Examples with AccessTokenRequest org.springframework.security.oauth2.client.token.AccessTokenRequest used on opensource projects

Example 21 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeProviderTests method testUnauthenticatedAuthorizationRequestRedirectsToLogin.

@Test
@OAuth2ContextConfiguration(resource = MyLessTrustedClient.class, initialize = false)
public void testUnauthenticatedAuthorizationRequestRedirectsToLogin() throws Exception {
    AccessTokenRequest request = context.getAccessTokenRequest();
    request.setCurrentUri("http://anywhere");
    request.add(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
    String location = null;
    try {
        String code = accessTokenProvider.obtainAuthorizationCode(context.getResource(), request);
        assertNotNull(code);
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        location = e.getRedirectUri();
    }
    assertNotNull(location);
    assertEquals(serverRunning.getUrl("/sparklr2/login.jsp"), location);
}

Example 22 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class RefreshTokenGrantTests method testConnectDirectlyToResourceServer.

@Test
public void testConnectDirectlyToResourceServer() throws Exception {
    assertNotNull(existingToken.getRefreshToken());
    // It won't be expired on the server, but we can force the client to refresh it
    assertTrue(existingToken.isExpired());
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setExistingToken(existingToken);
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(request));
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/user/message"), String.class);
    assertEquals("Hello, Trusted User marissa", result);
    assertFalse("Tokens match so there was no refresh", existingToken.equals(template.getAccessToken()));
}

Example 23 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeProviderTests method testSuccessfulAuthorizationCodeFlow.

@Test
@OAuth2ContextConfiguration(resource = MyLessTrustedClient.class, initialize = false)
public void testSuccessfulAuthorizationCodeFlow() throws Exception {
    // Once the request is ready and approved, we can continue with the access token
    approveAccessTokenGrant("http://anywhere", true);
    // Finally everything is in place for the grant to happen...
    assertNotNull(context.getAccessToken());
    AccessTokenRequest request = context.getAccessTokenRequest();
    assertNotNull(request.getAuthorizationCode());
    assertEquals(HttpStatus.OK, serverRunning.getStatusCode("/sparklr2/photos?format=json"));
}

Example 24 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeProviderTests method approveAccessTokenGrant.

private void approveAccessTokenGrant(String currentUri, boolean approved) {
    AccessTokenRequest request = context.getAccessTokenRequest();
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) context.getResource();
    request.setCookie(cookie);
    if (currentUri != null) {
        request.setCurrentUri(currentUri);
    }
    String location = null;
    try {
        // First try to obtain the access token...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        // Expected and necessary, so that the correct state is set up in the request...
        location = e.getRedirectUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    try {
        // Now try again and the token provider will redirect for user approval...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserApprovalRequiredException e) {
        // Expected and necessary, so that the user can approve the grant...
        location = e.getApprovalUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    // The approval (will be processed on the next attempt to obtain an access token)...
    request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
}

Example 25 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AbstractAuthorizationCodeProviderTests method testSuccessfulFlowWithRegisteredRedirect.

@Test
@OAuth2ContextConfiguration(resource = MyClientWithRegisteredRedirect.class, initialize = false)
public void testSuccessfulFlowWithRegisteredRedirect() throws Exception {
    // Once the request is ready and approved, we can continue with the access token
    approveAccessTokenGrant(null, true);
    // Finally everything is in place for the grant to happen...
    assertNotNull(context.getAccessToken());
    AccessTokenRequest request = context.getAccessTokenRequest();
    assertNotNull(request.getAuthorizationCode());
    assertEquals(HttpStatus.OK, http.getStatusCode("/admin/beans"));
}