Example 46 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class TokenStoreBaseTests method testStoreAccessToken.
@Test
public void testStoreAccessToken() {
OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken));
getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
assertNull(getTokenStore().readAccessToken("testToken"));
assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
}
Also used :
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Test(org.junit.Test)
Example 47 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JaxbOAuth2AccessTokenMessageConverter method convertToExternal.
protected OAuth2AccessToken convertToExternal(JaxbOAuth2AccessToken jaxbAccessToken) {
DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(jaxbAccessToken.getAccessToken());
String refreshToken = jaxbAccessToken.getRefreshToken();
if (refreshToken != null) {
accessToken.setRefreshToken(new DefaultOAuth2RefreshToken(refreshToken));
}
Date expiration = jaxbAccessToken.getExpiration();
if (expiration != null) {
accessToken.setExpiration(expiration);
}
return accessToken;
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
Example 48 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class ClientCredentialsTokenGranter method grant.
@Override
public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
OAuth2AccessToken token = super.grant(grantType, tokenRequest);
if (token != null) {
DefaultOAuth2AccessToken norefresh = new DefaultOAuth2AccessToken(token);
// The spec says that client credentials should not be allowed to get a refresh token
if (!allowRefresh) {
norefresh.setRefreshToken(null);
}
token = norefresh;
}
return token;
}
Also used :
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Example 49 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JwtAccessTokenConverter method enhance.
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
DefaultOAuth2AccessToken result = new DefaultOAuth2AccessToken(accessToken);
Map<String, Object> info = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
String tokenId = result.getValue();
if (!info.containsKey(TOKEN_ID)) {
info.put(TOKEN_ID, tokenId);
} else {
tokenId = (String) info.get(TOKEN_ID);
}
result.setAdditionalInformation(info);
result.setValue(encode(result, authentication));
OAuth2RefreshToken refreshToken = result.getRefreshToken();
if (refreshToken != null) {
DefaultOAuth2AccessToken encodedRefreshToken = new DefaultOAuth2AccessToken(accessToken);
encodedRefreshToken.setValue(refreshToken.getValue());
// Refresh tokens do not expire unless explicitly of the right type
encodedRefreshToken.setExpiration(null);
try {
Map<String, Object> claims = objectMapper.parseMap(JwtHelper.decode(refreshToken.getValue()).getClaims());
if (claims.containsKey(TOKEN_ID)) {
encodedRefreshToken.setValue(claims.get(TOKEN_ID).toString());
}
} catch (IllegalArgumentException e) {
}
Map<String, Object> refreshTokenInfo = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
refreshTokenInfo.put(TOKEN_ID, encodedRefreshToken.getValue());
refreshTokenInfo.put(ACCESS_TOKEN_ID, tokenId);
encodedRefreshToken.setAdditionalInformation(refreshTokenInfo);
DefaultOAuth2RefreshToken token = new DefaultOAuth2RefreshToken(encode(encodedRefreshToken, authentication));
if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
Date expiration = ((ExpiringOAuth2RefreshToken) refreshToken).getExpiration();
encodedRefreshToken.setExpiration(expiration);
token = new DefaultExpiringOAuth2RefreshToken(encode(encodedRefreshToken, authentication), expiration);
}
result.setRefreshToken(token);
}
return result;
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
LinkedHashMap(java.util.LinkedHashMap)
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
Example 50 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class DefaultTokenServices method createAccessToken.
private OAuth2AccessToken createAccessToken(OAuth2Authentication authentication, OAuth2RefreshToken refreshToken) {
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
int validitySeconds = getAccessTokenValiditySeconds(authentication.getOAuth2Request());
if (validitySeconds > 0) {
token.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
}
token.setRefreshToken(refreshToken);
token.setScope(authentication.getOAuth2Request().getScope());
return accessTokenEnhancer != null ? accessTokenEnhancer.enhance(token, authentication) : token;
}
Also used :
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
Aggregations
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)95
Test (org.junit.Test)78
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)52
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)48
Date (java.util.Date)27
TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)13
HashMap (java.util.HashMap)12
Authentication (org.springframework.security.core.Authentication)12
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)12
URI (java.net.URI)9
DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)9
AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)8
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)8
DBUnitTest (org.orcid.test.DBUnitTest)7
ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)6
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)6
Before (org.junit.Before)5
BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)5
OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)5
ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5
