Examples with DefaultOAuth2AccessToken org.springframework.security.oauth2.common.DefaultOAuth2AccessToken used on opensource projects

Search in sources :

Example 86 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtAccessTokenConverterTests method testRefreshTokenAccessTokenIdWhenDoubleEnhanced.

@Test
public void testRefreshTokenAccessTokenIdWhenDoubleEnhanced() throws Exception {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")), userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    original.setRefreshToken(new DefaultOAuth2RefreshToken("BAR"));
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    token = tokenEnhancer.enhance(token, authentication);
    assertNotNull(token.getValue());
    assertNotNull(token.getRefreshToken());
    JsonParser parser = JsonParserFactory.create();
    Map<String, Object> claims = parser.parseMap(JwtHelper.decode(token.getRefreshToken().getValue()).getClaims());
    assertEquals(Arrays.asList("read"), claims.get(AccessTokenConverter.SCOPE));
    assertEquals("FOO", claims.get(AccessTokenConverter.ATI));
    assertEquals("Wrong claims: " + claims, "BAR", claims.get(AccessTokenConverter.JTI));
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) JsonParser(org.springframework.security.oauth2.common.util.JsonParser) Test(org.junit.Test)

Example 87 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method testAccessTokenIsNotARefreshToken.

@Test
public void testAccessTokenIsNotARefreshToken() throws Exception {
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setExpiration(new Date());
    DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) enhancer.enhance(original, expectedAuthentication);
    expected.expect(InvalidTokenException.class);
    assertNull(tokenStore.readRefreshToken(token.getValue()));
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 88 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testExpiredRefreshToken.

@Test
public void testExpiredRefreshToken() throws Exception {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    assertNotNull(firstAccessToken.getRefreshToken());
    // Make it expire (and rely on mutable state in volatile token store)
    ReflectionTestUtils.setField(firstAccessToken.getRefreshToken(), "expiration", new Date(System.currentTimeMillis() - 1000));
    firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    expected.expect(InvalidTokenException.class);
    expected.expectMessage("refresh token (expired)");
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    getTokenServices().refreshAccessToken(firstAccessToken.getRefreshToken().getValue(), tokenRequest);
}
Also used : OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 89 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testNoRefreshTokenIfNotAuthorized.

@Test
public void testNoRefreshTokenIfNotAuthorized() throws Exception {
    // create access token
    getTokenServices().setAccessTokenValiditySeconds(1);
    getTokenServices().setClientDetailsService(new ClientDetailsService() {

        public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
            BaseClientDetails client = new BaseClientDetails();
            client.setAccessTokenValiditySeconds(1);
            client.setAuthorizedGrantTypes(Arrays.asList("authorization_code"));
            return client;
        }
    });
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    assertNull(token.getRefreshToken());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) ClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService) OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 90 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class TokenStoreBaseTests method testRefreshTokenIsNotStoredDuringAccessToken.

@Test
public void testRefreshTokenIsNotStoredDuringAccessToken() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setRefreshToken(new DefaultOAuth2RefreshToken("refreshToken"));
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().readAccessToken("testToken");
    assertNotNull(actualOAuth2AccessToken.getRefreshToken());
    assertNull(getTokenStore().readRefreshToken("refreshToken"));
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Aggregations

DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)95 Test (org.junit.Test)78 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)52 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)48 Date (java.util.Date)27 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)13 HashMap (java.util.HashMap)12 Authentication (org.springframework.security.core.Authentication)12 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)12 URI (java.net.URI)9 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)9 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)8 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)8 DBUnitTest (org.orcid.test.DBUnitTest)7 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)6 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)6 Before (org.junit.Before)5 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)5 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)5 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial