Example 6 with DefaultOAuth2RefreshToken
use of org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class JwtTokenStoreTests method removeAccessTokenFromRefreshToken.
@Test
public void removeAccessTokenFromRefreshToken() throws Exception {
tokenStore.setApprovalStore(approvalStore);
approvalStore.addApprovals(Collections.singleton(new Approval("test", "id", "read", new Date(), ApprovalStatus.APPROVED)));
assertEquals(1, approvalStore.getApprovals("test", "id").size());
tokenStore.removeAccessTokenUsingRefreshToken(new DefaultOAuth2RefreshToken(expectedOAuth2AccessToken.getValue()));
assertEquals(1, approvalStore.getApprovals("test", "id").size());
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
Approval(org.springframework.security.oauth2.provider.approval.Approval)
Date(java.util.Date)
Test(org.junit.Test)
Example 7 with DefaultOAuth2RefreshToken
use of org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class JaxbOAuth2AccessTokenMessageConverter method convertToExternal.
protected OAuth2AccessToken convertToExternal(JaxbOAuth2AccessToken jaxbAccessToken) {
DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(jaxbAccessToken.getAccessToken());
String refreshToken = jaxbAccessToken.getRefreshToken();
if (refreshToken != null) {
accessToken.setRefreshToken(new DefaultOAuth2RefreshToken(refreshToken));
}
Date expiration = jaxbAccessToken.getExpiration();
if (expiration != null) {
accessToken.setExpiration(expiration);
}
return accessToken;
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
Example 8 with DefaultOAuth2RefreshToken
use of org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class JwtAccessTokenConverter method enhance.
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
DefaultOAuth2AccessToken result = new DefaultOAuth2AccessToken(accessToken);
Map<String, Object> info = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
String tokenId = result.getValue();
if (!info.containsKey(TOKEN_ID)) {
info.put(TOKEN_ID, tokenId);
} else {
tokenId = (String) info.get(TOKEN_ID);
}
result.setAdditionalInformation(info);
result.setValue(encode(result, authentication));
OAuth2RefreshToken refreshToken = result.getRefreshToken();
if (refreshToken != null) {
DefaultOAuth2AccessToken encodedRefreshToken = new DefaultOAuth2AccessToken(accessToken);
encodedRefreshToken.setValue(refreshToken.getValue());
// Refresh tokens do not expire unless explicitly of the right type
encodedRefreshToken.setExpiration(null);
try {
Map<String, Object> claims = objectMapper.parseMap(JwtHelper.decode(refreshToken.getValue()).getClaims());
if (claims.containsKey(TOKEN_ID)) {
encodedRefreshToken.setValue(claims.get(TOKEN_ID).toString());
}
} catch (IllegalArgumentException e) {
}
Map<String, Object> refreshTokenInfo = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
refreshTokenInfo.put(TOKEN_ID, encodedRefreshToken.getValue());
refreshTokenInfo.put(ACCESS_TOKEN_ID, tokenId);
encodedRefreshToken.setAdditionalInformation(refreshTokenInfo);
DefaultOAuth2RefreshToken token = new DefaultOAuth2RefreshToken(encode(encodedRefreshToken, authentication));
if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
Date expiration = ((ExpiringOAuth2RefreshToken) refreshToken).getExpiration();
encodedRefreshToken.setExpiration(expiration);
token = new DefaultExpiringOAuth2RefreshToken(encode(encodedRefreshToken, authentication), expiration);
}
result.setRefreshToken(token);
}
return result;
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
LinkedHashMap(java.util.LinkedHashMap)
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
Example 9 with DefaultOAuth2RefreshToken
use of org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken in project ORCID-Source by ORCID.
the class OrcidTokenStoreServiceTest method testReadAuthenticationForRefreshToken.
@Test
@Transactional
public void testReadAuthenticationForRefreshToken() throws Exception {
OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("some-long-oauth2-refresh-value-1");
OAuth2Authentication oAuth2Authentication = orcidTokenStoreService.readAuthenticationForRefreshToken(refreshToken);
assertNotNull(oAuth2Authentication);
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
DBUnitTest(org.orcid.test.DBUnitTest)
Test(org.junit.Test)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 10 with DefaultOAuth2RefreshToken
use of org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesImpl method createAccessToken.
@Override
public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException {
OrcidOauth2AuthInfo authInfo = new OrcidOauth2AuthInfo(authentication);
String userOrcid = authInfo.getUserOrcid();
DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
int validitySeconds = getAccessTokenValiditySeconds(authentication.getOAuth2Request());
if (validitySeconds > 0) {
accessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
}
accessToken.setScope(authentication.getOAuth2Request().getScope());
if (customTokenEnhancer != null) {
accessToken = new DefaultOAuth2AccessToken(customTokenEnhancer.enhance(accessToken, authentication));
}
if (this.isSupportRefreshToken(authentication.getOAuth2Request())) {
OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken(UUID.randomUUID().toString());
accessToken.setRefreshToken(refreshToken);
}
orcidTokenStore.storeAccessToken(accessToken, authentication);
LOGGER.info("Creating new access token: clientId={}, scopes={}, userOrcid={}", new Object[] { authInfo.getClientId(), authInfo.getScopes(), userOrcid });
return accessToken;
}
Also used :
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
OrcidOauth2AuthInfo(org.orcid.core.oauth.OrcidOauth2AuthInfo)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
Date(java.util.Date)
Aggregations
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)20
Test (org.junit.Test)13
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)13
Date (java.util.Date)11
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)8
DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)7
OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)7
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)6
ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)3
HashMap (java.util.HashMap)2
JsonParser (org.springframework.security.oauth2.common.util.JsonParser)2
Approval (org.springframework.security.oauth2.provider.approval.Approval)2
Calendar (java.util.Calendar)1
LinkedHashMap (java.util.LinkedHashMap)1
Before (org.junit.Before)1
OrcidOauth2AuthInfo (org.orcid.core.oauth.OrcidOauth2AuthInfo)1
ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)1
DBUnitTest (org.orcid.test.DBUnitTest)1
AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)1
Transactional (org.springframework.transaction.annotation.Transactional)1
