Examples with UserRedirectRequiredException org.springframework.security.oauth2.client.resource.UserRedirectRequiredException used on opensource projects

Example 16 with UserRedirectRequiredException

use of org.springframework.security.oauth2.client.resource.UserRedirectRequiredException in project spring-security-oauth by spring-projects.

the class AbstractEmptyAuthorizationCodeProviderTests method approveAccessTokenGrant.

protected void approveAccessTokenGrant(String currentUri, boolean approved) {
    AccessTokenRequest request = context.getAccessTokenRequest();
    request.setHeaders(getAuthenticatedHeaders());
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) context.getResource();
    if (currentUri != null) {
        request.setCurrentUri(currentUri);
    }
    String location = null;
    try {
        // First try to obtain the access token...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        // Expected and necessary, so that the correct state is set up in the request...
        location = e.getRedirectUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    verifyAuthorizationPage(context.getRestTemplate(), location);
    try {
        // Now try again and the token provider will redirect for user approval...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserApprovalRequiredException e) {
        // Expected and necessary, so that the user can approve the grant...
        location = e.getApprovalUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    // The approval (will be processed on the next attempt to obtain an access token)...
    request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
}

Example 17 with UserRedirectRequiredException

use of org.springframework.security.oauth2.client.resource.UserRedirectRequiredException in project spring-security-oauth by spring-projects.

the class AbstractAuthorizationCodeProviderTests method approveAccessTokenGrant.

protected void approveAccessTokenGrant(String currentUri, boolean approved) {
    AccessTokenRequest request = context.getAccessTokenRequest();
    request.setHeaders(getAuthenticatedHeaders());
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) context.getResource();
    if (currentUri != null) {
        request.setCurrentUri(currentUri);
    }
    String location = null;
    try {
        // First try to obtain the access token...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        // Expected and necessary, so that the correct state is set up in the request...
        location = e.getRedirectUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    verifyAuthorizationPage(context.getRestTemplate(), location);
    try {
        // Now try again and the token provider will redirect for user approval...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserApprovalRequiredException e) {
        // Expected and necessary, so that the user can approve the grant...
        location = e.getApprovalUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    // The approval (will be processed on the next attempt to obtain an access token)...
    request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
}

Example 18 with UserRedirectRequiredException

use of org.springframework.security.oauth2.client.resource.UserRedirectRequiredException in project spring-security-oauth by spring-projects.

the class AbstractAuthorizationCodeProviderTests method testUnauthenticatedAuthorizationRespondsUnauthorized.

@Test
@OAuth2ContextConfiguration(resource = MyTrustedClient.class, initialize = false)
public void testUnauthenticatedAuthorizationRespondsUnauthorized() throws Exception {
    AccessTokenRequest request = context.getAccessTokenRequest();
    request.setCurrentUri("http://anywhere");
    request.add(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
    try {
        String code = accessTokenProvider.obtainAuthorizationCode(context.getResource(), request);
        assertNotNull(code);
        fail("Expected UserRedirectRequiredException");
    } catch (HttpClientErrorException e) {
        assertEquals(HttpStatus.UNAUTHORIZED, e.getStatusCode());
    }
}