Examples with AccessTokenRequest org.springframework.security.oauth2.client.token.AccessTokenRequest used on opensource projects

Example 31 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class OAuth2AccessTokenSupport method retrieveToken.

protected OAuth2AccessToken retrieveToken(AccessTokenRequest request, OAuth2ProtectedResourceDetails resource, MultiValueMap<String, String> form, HttpHeaders headers) throws OAuth2AccessDeniedException {
    try {
        // Prepare headers and form before going into rest template call in case the URI is affected by the result
        authenticationHandler.authenticateTokenRequest(resource, form, headers);
        // Opportunity to customize form and headers
        tokenRequestEnhancer.enhance(request, resource, form, headers);
        final AccessTokenRequest copy = request;
        final ResponseExtractor<OAuth2AccessToken> delegate = getResponseExtractor();
        ResponseExtractor<OAuth2AccessToken> extractor = new ResponseExtractor<OAuth2AccessToken>() {

            @Override
            public OAuth2AccessToken extractData(ClientHttpResponse response) throws IOException {
                if (response.getHeaders().containsKey("Set-Cookie")) {
                    copy.setCookie(response.getHeaders().getFirst("Set-Cookie"));
                }
                return delegate.extractData(response);
            }
        };
        return getRestTemplate().execute(getAccessTokenUri(resource, form), getHttpMethod(), getRequestCallback(resource, form, headers), extractor, form.toSingleValueMap());
    } catch (OAuth2Exception oe) {
        throw new OAuth2AccessDeniedException("Access token denied.", resource, oe);
    } catch (RestClientException rce) {
        throw new OAuth2AccessDeniedException("Error requesting access token.", resource, rce);
    }
}

Example 32 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeAccessTokenProvider method getRedirectForAuthorization.

private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {
    // we don't have an authorization code yet. So first get that.
    TreeMap<String, String> requestParameters = new TreeMap<String, String>();
    // oauth2 spec, section 3
    requestParameters.put("response_type", "code");
    requestParameters.put("client_id", resource.getClientId());
    // Client secret is not required in the initial authorization request
    String redirectUri = resource.getRedirectUri(request);
    if (redirectUri != null) {
        requestParameters.put("redirect_uri", redirectUri);
    }
    if (resource.isScoped()) {
        StringBuilder builder = new StringBuilder();
        List<String> scope = resource.getScope();
        if (scope != null) {
            Iterator<String> scopeIt = scope.iterator();
            while (scopeIt.hasNext()) {
                builder.append(scopeIt.next());
                if (scopeIt.hasNext()) {
                    builder.append(' ');
                }
            }
        }
        requestParameters.put("scope", builder.toString());
    }
    UserRedirectRequiredException redirectException = new UserRedirectRequiredException(resource.getUserAuthorizationUri(), requestParameters);
    String stateKey = stateKeyGenerator.generateKey(resource);
    redirectException.setStateKey(stateKey);
    request.setStateKey(stateKey);
    redirectException.setStateToPreserve(redirectUri);
    request.setPreservedState(redirectUri);
    return redirectException;
}

Example 33 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeAccessTokenProvider method obtainAuthorizationCode.

public String obtainAuthorizationCode(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) details;
    HttpHeaders headers = getHeadersForAuthorizationRequest(request);
    MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
    if (request.containsKey(OAuth2Utils.USER_OAUTH_APPROVAL)) {
        form.set(OAuth2Utils.USER_OAUTH_APPROVAL, request.getFirst(OAuth2Utils.USER_OAUTH_APPROVAL));
        for (String scope : details.getScope()) {
            form.set(scopePrefix + scope, request.getFirst(OAuth2Utils.USER_OAUTH_APPROVAL));
        }
    } else {
        form.putAll(getParametersForAuthorizeRequest(resource, request));
    }
    authorizationRequestEnhancer.enhance(request, resource, form, headers);
    final AccessTokenRequest copy = request;
    final ResponseExtractor<ResponseEntity<Void>> delegate = getAuthorizationResponseExtractor();
    ResponseExtractor<ResponseEntity<Void>> extractor = new ResponseExtractor<ResponseEntity<Void>>() {

        @Override
        public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
            if (response.getHeaders().containsKey("Set-Cookie")) {
                copy.setCookie(response.getHeaders().getFirst("Set-Cookie"));
            }
            return delegate.extractData(response);
        }
    };
    // Instead of using restTemplate.exchange we use an explicit response extractor here so it can be overridden by
    // subclasses
    ResponseEntity<Void> response = getRestTemplate().execute(resource.getUserAuthorizationUri(), HttpMethod.POST, getRequestCallback(resource, form, headers), extractor, form.toSingleValueMap());
    if (response.getStatusCode() == HttpStatus.OK) {
        // Need to re-submit with approval...
        throw getUserApprovalSignal(resource, request);
    }
    URI location = response.getHeaders().getLocation();
    String query = location.getQuery();
    Map<String, String> map = OAuth2Utils.extractMap(query);
    if (map.containsKey("state")) {
        request.setStateKey(map.get("state"));
        if (request.getPreservedState() == null) {
            String redirectUri = resource.getRedirectUri(request);
            if (redirectUri != null) {
                request.setPreservedState(redirectUri);
            } else {
                request.setPreservedState(new Object());
            }
        }
    }
    String code = map.get("code");
    if (code == null) {
        throw new UserRedirectRequiredException(location.toString(), form.toSingleValueMap());
    }
    request.set("code", code);
    return code;
}

Example 34 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeAccessTokenProviderTests method testGetAccessTokenFailsWithNoState.

@Test
public void testGetAccessTokenFailsWithNoState() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    request.setAuthorizationCode("foo");
    resource.setAccessTokenUri("http://localhost/oauth/token");
    expected.expect(InvalidRequestException.class);
    assertEquals("FOO", provider.obtainAccessToken(resource, request).getValue());
}

Example 35 with AccessTokenRequest

use of org.springframework.security.oauth2.client.token.AccessTokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeAccessTokenProviderTests method testRedirectNotSpecified.

// A missing redirect just means the server has to deal with it
@Test(expected = UserRedirectRequiredException.class)
public void testRedirectNotSpecified() throws Exception {
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    resource.setUserAuthorizationUri("http://localhost/oauth/authorize");
    provider.obtainAccessToken(resource, request);
}