Example 61 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project ORCID-Source by ORCID.
the class OrcidTokenStoreServiceImpl method getOauth2AccessTokenFromDetails.
private OAuth2AccessToken getOauth2AccessTokenFromDetails(OrcidOauth2TokenDetail detail) {
DefaultOAuth2AccessToken token = null;
if (detail != null && StringUtils.isNotBlank(detail.getTokenValue())) {
token = new DefaultOAuth2AccessToken(detail.getTokenValue());
token.setExpiration(detail.getTokenExpiration());
token.setScope(OAuth2Utils.parseParameterList(detail.getScope()));
token.setTokenType(detail.getTokenType());
String refreshToken = detail.getRefreshTokenValue();
OAuth2RefreshToken rt;
if (StringUtils.isNotBlank(refreshToken)) {
if (detail.getRefreshTokenExpiration() != null) {
rt = new DefaultExpiringOAuth2RefreshToken(detail.getRefreshTokenValue(), detail.getRefreshTokenExpiration());
} else {
rt = new DefaultOAuth2RefreshToken(detail.getRefreshTokenValue());
}
token.setRefreshToken(rt);
}
ProfileEntity profile = detail.getProfile();
if (profile != null) {
Map<String, Object> additionalInfo = new HashMap<String, Object>();
additionalInfo.put(OrcidOauth2Constants.ORCID, profile.getId());
additionalInfo.put(OrcidOauth2Constants.PERSISTENT, detail.isPersistent());
additionalInfo.put(OrcidOauth2Constants.DATE_CREATED, detail.getDateCreated());
additionalInfo.put(OrcidOauth2Constants.TOKEN_VERSION, detail.getVersion());
token.setAdditionalInformation(additionalInfo);
}
String clientId = detail.getClientDetailsId();
if (!PojoUtil.isEmpty(clientId)) {
Map<String, Object> additionalInfo = new HashMap<String, Object>();
Map<String, Object> additionalInfoInToken = token.getAdditionalInformation();
if (additionalInfoInToken != null && !additionalInfoInToken.isEmpty()) {
additionalInfo.putAll(additionalInfoInToken);
}
// Copy to a new one to avoid unmodifiable
additionalInfo.put(OrcidOauth2Constants.CLIENT_ID, clientId);
token.setAdditionalInformation(additionalInfo);
}
}
return token;
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
HashMap(java.util.HashMap)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Example 62 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project ORCID-Source by ORCID.
the class OrcidTokenEnhancer method enhance.
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
if (!(accessToken instanceof DefaultOAuth2AccessToken))
throw new UnsupportedOperationException("At this time we can handle only tokens of type DefaultOauth2AccessToken");
DefaultOAuth2AccessToken result = (DefaultOAuth2AccessToken) accessToken;
OrcidOauth2AuthInfo authInfo = new OrcidOauth2AuthInfo(authentication);
String userOrcid = authInfo.getUserOrcid();
Map<String, Object> additionalInfo = new HashMap<String, Object>();
if (result.getAdditionalInformation() != null && !result.getAdditionalInformation().isEmpty()) {
additionalInfo.putAll(result.getAdditionalInformation());
}
// it
if (!additionalInfo.containsKey("orcid")) {
additionalInfo.put("orcid", userOrcid);
}
// it
if (!additionalInfo.containsKey("name")) {
if (userOrcid != null) {
String name = profileEntityManager.retrivePublicDisplayName(userOrcid);
additionalInfo.put("name", name);
}
}
// Overwrite token version
additionalInfo.put(OrcidOauth2Constants.TOKEN_VERSION, OrcidOauth2Constants.PERSISTENT_TOKEN);
// Overwrite persistent flag
if (isPersistentTokenEnabled(authentication.getOAuth2Request())) {
additionalInfo.put(OrcidOauth2Constants.PERSISTENT, true);
} else {
additionalInfo.put(OrcidOauth2Constants.PERSISTENT, false);
}
// Put the updated additional info object in the result
result.setAdditionalInformation(additionalInfo);
return result;
}
Also used :
HashMap(java.util.HashMap)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Example 63 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class DefaultAccessTokenConverter method extractAccessToken.
