Search in sources :

Example 1 with AccessTokenProvider

use of org.springframework.security.oauth2.client.token.AccessTokenProvider in project spring-boot by spring-projects.

the class DefaultUserInfoRestTemplateFactory method getUserInfoRestTemplate.

@Override
public OAuth2RestTemplate getUserInfoRestTemplate() {
    if (this.oauth2RestTemplate == null) {
        this.oauth2RestTemplate = createOAuth2RestTemplate(this.details == null ? DEFAULT_RESOURCE_DETAILS : this.details);
        this.oauth2RestTemplate.getInterceptors().add(new AcceptJsonRequestInterceptor());
        AuthorizationCodeAccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider();
        accessTokenProvider.setTokenRequestEnhancer(new AcceptJsonRequestEnhancer());
        this.oauth2RestTemplate.setAccessTokenProvider(accessTokenProvider);
        if (!CollectionUtils.isEmpty(this.customizers)) {
            AnnotationAwareOrderComparator.sort(this.customizers);
            for (UserInfoRestTemplateCustomizer customizer : this.customizers) {
                customizer.customize(this.oauth2RestTemplate);
            }
        }
    }
    return this.oauth2RestTemplate;
}
Also used : AcceptJsonRequestEnhancer(org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestEnhancer) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) AcceptJsonRequestInterceptor(org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestInterceptor)

Example 2 with AccessTokenProvider

use of org.springframework.security.oauth2.client.token.AccessTokenProvider in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method getTokenProvider.

private AccessTokenProviderChain getTokenProvider(DefaultOAuth2AccessToken accessToken, DefaultOAuth2AccessToken refreshedAccessToken) {
    AccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider();
    accessTokenProvider = spy(accessTokenProvider);
    doReturn(accessToken).when(accessTokenProvider).obtainAccessToken(any(OAuth2ProtectedResourceDetails.class), any(AccessTokenRequest.class));
    doReturn(refreshedAccessToken).when(accessTokenProvider).refreshAccessToken(any(OAuth2ProtectedResourceDetails.class), any(OAuth2RefreshToken.class), any(AccessTokenRequest.class));
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(accessTokenProvider));
    return chain;
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) BaseOAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)

Example 3 with AccessTokenProvider

use of org.springframework.security.oauth2.client.token.AccessTokenProvider in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWithTokenServicesGet.

@Test
public void testSunnyDayWithTokenServicesGet() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Collections.<AccessTokenProvider>emptyList());
    when(clientTokenServices.getAccessToken(resource, user)).thenReturn(accessToken);
    chain.setClientTokenServices(clientTokenServices);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertEquals(accessToken, token);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, user, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Test(org.junit.Test)

Example 4 with AccessTokenProvider

use of org.springframework.security.oauth2.client.token.AccessTokenProvider in project spring-security-oauth by spring-projects.

the class AbstractAuthorizationCodeProviderTests method setupAccessTokenProvider.

@BeforeOAuth2Context
public void setupAccessTokenProvider() {
    accessTokenProvider = new AuthorizationCodeAccessTokenProvider() {

        private ResponseExtractor<OAuth2AccessToken> extractor = super.getResponseExtractor();

        private ResponseExtractor<ResponseEntity<Void>> authExtractor = super.getAuthorizationResponseExtractor();

        private ResponseErrorHandler errorHandler = super.getResponseErrorHandler();

        @Override
        protected ResponseErrorHandler getResponseErrorHandler() {
            return new DefaultResponseErrorHandler() {

                public void handleError(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    errorHandler.handleError(response);
                }
            };
        }

        @Override
        protected ResponseExtractor<OAuth2AccessToken> getResponseExtractor() {
            return new ResponseExtractor<OAuth2AccessToken>() {

                public OAuth2AccessToken extractData(ClientHttpResponse response) throws IOException {
                    try {
                        response.getHeaders();
                        response.getStatusCode();
                        tokenEndpointResponse = response;
                        return extractor.extractData(response);
                    } catch (ResourceAccessException e) {
                        return null;
                    }
                }
            };
        }

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    return authExtractor.extractData(response);
                }
            };
        }
    };
    context.setAccessTokenProvider(accessTokenProvider);
}
Also used : DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) ResponseErrorHandler(org.springframework.web.client.ResponseErrorHandler) ResponseExtractor(org.springframework.web.client.ResponseExtractor) IOException(java.io.IOException) ResourceAccessException(org.springframework.web.client.ResourceAccessException) ResponseEntity(org.springframework.http.ResponseEntity) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) BeforeOAuth2Context(org.springframework.security.oauth2.client.test.BeforeOAuth2Context)

Example 5 with AccessTokenProvider

use of org.springframework.security.oauth2.client.token.AccessTokenProvider in project spring-security-oauth by spring-projects.

the class AuthorizationCodeProviderTests method setupAccessTokenProvider.

@BeforeOAuth2Context
public void setupAccessTokenProvider() {
    accessTokenProvider = new AuthorizationCodeAccessTokenProvider() {

        private ResponseExtractor<OAuth2AccessToken> extractor = super.getResponseExtractor();

        private ResponseExtractor<ResponseEntity<Void>> authExtractor = super.getAuthorizationResponseExtractor();

        private ResponseErrorHandler errorHandler = super.getResponseErrorHandler();

        @Override
        protected ResponseErrorHandler getResponseErrorHandler() {
            return new DefaultResponseErrorHandler() {

                public void handleError(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    errorHandler.handleError(response);
                }
            };
        }

        @Override
        protected ResponseExtractor<OAuth2AccessToken> getResponseExtractor() {
            return new ResponseExtractor<OAuth2AccessToken>() {

                public OAuth2AccessToken extractData(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    return extractor.extractData(response);
                }
            };
        }

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    return authExtractor.extractData(response);
                }
            };
        }
    };
    context.setAccessTokenProvider(accessTokenProvider);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) ResponseErrorHandler(org.springframework.web.client.ResponseErrorHandler) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) ResponseExtractor(org.springframework.web.client.ResponseExtractor) IOException(java.io.IOException) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) BeforeOAuth2Context(org.springframework.security.oauth2.client.test.BeforeOAuth2Context)

Aggregations

ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)9 DefaultResponseErrorHandler (org.springframework.web.client.DefaultResponseErrorHandler)8 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)7 ResponseErrorHandler (org.springframework.web.client.ResponseErrorHandler)7 BeforeOAuth2Context (org.springframework.security.oauth2.client.test.BeforeOAuth2Context)6 ResponseExtractor (org.springframework.web.client.ResponseExtractor)6 AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)5 IOException (java.io.IOException)4 ResponseEntity (org.springframework.http.ResponseEntity)3 ResourceOwnerPasswordAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider)3 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)2 ResourceAccessException (org.springframework.web.client.ResourceAccessException)2 Before (org.junit.Before)1 Test (org.junit.Test)1 AcceptJsonRequestEnhancer (org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestEnhancer)1 AcceptJsonRequestInterceptor (org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestInterceptor)1 HttpHeaders (org.springframework.http.HttpHeaders)1 HttpStatus (org.springframework.http.HttpStatus)1 ClientHttpRequest (org.springframework.http.client.ClientHttpRequest)1 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)1