Search in sources :

Example 6 with AuthorizationCodeAccessTokenProvider

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider in project spring-security-oauth by spring-projects.

the class AbstractEmptyAuthorizationCodeProviderTests method verifyAuthorizationPage.

private void verifyAuthorizationPage(OAuth2RestTemplate restTemplate, String location) {
    final AtomicReference<String> confirmationPage = new AtomicReference<String>();
    AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider() {

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    confirmationPage.set(StreamUtils.copyToString(response.getBody(), Charset.forName("UTF-8")));
                    return new ResponseEntity<Void>(response.getHeaders(), response.getStatusCode());
                }
            };
        }
    };
    try {
        provider.obtainAuthorizationCode(restTemplate.getResource(), restTemplate.getOAuth2ClientContext().getAccessTokenRequest());
    } catch (UserApprovalRequiredException e) {
    // ignore
    }
    String page = confirmationPage.get();
    verifyAuthorizationPage(page);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) UserApprovalRequiredException(org.springframework.security.oauth2.client.resource.UserApprovalRequiredException) AtomicReference(java.util.concurrent.atomic.AtomicReference) ResponseExtractor(org.springframework.web.client.ResponseExtractor) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)

Example 7 with AuthorizationCodeAccessTokenProvider

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider in project spring-security-oauth by spring-projects.

the class AbstractEmptyAuthorizationCodeProviderTests method setupAccessTokenProvider.

@BeforeOAuth2Context
public void setupAccessTokenProvider() {
    accessTokenProvider = new AuthorizationCodeAccessTokenProvider() {

        private ResponseExtractor<OAuth2AccessToken> extractor = super.getResponseExtractor();

        private ResponseExtractor<ResponseEntity<Void>> authExtractor = super.getAuthorizationResponseExtractor();

        private ResponseErrorHandler errorHandler = super.getResponseErrorHandler();

        @Override
        protected ResponseErrorHandler getResponseErrorHandler() {
            return new DefaultResponseErrorHandler() {

                public void handleError(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    errorHandler.handleError(response);
                }
            };
        }

        @Override
        protected ResponseExtractor<OAuth2AccessToken> getResponseExtractor() {
            return new ResponseExtractor<OAuth2AccessToken>() {

                public OAuth2AccessToken extractData(ClientHttpResponse response) throws IOException {
                    try {
                        response.getHeaders();
                        response.getStatusCode();
                        tokenEndpointResponse = response;
                        return extractor.extractData(response);
                    } catch (ResourceAccessException e) {
                        return null;
                    }
                }
            };
        }

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    response.getHeaders();
                    response.getStatusCode();
                    tokenEndpointResponse = response;
                    return authExtractor.extractData(response);
                }
            };
        }
    };
    context.setAccessTokenProvider(getAccessTokenProvider());
}
Also used : DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) DefaultResponseErrorHandler(org.springframework.web.client.DefaultResponseErrorHandler) ResponseErrorHandler(org.springframework.web.client.ResponseErrorHandler) ResponseExtractor(org.springframework.web.client.ResponseExtractor) IOException(java.io.IOException) ResourceAccessException(org.springframework.web.client.ResourceAccessException) ResponseEntity(org.springframework.http.ResponseEntity) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse) BeforeOAuth2Context(org.springframework.security.oauth2.client.test.BeforeOAuth2Context)

Example 8 with AuthorizationCodeAccessTokenProvider

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider in project spring-security-oauth by spring-projects.

the class AbstractAuthorizationCodeProviderTests method verifyAuthorizationPage.

private void verifyAuthorizationPage(OAuth2RestTemplate restTemplate, String location) {
    final AtomicReference<String> confirmationPage = new AtomicReference<String>();
    AuthorizationCodeAccessTokenProvider provider = new AuthorizationCodeAccessTokenProvider() {

        @Override
        protected ResponseExtractor<ResponseEntity<Void>> getAuthorizationResponseExtractor() {
            return new ResponseExtractor<ResponseEntity<Void>>() {

                public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
                    confirmationPage.set(StreamUtils.copyToString(response.getBody(), Charset.forName("UTF-8")));
                    return new ResponseEntity<Void>(response.getHeaders(), response.getStatusCode());
                }
            };
        }
    };
    try {
        provider.obtainAuthorizationCode(restTemplate.getResource(), restTemplate.getOAuth2ClientContext().getAccessTokenRequest());
    } catch (UserApprovalRequiredException e) {
    // ignore
    }
    String page = confirmationPage.get();
    verifyAuthorizationPage(page);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) UserApprovalRequiredException(org.springframework.security.oauth2.client.resource.UserApprovalRequiredException) AtomicReference(java.util.concurrent.atomic.AtomicReference) ResponseExtractor(org.springframework.web.client.ResponseExtractor) ClientHttpResponse(org.springframework.http.client.ClientHttpResponse)

Example 9 with AuthorizationCodeAccessTokenProvider

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider in project spring-security-oauth by spring-projects.

the class ClientApplication method restTemplate.

@Bean
@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
public OAuth2RestOperations restTemplate() {
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource(), new DefaultOAuth2ClientContext(accessTokenRequest));
    AccessTokenProviderChain provider = new AccessTokenProviderChain(Arrays.asList(new AuthorizationCodeAccessTokenProvider()));
    provider.setClientTokenServices(clientTokenServices());
    return template;
}
Also used : DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) AuthorizationCodeAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider) AccessTokenProviderChain(org.springframework.security.oauth2.client.token.AccessTokenProviderChain) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) Scope(org.springframework.context.annotation.Scope) Bean(org.springframework.context.annotation.Bean)

Aggregations

AuthorizationCodeAccessTokenProvider (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider)9 ResponseEntity (org.springframework.http.ResponseEntity)5 ClientHttpResponse (org.springframework.http.client.ClientHttpResponse)5 ResponseExtractor (org.springframework.web.client.ResponseExtractor)5 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)4 IOException (java.io.IOException)3 BeforeOAuth2Context (org.springframework.security.oauth2.client.test.BeforeOAuth2Context)3 DefaultResponseErrorHandler (org.springframework.web.client.DefaultResponseErrorHandler)3 ResponseErrorHandler (org.springframework.web.client.ResponseErrorHandler)3 AtomicReference (java.util.concurrent.atomic.AtomicReference)2 UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)2 ResourceAccessException (org.springframework.web.client.ResourceAccessException)2 Test (org.junit.Test)1 AcceptJsonRequestEnhancer (org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestEnhancer)1 AcceptJsonRequestInterceptor (org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerTokenServicesConfiguration.AcceptJsonRequestInterceptor)1 Bean (org.springframework.context.annotation.Bean)1 Scope (org.springframework.context.annotation.Scope)1 DefaultOAuth2ClientContext (org.springframework.security.oauth2.client.DefaultOAuth2ClientContext)1 OAuth2RestTemplate (org.springframework.security.oauth2.client.OAuth2RestTemplate)1 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)1