use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractDefaultTokenServicesTests method testRefreshedTokenInvalidWithWrongClient.
@Test(expected = InvalidGrantException.class)
public void testRefreshedTokenInvalidWithWrongClient() throws Exception {
ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "wrong"), "wrong", null, null);
OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
assertEquals("[read]", refreshedAccessToken.getScope().toString());
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractDefaultTokenServicesTests method testRefreshedTokenHasNarrowedScopes.
@Test
public void testRefreshedTokenHasNarrowedScopes() throws Exception {
ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
assertEquals("[read]", refreshedAccessToken.getScope().toString());
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractDefaultTokenServicesTests method testRefreshTokenRequestHasRefreshFlag.
@Test
public void testRefreshTokenRequestHasRefreshFlag() throws Exception {
ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
final AtomicBoolean called = new AtomicBoolean(false);
getTokenServices().setTokenEnhancer(new TokenEnhancer() {
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
assertTrue(authentication.getOAuth2Request().isRefresh());
called.set(true);
return accessToken;
}
});
getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
assertTrue(called.get());
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class DefaultTokenServicesWithInMemoryTests method testExpiredRefreshTokenIsRenewedWithNewAccessToken.
@Test
public void testExpiredRefreshTokenIsRenewedWithNewAccessToken() throws Exception {
OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
assertNotNull(firstAccessToken.getRefreshToken());
// Make it expire (and rely on mutable state in volatile token store)
ReflectionTestUtils.setField(firstAccessToken.getRefreshToken(), "expiration", new Date(System.currentTimeMillis() - 1000));
firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
DefaultOAuth2AccessToken secondAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
ExpiringOAuth2RefreshToken refreshToken = (ExpiringOAuth2RefreshToken) secondAccessToken.getRefreshToken();
assertNotNull(refreshToken);
assertTrue(refreshToken.getExpiration().getTime() > System.currentTimeMillis());
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class DefaultTokenServicesWithJwtTests method testRefreshedTokenHasIdThatMatchesAccessToken.
@Test
public void testRefreshedTokenHasIdThatMatchesAccessToken() throws Exception {
JsonParser parser = JsonParserFactory.create();
OAuth2Authentication authentication = createAuthentication();
OAuth2AccessToken initialToken = getTokenServices().createAccessToken(authentication);
ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) initialToken.getRefreshToken();
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
Map<String, ?> accessTokenInfo = parser.parseMap(JwtHelper.decode(refreshedAccessToken.getValue()).getClaims());
Map<String, ?> refreshTokenInfo = parser.parseMap(JwtHelper.decode(refreshedAccessToken.getRefreshToken().getValue()).getClaims());
assertEquals("Access token ID does not match refresh token ATI", accessTokenInfo.get(AccessTokenConverter.JTI), refreshTokenInfo.get(AccessTokenConverter.ATI));
assertNotSame("Refresh token re-used", expectedExpiringRefreshToken.getValue(), refreshedAccessToken.getRefreshToken().getValue());
}
Aggregations