Examples with DefaultOAuth2AccessToken org.springframework.security.oauth2.common.DefaultOAuth2AccessToken used on opensource projects

Example 81 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesTests method testAccidentalNullAuthentication.

@Test(expected = InvalidTokenException.class)
public void testAccidentalNullAuthentication() {
    Mockito.when(tokenStore.readAccessToken(Mockito.anyString())).thenReturn(new DefaultOAuth2AccessToken("FOO"));
    // A bug in the TokenStore or a race condition could lead to the authentication
    // being null even if the token is not:
    Mockito.when(tokenStore.readAuthentication(Mockito.any(OAuth2AccessToken.class))).thenReturn(null);
    services.loadAuthentication("FOO");
}

Example 82 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AuthorizationEndpointTests method testImplicitWithQueryParam.

@Test
public void testImplicitWithQueryParam() throws Exception {
    endpoint.setTokenGranter(new TokenGranter() {

        public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
            DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
            return token;
        }
    });
    endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {

        public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return true;
        }
    });
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com?foo=bar", "mystate", "myscope", Collections.singleton("token"));
    ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
    String url = ((RedirectView) result.getView()).getUrl();
    assertTrue("Wrong url: " + result, url.contains("foo=bar"));
}

Example 83 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class InMemoryTokenStoreTests method testTokenCountConsistentWithExpiryQueue.

@Test
public void testTokenCountConsistentWithExpiryQueue() throws Exception {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test", false));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setExpiration(new Date(System.currentTimeMillis() + 10000));
    for (int i = 0; i <= 10; i++) {
        getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
        assertEquals(getTokenStore().getAccessTokenCount(), getTokenStore().getExpiryTokenCount());
    }
}

Example 84 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtAccessTokenConverterTests method rsaKeyCreatesValidRsaSignedTokens.

@Test
public void rsaKeyCreatesValidRsaSignedTokens() throws Exception {
    String rsaKey = "-----BEGIN RSA PRIVATE KEY-----  \n" + "MIIBywIBAAJhAOTeb4AZ+NwOtPh+ynIgGqa6UWNVe6JyJi+loPmPZdpHtzoqubnC \n" + "wEs6JSiSZ3rButEAw8ymgLV6iBY02hdjsl3h5Z0NWaxx8dzMZfXe4EpfB04ISoqq\n" + "hZCxchvuSDP4eQIDAQABAmEAqUuYsuuDWFRQrZgsbGsvC7G6zn3HLIy/jnM4NiJK\n" + "t0JhWNeN9skGsR7bqb1Sak2uWqW8ZqnqgAC32gxFRYHTavJEk6LTaHWovwDEhPqc\n" + "Zs+vXd6tZojJQ35chR/slUEBAjEA/sAd1oFLWb6PHkaz7r2NllwUBTvXL4VcMWTS\n" + "pN+5cU41i9fsZcHw6yZEl+ZCicDxAjEA5f3R+Bj42htNI7eylebew1+sUnFv1xT8\n" + "jlzxSzwVkoZo+vef7OD6OcFLeInAHzAJAjEAs6izolK+3ETa1CRSwz0lPHQlnmdM\n" + "Y/QuR5tuPt6U/saEVuJpkn4LNRtg5qt6I4JRAjAgFRYTG7irBB/wmZFp47izXEc3\n" + "gOdvA1hvq3tlWU5REDrYt24xpviA0fvrJpwMPbECMAKDKdiDi6Q4/iBkkzNMefA8\n" + "7HX27b9LR33don/1u/yvzMUo+lrRdKAFJ+9GPE9XFA== \n" + "-----END RSA PRIVATE KEY----- ";
    tokenEnhancer.setSigningKey(rsaKey);
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", null), userAuthentication);
    OAuth2AccessToken token = tokenEnhancer.enhance(new DefaultOAuth2AccessToken("FOO"), authentication);
    JwtHelper.decodeAndVerify(token.getValue(), new RsaVerifier(rsaKey));
}

Example 85 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtAccessTokenConverterTests method testRefreshTokenAdded.

@Test
public void testRefreshTokenAdded() throws Exception {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")), userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    original.setRefreshToken(new DefaultOAuth2RefreshToken("BAR"));
    original.setExpiration(new Date());
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertNotNull(token.getRefreshToken());
    JsonParser parser = JsonParserFactory.create();
    Map<String, Object> claims = parser.parseMap(JwtHelper.decode(token.getRefreshToken().getValue()).getClaims());
    assertEquals(Arrays.asList("read"), claims.get(AccessTokenConverter.SCOPE));
    assertEquals("FOO", claims.get(AccessTokenConverter.ATI));
    assertEquals("BAR", claims.get(AccessTokenConverter.JTI));
    assertNull(claims.get(AccessTokenConverter.EXP));
    tokenEnhancer.afterPropertiesSet();
    assertTrue(tokenEnhancer.isRefreshToken(tokenEnhancer.extractAccessToken(token.getRefreshToken().getValue(), tokenEnhancer.decode(token.getRefreshToken().getValue()))));
}