Search in sources :

Example 16 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testRefreshAccessTokenReplacingNullValue.

@Test
public void testRefreshAccessTokenReplacingNullValue() throws Exception {
    DefaultOAuth2AccessToken accessToken = getExpiredToken();
    DefaultOAuth2AccessToken refreshedAccessToken = new DefaultOAuth2AccessToken("refreshed-access-token");
    AccessTokenProviderChain chain = getTokenProvider(accessToken, refreshedAccessToken);
    SecurityContextHolder.getContext().setAuthentication(user);
    // Obtain a new Access Token
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    OAuth2AccessToken newAccessToken = chain.refreshAccessToken(resource, accessToken.getRefreshToken(), request);
    // gh-712
    assertEquals(newAccessToken.getRefreshToken(), accessToken.getRefreshToken());
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 17 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class ImplicitAccessTokenProviderTests method testRedirectNotSpecified.

@Test(expected = IllegalStateException.class)
public void testRedirectNotSpecified() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    provider.obtainAccessToken(resource, request);
}
Also used : DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) Test(org.junit.Test)

Example 18 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class OAuth2ContextSetup method initializeIfNecessary.

private void initializeIfNecessary(FrameworkMethod method, final Object target) {
    final TestClass testClass = new TestClass(target.getClass());
    OAuth2ContextConfiguration contextConfiguration = findOAuthContextConfiguration(method, testClass);
    if (contextConfiguration == null) {
        // Nothing to do
        return;
    }
    this.initializeAccessToken = contextConfiguration.initialize();
    this.resource = creatResource(target, contextConfiguration);
    final List<FrameworkMethod> befores = testClass.getAnnotatedMethods(BeforeOAuth2Context.class);
    if (!befores.isEmpty()) {
        logger.debug("Running @BeforeOAuth2Context methods");
        for (FrameworkMethod before : befores) {
            RestOperations savedServerClient = clientHolder.getRestTemplate();
            OAuth2ContextConfiguration beforeConfiguration = findOAuthContextConfiguration(before, testClass);
            if (beforeConfiguration != null) {
                OAuth2ProtectedResourceDetails resource = creatResource(target, beforeConfiguration);
                AccessTokenRequest beforeRequest = new DefaultAccessTokenRequest();
                beforeRequest.setAll(parameters);
                OAuth2RestTemplate client = createRestTemplate(resource, beforeRequest);
                clientHolder.setRestTemplate(client);
            }
            AccessTokenRequest request = new DefaultAccessTokenRequest();
            request.setAll(parameters);
            this.client = createRestTemplate(this.resource, request);
            List<FrameworkMethod> list = Arrays.asList(before);
            try {
                new RunBefores(new Statement() {

                    public void evaluate() {
                    }
                }, list, target).evaluate();
            } catch (AssumptionViolatedException e) {
                throw e;
            } catch (RuntimeException e) {
                throw e;
            } catch (AssertionError e) {
                throw e;
            } catch (Throwable e) {
                logger.debug("Exception in befores", e);
                Assert.assertThat(e, CoreMatchers.not(CoreMatchers.anything()));
            } finally {
                clientHolder.setRestTemplate(savedServerClient);
            }
        }
    }
}
Also used : AssumptionViolatedException(org.junit.internal.AssumptionViolatedException) Statement(org.junit.runners.model.Statement) OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails) TestClass(org.junit.runners.model.TestClass) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest) RestOperations(org.springframework.web.client.RestOperations) RunBefores(org.junit.internal.runners.statements.RunBefores) FrameworkMethod(org.junit.runners.model.FrameworkMethod) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest)

Example 19 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChain method obtainAccessToken.

public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails resource, AccessTokenRequest request) throws UserRedirectRequiredException, AccessDeniedException {
    OAuth2AccessToken accessToken = null;
    OAuth2AccessToken existingToken = null;
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth instanceof AnonymousAuthenticationToken) {
        if (!resource.isClientOnly()) {
            throw new InsufficientAuthenticationException("Authentication is required to obtain an access token (anonymous not allowed)");
        }
    }
    if (resource.isClientOnly() || (auth != null && auth.isAuthenticated())) {
        existingToken = request.getExistingToken();
        if (existingToken == null && clientTokenServices != null) {
            existingToken = clientTokenServices.getAccessToken(resource, auth);
        }
        if (existingToken != null) {
            if (existingToken.isExpired()) {
                if (clientTokenServices != null) {
                    clientTokenServices.removeAccessToken(resource, auth);
                }
                OAuth2RefreshToken refreshToken = existingToken.getRefreshToken();
                if (refreshToken != null) {
                    accessToken = refreshAccessToken(resource, refreshToken, request);
                }
            } else {
                accessToken = existingToken;
            }
        }
    }
    if (accessToken == null) {
        // looks like we need to try to obtain a new token.
        accessToken = obtainNewAccessTokenInternal(resource, request);
        if (accessToken == null) {
            throw new IllegalStateException("An OAuth 2 access token must be obtained or an exception thrown.");
        }
    }
    if (clientTokenServices != null && (resource.isClientOnly() || auth != null && auth.isAuthenticated())) {
        clientTokenServices.saveAccessToken(resource, auth, accessToken);
    }
    return accessToken;
}
Also used : OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Authentication(org.springframework.security.core.Authentication) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) InsufficientAuthenticationException(org.springframework.security.authentication.InsufficientAuthenticationException)

Example 20 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class OAuth2RestTemplate method acquireAccessToken.

protected OAuth2AccessToken acquireAccessToken(OAuth2ClientContext oauth2Context) throws UserRedirectRequiredException {
    AccessTokenRequest accessTokenRequest = oauth2Context.getAccessTokenRequest();
    if (accessTokenRequest == null) {
        throw new AccessTokenRequiredException("No OAuth 2 security context has been established. Unable to access resource '" + this.resource.getId() + "'.", resource);
    }
    // Transfer the preserved state from the (longer lived) context to the current request.
    String stateKey = accessTokenRequest.getStateKey();
    if (stateKey != null) {
        accessTokenRequest.setPreservedState(oauth2Context.removePreservedState(stateKey));
    }
    OAuth2AccessToken existingToken = oauth2Context.getAccessToken();
    if (existingToken != null) {
        accessTokenRequest.setExistingToken(existingToken);
    }
    OAuth2AccessToken accessToken = null;
    accessToken = accessTokenProvider.obtainAccessToken(resource, accessTokenRequest);
    if (accessToken == null || accessToken.getValue() == null) {
        throw new IllegalStateException("Access token provider returned a null access token, which is illegal according to the contract.");
    }
    oauth2Context.setAccessToken(accessToken);
    return accessToken;
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AccessTokenRequiredException(org.springframework.security.oauth2.client.http.AccessTokenRequiredException) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)

Aggregations

Test (org.junit.Test)38 AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)31 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)20 DefaultAccessTokenRequest (org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest)18 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)18 UserRedirectRequiredException (org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)9 OAuth2ContextConfiguration (org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration)8 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)6 IOException (java.io.IOException)5 URI (java.net.URI)5 Date (java.util.Date)5 HttpMethod (org.springframework.http.HttpMethod)4 ClientHttpRequest (org.springframework.http.client.ClientHttpRequest)4 ClientHttpRequestFactory (org.springframework.http.client.ClientHttpRequestFactory)4 OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)4 HttpHeaders (org.springframework.http.HttpHeaders)3 ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)3 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)3 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)3 UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)3