Examples with AuthorizationCodeResourceDetails org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails used on opensource projects

Example 11 with AuthorizationCodeResourceDetails

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails in project spring-security-oauth by spring-projects.

the class AuthorizationCodeAccessTokenProvider method getRedirectForAuthorization.

private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {
    // we don't have an authorization code yet. So first get that.
    TreeMap<String, String> requestParameters = new TreeMap<String, String>();
    // oauth2 spec, section 3
    requestParameters.put("response_type", "code");
    requestParameters.put("client_id", resource.getClientId());
    // Client secret is not required in the initial authorization request
    String redirectUri = resource.getRedirectUri(request);
    if (redirectUri != null) {
        requestParameters.put("redirect_uri", redirectUri);
    }
    if (resource.isScoped()) {
        StringBuilder builder = new StringBuilder();
        List<String> scope = resource.getScope();
        if (scope != null) {
            Iterator<String> scopeIt = scope.iterator();
            while (scopeIt.hasNext()) {
                builder.append(scopeIt.next());
                if (scopeIt.hasNext()) {
                    builder.append(' ');
                }
            }
        }
        requestParameters.put("scope", builder.toString());
    }
    UserRedirectRequiredException redirectException = new UserRedirectRequiredException(resource.getUserAuthorizationUri(), requestParameters);
    String stateKey = stateKeyGenerator.generateKey(resource);
    redirectException.setStateKey(stateKey);
    request.setStateKey(stateKey);
    redirectException.setStateToPreserve(redirectUri);
    request.setPreservedState(redirectUri);
    return redirectException;
}

Example 12 with AuthorizationCodeResourceDetails

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails in project spring-security-oauth by spring-projects.

the class AuthorizationCodeAccessTokenProvider method obtainAuthorizationCode.

public String obtainAuthorizationCode(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) details;
    HttpHeaders headers = getHeadersForAuthorizationRequest(request);
    MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
    if (request.containsKey(OAuth2Utils.USER_OAUTH_APPROVAL)) {
        form.set(OAuth2Utils.USER_OAUTH_APPROVAL, request.getFirst(OAuth2Utils.USER_OAUTH_APPROVAL));
        for (String scope : details.getScope()) {
            form.set(scopePrefix + scope, request.getFirst(OAuth2Utils.USER_OAUTH_APPROVAL));
        }
    } else {
        form.putAll(getParametersForAuthorizeRequest(resource, request));
    }
    authorizationRequestEnhancer.enhance(request, resource, form, headers);
    final AccessTokenRequest copy = request;
    final ResponseExtractor<ResponseEntity<Void>> delegate = getAuthorizationResponseExtractor();
    ResponseExtractor<ResponseEntity<Void>> extractor = new ResponseExtractor<ResponseEntity<Void>>() {

        @Override
        public ResponseEntity<Void> extractData(ClientHttpResponse response) throws IOException {
            if (response.getHeaders().containsKey("Set-Cookie")) {
                copy.setCookie(response.getHeaders().getFirst("Set-Cookie"));
            }
            return delegate.extractData(response);
        }
    };
    // Instead of using restTemplate.exchange we use an explicit response extractor here so it can be overridden by
    // subclasses
    ResponseEntity<Void> response = getRestTemplate().execute(resource.getUserAuthorizationUri(), HttpMethod.POST, getRequestCallback(resource, form, headers), extractor, form.toSingleValueMap());
    if (response.getStatusCode() == HttpStatus.OK) {
        // Need to re-submit with approval...
        throw getUserApprovalSignal(resource, request);
    }
    URI location = response.getHeaders().getLocation();
    String query = location.getQuery();
    Map<String, String> map = OAuth2Utils.extractMap(query);
    if (map.containsKey("state")) {
        request.setStateKey(map.get("state"));
        if (request.getPreservedState() == null) {
            String redirectUri = resource.getRedirectUri(request);
            if (redirectUri != null) {
                request.setPreservedState(redirectUri);
            } else {
                request.setPreservedState(new Object());
            }
        }
    }
    String code = map.get("code");
    if (code == null) {
        throw new UserRedirectRequiredException(location.toString(), form.toSingleValueMap());
    }
    request.set("code", code);
    return code;
}

Example 13 with AuthorizationCodeResourceDetails

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails in project spring-security-oauth by spring-projects.

the class JdbcClientTokenServicesTests method testSaveAndRetrieveToken.

@Test
public void testSaveAndRetrieveToken() throws Exception {
    OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
    Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    resource.setClientId("client");
    resource.setScope(Arrays.asList("foo", "bar"));
    tokenStore.saveAccessToken(resource, authentication, accessToken);
    OAuth2AccessToken result = tokenStore.getAccessToken(resource, authentication);
    assertEquals(accessToken, result);
}

Example 14 with AuthorizationCodeResourceDetails

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails in project spring-security-oauth by spring-projects.

the class JdbcClientTokenServicesTests method testSaveAndRetrieveTokenForClientCredentials.

@Test
public void testSaveAndRetrieveTokenForClientCredentials() throws Exception {
    OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    resource.setClientId("client");
    resource.setScope(Arrays.asList("foo", "bar"));
    tokenStore.saveAccessToken(resource, null, accessToken);
    OAuth2AccessToken result = tokenStore.getAccessToken(resource, null);
    assertEquals(accessToken, result);
}

Example 15 with AuthorizationCodeResourceDetails

use of org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChainTests method testRefreshAccessTokenKeepingOldValue.

@Test
public void testRefreshAccessTokenKeepingOldValue() throws Exception {
    DefaultOAuth2AccessToken accessToken = getExpiredToken();
    DefaultOAuth2AccessToken refreshedAccessToken = new DefaultOAuth2AccessToken("refreshed-access-token");
    refreshedAccessToken.setRefreshToken(new DefaultOAuth2RefreshToken("other-refresh-token"));
    AccessTokenProviderChain chain = getTokenProvider(accessToken, refreshedAccessToken);
    SecurityContextHolder.getContext().setAuthentication(user);
    // Obtain a new Access Token
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    AccessTokenRequest request = new DefaultAccessTokenRequest();
    OAuth2AccessToken newAccessToken = chain.refreshAccessToken(resource, accessToken.getRefreshToken(), request);
    // gh-816
    assertEquals(newAccessToken.getRefreshToken(), refreshedAccessToken.getRefreshToken());
}