Examples with DefaultOAuth2AccessToken org.springframework.security.oauth2.common.DefaultOAuth2AccessToken used on opensource projects

Example 21 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AuthorizationEndpointTests method testImplicitWithAdditionalInfo.

@Test
public void testImplicitWithAdditionalInfo() throws Exception {
    endpoint.setTokenGranter(new TokenGranter() {

        public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
            DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
            token.setAdditionalInformation(Collections.<String, Object>singletonMap("foo", "bar"));
            return token;
        }
    });
    endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {

        public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return true;
        }
    });
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", "myscope", Collections.singleton("token"));
    ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
    String url = ((RedirectView) result.getView()).getUrl();
    assertTrue("Wrong url: " + result, url.contains("foo=bar"));
}

Example 22 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AdminController method enhance.

private Collection<OAuth2AccessToken> enhance(Collection<OAuth2AccessToken> tokens) {
    Collection<OAuth2AccessToken> result = new ArrayList<OAuth2AccessToken>();
    for (OAuth2AccessToken prototype : tokens) {
        DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(prototype);
        OAuth2Authentication authentication = tokenStore.readAuthentication(token);
        if (authentication == null) {
            continue;
        }
        String clientId = authentication.getOAuth2Request().getClientId();
        if (clientId != null) {
            Map<String, Object> map = new HashMap<String, Object>(token.getAdditionalInformation());
            map.put("client_id", clientId);
            token.setAdditionalInformation(map);
            result.add(token);
        }
    }
    return result;
}

Example 23 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class RefreshTokenGrantTests method setup.

@Before
public void setup() {
    resource = new ResourceOwnerPasswordResourceDetails();
    resource.setAccessTokenUri(serverRunning.getUrl("/sparklr2/oauth/token"));
    resource.setClientId("my-trusted-client");
    resource.setId("sparklr");
    resource.setScope(Arrays.asList("trust"));
    resource.setUsername("marissa");
    resource.setPassword("koala");
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource);
    existingToken = template.getAccessToken();
    ((DefaultOAuth2AccessToken) existingToken).setExpiration(new Date(0L));
    SecurityContextImpl securityContext = new SecurityContextImpl();
    securityContext.setAuthentication(new TestingAuthenticationToken("marissa", "koala", "ROLE_USER"));
    SecurityContextHolder.setContext(securityContext);
}

Example 24 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testDifferentRefreshTokenMaintainsState.

@Test
public void testDifferentRefreshTokenMaintainsState() throws Exception {
    // create access token
    getTokenServices().setAccessTokenValiditySeconds(1);
    getTokenServices().setClientDetailsService(new ClientDetailsService() {

        public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
            BaseClientDetails client = new BaseClientDetails();
            client.setAccessTokenValiditySeconds(1);
            client.setAuthorizedGrantTypes(Arrays.asList("authorization_code", "refresh_token"));
            return client;
        }
    });
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    OAuth2RefreshToken expectedExpiringRefreshToken = firstAccessToken.getRefreshToken();
    // Make it expire (and rely on mutable state in volatile token store)
    firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    // create another access token
    OAuth2AccessToken secondAccessToken = getTokenServices().createAccessToken(expectedAuthentication);
    assertFalse("The new access token should be different", firstAccessToken.getValue().equals(secondAccessToken.getValue()));
    assertEquals("The new access token should have the same refresh token", expectedExpiringRefreshToken.getValue(), secondAccessToken.getRefreshToken().getValue());
    // refresh access token with refresh token
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
    getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertEquals(1, getAccessTokenCount());
}

Example 25 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testExpiredRefreshTokenIsRenewedWithNewAccessToken.

@Test
public void testExpiredRefreshTokenIsRenewedWithNewAccessToken() throws Exception {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    assertNotNull(firstAccessToken.getRefreshToken());
    // Make it expire (and rely on mutable state in volatile token store)
    ReflectionTestUtils.setField(firstAccessToken.getRefreshToken(), "expiration", new Date(System.currentTimeMillis() - 1000));
    firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    DefaultOAuth2AccessToken secondAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    ExpiringOAuth2RefreshToken refreshToken = (ExpiringOAuth2RefreshToken) secondAccessToken.getRefreshToken();
    assertNotNull(refreshToken);
    assertTrue(refreshToken.getExpiration().getTime() > System.currentTimeMillis());
}