public OAuth2AccessToken extractAccessToken(String value, Map<String, ?> map) {
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(value);
Map<String, Object> info = new HashMap<String, Object>(map);
info.remove(EXP);
info.remove(AUD);
info.remove(CLIENT_ID);
info.remove(SCOPE);
if (map.containsKey(EXP)) {
token.setExpiration(new Date((Long) map.get(EXP) * 1000L));
}
if (map.containsKey(JTI)) {
info.put(JTI, map.get(JTI));
}
token.setScope(extractScope(map));
token.setAdditionalInformation(info);
return token;
}
Also used :
HashMap(java.util.HashMap)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
Example 64 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class OAuth2RestTemplateTests method testCustomAuthenticator.
@Test
public void testCustomAuthenticator() throws Exception {
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("12345");
token.setTokenType("MINE");
restTemplate.setAuthenticator(new OAuth2RequestAuthenticator() {
@Override
public void authenticate(OAuth2ProtectedResourceDetails resource, OAuth2ClientContext clientContext, ClientHttpRequest req) {
req.getHeaders().set("X-Authorization", clientContext.getAccessToken().getTokenType() + " " + "Nah-nah-na-nah-nah");
}
});
restTemplate.getOAuth2ClientContext().setAccessToken(token);
ClientHttpRequest http = restTemplate.createRequest(URI.create("https://nowhere.com/api/crap"), HttpMethod.GET);
String auth = http.getHeaders().getFirst("X-Authorization");
assertEquals("MINE Nah-nah-na-nah-nah", auth);
}
Also used :
BaseOAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)
OAuth2ProtectedResourceDetails(org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)
ClientHttpRequest(org.springframework.http.client.ClientHttpRequest)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Test(org.junit.Test)
Example 65 with DefaultOAuth2AccessToken
use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.
the class OAuth2RestTemplateTests method testRetryAccessDeniedException.
@Test
public void testRetryAccessDeniedException() throws Exception {
final AtomicBoolean failed = new AtomicBoolean(false);
restTemplate.getOAuth2ClientContext().setAccessToken(new DefaultOAuth2AccessToken("TEST"));
restTemplate.setAccessTokenProvider(new StubAccessTokenProvider());
restTemplate.setRequestFactory(new ClientHttpRequestFactory() {
public ClientHttpRequest createRequest(URI uri, HttpMethod httpMethod) throws IOException {
if (!failed.get()) {
failed.set(true);
throw new AccessTokenRequiredException(resource);
}
return request;
}
});
Boolean result = restTemplate.doExecute(new URI("http://foo"), HttpMethod.GET, new NullRequestCallback(), new SimpleResponseExtractor());
assertTrue(result);
}
Also used :
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
ClientHttpRequestFactory(org.springframework.http.client.ClientHttpRequestFactory)
AccessTokenRequiredException(org.springframework.security.oauth2.client.http.AccessTokenRequiredException)
IOException(java.io.IOException)
ClientHttpRequest(org.springframework.http.client.ClientHttpRequest)
AtomicBoolean(java.util.concurrent.atomic.AtomicBoolean)
URI(java.net.URI)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
HttpMethod(org.springframework.http.HttpMethod)
Test(org.junit.Test)
Aggregations
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)95
Test (org.junit.Test)78
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)52
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)48
Date (java.util.Date)27
TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)13
HashMap (java.util.HashMap)12
Authentication (org.springframework.security.core.Authentication)12
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)12
URI (java.net.URI)9
DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)9
AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)8
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)8
DBUnitTest (org.orcid.test.DBUnitTest)7
ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)6
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)6
Before (org.junit.Before)5
BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)5
OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)5
ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5
