialsGrantRequest in project spring-security by spring-projects.

the class OAuth2ClientCredentialsGrantRequestEntityConverterTests method convertWhenGrantRequestValidThenConverts.

@SuppressWarnings("unchecked")
@Test
public void convertWhenGrantRequestValidThenConverts() {
    ClientRegistration clientRegistration = TestClientRegistrations.clientCredentials().build();
    OAuth2ClientCredentialsGrantRequest clientCredentialsGrantRequest = new OAuth2ClientCredentialsGrantRequest(clientRegistration);
    RequestEntity<?> requestEntity = this.converter.convert(clientCredentialsGrantRequest);
    assertThat(requestEntity.getMethod()).isEqualTo(HttpMethod.POST);
    assertThat(requestEntity.getUrl().toASCIIString()).isEqualTo(clientRegistration.getProviderDetails().getTokenUri());
    HttpHeaders headers = requestEntity.getHeaders();
    assertThat(headers.getAccept()).contains(MediaType.APPLICATION_JSON_UTF8);
    assertThat(headers.getContentType()).isEqualTo(MediaType.valueOf(MediaType.APPLICATION_FORM_URLENCODED_VALUE + ";charset=UTF-8"));
    assertThat(headers.getFirst(HttpHeaders.AUTHORIZATION)).startsWith("Basic ");
    MultiValueMap<String, String> formParameters = (MultiValueMap<String, String>) requestEntity.getBody();
    assertThat(formParameters.getFirst(OAuth2ParameterNames.GRANT_TYPE)).isEqualTo(AuthorizationGrantType.CLIENT_CREDENTIALS.getValue());
    assertThat(formParameters.getFirst(OAuth2ParameterNames.SCOPE)).contains(clientRegistration.getScopes());
}