Search in sources :

Example 1 with AccessTokenProviderChain

use of org.springframework.security.oauth2.client.token.AccessTokenProviderChain in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method getTokenProvider.

private AccessTokenProviderChain getTokenProvider(DefaultOAuth2AccessToken accessToken, DefaultOAuth2AccessToken refreshedAccessToken) {
    AccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider();
    accessTokenProvider = spy(accessTokenProvider);
    doReturn(accessToken).when(accessTokenProvider).obtainAccessToken(any(OAuth2ProtectedResourceDetails.class), any(AccessTokenRequest.class));
    doReturn(refreshedAccessToken).when(accessTokenProvider).refreshAccessToken(any(OAuth2ProtectedResourceDetails.class), any(OAuth2RefreshToken.class), any(AccessTokenRequest.class));
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(accessTokenProvider));
    return chain;
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) BaseOAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)

Example 2 with AccessTokenProviderChain

use of org.springframework.security.oauth2.client.token.AccessTokenProviderChain in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayClientCredentialsWithTokenServicesSave.

@Test
public void testSunnyDayClientCredentialsWithTokenServicesSave() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    chain.setClientTokenServices(clientTokenServices);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    resource = new ClientCredentialsResourceDetails();
    resource.setId("resource");
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, null, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) ClientCredentialsResourceDetails(org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails) Test(org.junit.Test)

Example 3 with AccessTokenProviderChain

use of org.springframework.security.oauth2.client.token.AccessTokenProviderChain in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testAnonymousUser.

@Test(expected = InsufficientAuthenticationException.class)
public void testAnonymousUser() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("foo", "bar", user.getAuthorities()));
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) Test(org.junit.Test)

Example 4 with AccessTokenProviderChain

use of org.springframework.security.oauth2.client.token.AccessTokenProviderChain in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWithExpiredTokenAndTokenServices.

@Test
public void testSunnyDayWithExpiredTokenAndTokenServices() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    chain.setClientTokenServices(clientTokenServices);
    accessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    when(clientTokenServices.getAccessToken(resource, user)).thenReturn(accessToken);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
    Mockito.verify(clientTokenServices).removeAccessToken(resource, user);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, user, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 5 with AccessTokenProviderChain

use of org.springframework.security.oauth2.client.token.AccessTokenProviderChain in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testSunnyDayWithTokenServicesSave.

@Test
public void testSunnyDayWithTokenServicesSave() throws Exception {
    AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
    chain.setClientTokenServices(clientTokenServices);
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    SecurityContextHolder.getContext().setAuthentication(user);
    OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
    assertNotNull(token);
    Mockito.verify(clientTokenServices).saveAccessToken(resource, user, token);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)14 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)14 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)14 Date (java.util.Date)4 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)4 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)3 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)2 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)2 AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)2 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)2 Calendar (java.util.Calendar)1 Bean (org.springframework.context.annotation.Bean)1 Scope (org.springframework.context.annotation.Scope)1 AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)1 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)1 OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)1 UserRedirectRequiredException (org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)1 AccessTokenProviderChain (org.springframework.security.oauth2.client.token.AccessTokenProviderChain)1 ClientCredentialsResourceDetails (org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails)1 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)1