Search in sources :

Example 36 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtAccessTokenConverterTests method testScopePreserved.

@Test
public void testScopePreserved() {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")), userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertEquals(Collections.singleton("read"), token.getScope());
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 37 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtAccessTokenConverterTests method testExpiringRefreshTokenAdded.

@Test
public void testExpiringRefreshTokenAdded() throws Exception {
    OAuth2Authentication authentication = new OAuth2Authentication(createOAuth2Request("foo", Collections.singleton("read")), userAuthentication);
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setScope(authentication.getOAuth2Request().getScope());
    original.setRefreshToken(new DefaultExpiringOAuth2RefreshToken("BAR", new Date(0)));
    original.setExpiration(new Date());
    OAuth2AccessToken token = tokenEnhancer.enhance(original, authentication);
    assertNotNull(token.getValue());
    assertNotNull(token.getRefreshToken());
    JsonParser parser = JsonParserFactory.create();
    Map<String, Object> claims = parser.parseMap(JwtHelper.decode(token.getRefreshToken().getValue()).getClaims());
    assertEquals(Arrays.asList("read"), claims.get(AccessTokenConverter.SCOPE));
    assertEquals("FOO", claims.get(AccessTokenConverter.ATI));
    assertEquals("BAR", claims.get(AccessTokenConverter.JTI));
    assertEquals(0, claims.get(AccessTokenConverter.EXP));
    tokenEnhancer.afterPropertiesSet();
    assertTrue(tokenEnhancer.isRefreshToken(tokenEnhancer.extractAccessToken(token.getRefreshToken().getValue(), tokenEnhancer.decode(token.getRefreshToken().getValue()))));
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) JsonParser(org.springframework.security.oauth2.common.util.JsonParser) Test(org.junit.Test)

Example 38 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method testAuthenticationPreservesGrantType.

@Test
public void testAuthenticationPreservesGrantType() throws Exception {
    DefaultAccessTokenConverter delegate = new DefaultAccessTokenConverter();
    delegate.setIncludeGrantType(true);
    enhancer.setAccessTokenConverter(delegate);
    expectedOAuth2AccessToken = enhancer.enhance(new DefaultOAuth2AccessToken("FOO"), expectedAuthentication);
    OAuth2Authentication authentication = tokenStore.readAuthentication(expectedOAuth2AccessToken.getValue());
    assertEquals("password", authentication.getOAuth2Request().getGrantType());
}
Also used : DefaultAccessTokenConverter(org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 39 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method testReadExpiringRefreshToken.

@Test
public void testReadExpiringRefreshToken() throws Exception {
    DefaultOAuth2AccessToken original = new DefaultOAuth2AccessToken("FOO");
    original.setExpiration(new Date());
    convertToRefreshToken(original);
    DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) enhancer.enhance(original, expectedAuthentication);
    assertTrue(tokenStore.readRefreshToken(token.getValue()) instanceof DefaultExpiringOAuth2RefreshToken);
}
Also used : DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 40 with DefaultOAuth2AccessToken

use of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method testReadAccessTokenWithLongExpiration.

@Test
public void testReadAccessTokenWithLongExpiration() throws Exception {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(expectedOAuth2AccessToken);
    token.setExpiration(new Date(Long.MAX_VALUE - 1));
    expectedOAuth2AccessToken = enhancer.enhance(token, expectedAuthentication);
    assertEquals(expectedOAuth2AccessToken, tokenStore.readAccessToken(expectedOAuth2AccessToken.getValue()));
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Aggregations

DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)95 Test (org.junit.Test)78 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)52 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)48 Date (java.util.Date)27 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)13 HashMap (java.util.HashMap)12 Authentication (org.springframework.security.core.Authentication)12 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)12 URI (java.net.URI)9 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)9 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)8 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)8 DBUnitTest (org.orcid.test.DBUnitTest)7 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)6 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)6 Before (org.junit.Before)5 BaseOAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails)5 OAuth2ProtectedResourceDetails (org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails)5 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5