Search in sources :

Example 56 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AbstractPersistentDefaultTokenServicesTests method testRefreshTokenMaintainsState.

@Test
public void testRefreshTokenMaintainsState() throws Exception {
    getTokenServices().setSupportRefreshToken(true);
    OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
    OAuth2RefreshToken expectedExpiringRefreshToken = accessToken.getRefreshToken();
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
    OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertNotNull(refreshedAccessToken);
    assertEquals(1, getAccessTokenCount());
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) Test(org.junit.Test)

Example 57 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AbstractPersistentDefaultTokenServicesTests method testTokenEnhancerUpdatesStoredTokens.

@Test
public void testTokenEnhancerUpdatesStoredTokens() throws Exception {
    final ExpiringOAuth2RefreshToken refreshToken = new DefaultExpiringOAuth2RefreshToken("testToken", new Date(System.currentTimeMillis() + 100000));
    getTokenServices().setTokenEnhancer(new TokenEnhancer() {

        public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
            DefaultOAuth2AccessToken result = new DefaultOAuth2AccessToken(accessToken);
            result.setRefreshToken(refreshToken);
            return result;
        }
    });
    OAuth2Authentication authentication = createAuthentication();
    OAuth2AccessToken original = getTokenServices().createAccessToken(authentication);
    assertTrue(original.getRefreshToken().equals(refreshToken));
    OAuth2AccessToken result = getTokenStore().getAccessToken(authentication);
    assertEquals(original, result);
    assertEquals(refreshToken, result.getRefreshToken());
    assertEquals(refreshToken, getTokenStore().readRefreshToken(refreshToken.getValue()));
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) Date(java.util.Date) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) Test(org.junit.Test)

Example 58 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultAccessTokenConverterTests method extractAccessTokenMultiScopeCollection.

// gh-745
@Test
public void extractAccessTokenMultiScopeCollection() {
    Set<String> scopes = new HashSet<String>(Arrays.asList("read", "write", "read-write"));
    Map<String, Object> tokenAttrs = new HashMap<String, Object>();
    tokenAttrs.put(AccessTokenConverter.SCOPE, scopes);
    OAuth2AccessToken accessToken = converter.extractAccessToken("token-value", tokenAttrs);
    assertEquals(scopes, accessToken.getScope());
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Test(org.junit.Test)

Example 59 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesAuthoritiesChangeTests method testChangeAuthoritiesAuthenticationTokenFail.

// This test will fail
@Test
public void testChangeAuthoritiesAuthenticationTokenFail() throws Exception {
    TestChangeAuthentication testAuthentication = new TestChangeAuthentication("test2", false, new SimpleGrantedAuthority("USER"));
    OAuth2Authentication oauth2Authentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), testAuthentication);
    OAuth2AccessToken createAccessToken = getTokenServices().createAccessToken(oauth2Authentication);
    // First time. The Authentication has 2 roles;
    assertEquals(testAuthentication.getAuthorities(), getTokenServices().loadAuthentication(createAccessToken.getValue()).getAuthorities());
    // Now I change the authorities from testAuthentication
    testAuthentication = new TestChangeAuthentication("test2", false, new SimpleGrantedAuthority("NONE"));
    // I recreate the request
    oauth2Authentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), testAuthentication);
    // I create the authentication again
    createAccessToken = getTokenServices().createAccessToken(oauth2Authentication);
    assertEquals(testAuthentication.getAuthorities(), getTokenServices().loadAuthentication(createAccessToken.getValue()).getAuthorities());
}
Also used : SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 60 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JdbcTokenStoreTests method testFindAccessTokensByUserName.

@Test
public void testFindAccessTokensByUserName() {
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByUserName("test2");
    assertEquals(1, actualOAuth2AccessTokens.size());
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Aggregations

OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)171 Test (org.junit.Test)126 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)111 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)65 Date (java.util.Date)36 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)31 Authentication (org.springframework.security.core.Authentication)26 HashMap (java.util.HashMap)21 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)19 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)18 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)18 DBUnitTest (org.orcid.test.DBUnitTest)17 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)17 OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)16 OrcidOauth2TokenDetail (org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)11 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)10 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)10 Transactional (org.springframework.transaction.annotation.Transactional)10 TokenGranter (org.springframework.security.oauth2.provider.TokenGranter)9 ModelAndView (org.springframework.web.servlet.ModelAndView)9