use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class RedisTokenStore method storeRefreshToken.
@Override
public void storeRefreshToken(OAuth2RefreshToken refreshToken, OAuth2Authentication authentication) {
byte[] refreshKey = serializeKey(REFRESH + refreshToken.getValue());
byte[] refreshAuthKey = serializeKey(REFRESH_AUTH + refreshToken.getValue());
byte[] serializedRefreshToken = serialize(refreshToken);
RedisConnection conn = getConnection();
try {
conn.openPipeline();
conn.set(refreshKey, serializedRefreshToken);
conn.set(refreshAuthKey, serialize(authentication));
if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
ExpiringOAuth2RefreshToken expiringRefreshToken = (ExpiringOAuth2RefreshToken) refreshToken;
Date expiration = expiringRefreshToken.getExpiration();
if (expiration != null) {
int seconds = Long.valueOf((expiration.getTime() - System.currentTimeMillis()) / 1000L).intValue();
conn.expire(refreshKey, seconds);
conn.expire(refreshAuthKey, seconds);
}
}
conn.closePipeline();
} finally {
conn.close();
}
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractDefaultTokenServicesTests method testRefreshedTokenHasScopes.
@Test
public void testRefreshedTokenHasScopes() throws Exception {
ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = (ExpiringOAuth2RefreshToken) getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
assertEquals("[read, write]", refreshedAccessToken.getScope().toString());
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractDefaultTokenServicesTests method testRefreshTokenNonExpiring.
@Test
public void testRefreshTokenNonExpiring() throws Exception {
ClientDetailsService clientDetailsService = new InMemoryClientDetailsServiceBuilder().withClient("id").refreshTokenValiditySeconds(0).authorizedGrantTypes("refresh_token").and().build();
DefaultTokenServices tokenServices = getTokenServices();
tokenServices.setClientDetailsService(clientDetailsService);
OAuth2RefreshToken refreshToken = tokenServices.createAccessToken(createAuthentication()).getRefreshToken();
assertNotNull(refreshToken);
assertFalse(refreshToken instanceof ExpiringOAuth2RefreshToken);
}
use of org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken in project ORCID-Source by ORCID.
the class OrcidTokenStoreServiceImpl method populatePropertiesFromTokenAndAuthentication.
private OrcidOauth2TokenDetail populatePropertiesFromTokenAndAuthentication(OAuth2AccessToken token, OAuth2Authentication authentication, OrcidOauth2TokenDetail detail) {
OAuth2Request authorizationRequest = authentication.getOAuth2Request();
if (detail == null) {
detail = new OrcidOauth2TokenDetail();
}
String clientId = authorizationRequest.getClientId();
String authKey = authenticationKeyGenerator.extractKey(authentication);
detail.setAuthenticationKey(authKey);
detail.setClientDetailsId(clientId);
OAuth2RefreshToken refreshToken = token.getRefreshToken();
if (refreshToken != null && StringUtils.isNotBlank(refreshToken.getValue())) {
if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
// Override the refresh token expiration from the client
// details, and make it the same as the token itself
detail.setRefreshTokenExpiration(token.getExpiration());
}
detail.setRefreshTokenValue(refreshToken.getValue());
}
if (!authentication.isClientOnly()) {
Object principal = authentication.getPrincipal();
if (principal instanceof ProfileEntity) {
ProfileEntity profileEntity = (ProfileEntity) authentication.getPrincipal();
profileEntity = profileEntityCacheManager.retrieve(profileEntity.getId());
detail.setProfile(profileEntity);
}
}
detail.setTokenValue(token.getValue());
detail.setTokenType(token.getTokenType());
detail.setTokenExpiration(token.getExpiration());
detail.setApproved(authorizationRequest.isApproved());
detail.setRedirectUri(authorizationRequest.getRedirectUri());
Set<String> resourceIds = authorizationRequest.getResourceIds();
if (resourceIds == null || resourceIds.isEmpty()) {
ClientDetailsEntity clientDetails = clientDetailsEntityCacheManager.retrieve(clientId);
resourceIds = clientDetails.getResourceIds();
}
detail.setResourceId(OAuth2Utils.formatParameterList(resourceIds));
detail.setResponseType(OAuth2Utils.formatParameterList(authorizationRequest.getResponseTypes()));
detail.setScope(OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
Map<String, Object> additionalInfo = token.getAdditionalInformation();
if (additionalInfo != null) {
if (additionalInfo.containsKey(OrcidOauth2Constants.TOKEN_VERSION)) {
String sVersion = String.valueOf(additionalInfo.get(OrcidOauth2Constants.TOKEN_VERSION));
detail.setVersion(Long.valueOf(sVersion));
} else {
// TODO: As of Jan 2015 all tokens will be new tokens, so, we
// will have to remove the token version code and
// treat all tokens as new tokens
detail.setVersion(Long.valueOf(OrcidOauth2Constants.PERSISTENT_TOKEN));
}
if (additionalInfo.containsKey(OrcidOauth2Constants.PERSISTENT)) {
boolean isPersistentKey = (Boolean) additionalInfo.get(OrcidOauth2Constants.PERSISTENT);
detail.setPersistent(isPersistentKey);
} else {
detail.setPersistent(false);
}
} else {
detail.setPersistent(false);
}
return detail;
}
Aggregations