Search in sources :

Example 76 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class ClientCredentialsTokenGranter method grant.

@Override
public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
    OAuth2AccessToken token = super.grant(grantType, tokenRequest);
    if (token != null) {
        DefaultOAuth2AccessToken norefresh = new DefaultOAuth2AccessToken(token);
        // The spec says that client credentials should not be allowed to get a refresh token
        if (!allowRefresh) {
            norefresh.setRefreshToken(null);
        }
        token = norefresh;
    }
    return token;
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)

Example 77 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class InMemoryTokenStore method removeAccessToken.

public void removeAccessToken(String tokenValue) {
    OAuth2AccessToken removed = this.accessTokenStore.remove(tokenValue);
    this.accessTokenToRefreshTokenStore.remove(tokenValue);
    // Don't remove the refresh token - it's up to the caller to do that
    OAuth2Authentication authentication = this.authenticationStore.remove(tokenValue);
    if (authentication != null) {
        this.authenticationToAccessTokenStore.remove(authenticationKeyGenerator.extractKey(authentication));
        Collection<OAuth2AccessToken> tokens;
        String clientId = authentication.getOAuth2Request().getClientId();
        tokens = this.userNameToAccessTokenStore.get(getApprovalKey(clientId, authentication.getName()));
        if (tokens != null) {
            tokens.remove(removed);
        }
        tokens = this.clientIdToAccessTokenStore.get(clientId);
        if (tokens != null) {
            tokens.remove(removed);
        }
        this.authenticationToAccessTokenStore.remove(authenticationKeyGenerator.extractKey(authentication));
    }
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)

Example 78 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JdbcTokenStore method getAccessToken.

public OAuth2AccessToken getAccessToken(OAuth2Authentication authentication) {
    OAuth2AccessToken accessToken = null;
    String key = authenticationKeyGenerator.extractKey(authentication);
    try {
        accessToken = jdbcTemplate.queryForObject(selectAccessTokenFromAuthenticationSql, new RowMapper<OAuth2AccessToken>() {

            public OAuth2AccessToken mapRow(ResultSet rs, int rowNum) throws SQLException {
                return deserializeAccessToken(rs.getBytes(2));
            }
        }, key);
    } catch (EmptyResultDataAccessException e) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("Failed to find access token for authentication " + authentication);
        }
    } catch (IllegalArgumentException e) {
        LOG.error("Could not extract access token for authentication " + authentication, e);
    }
    if (accessToken != null && !key.equals(authenticationKeyGenerator.extractKey(readAuthentication(accessToken.getValue())))) {
        removeAccessToken(accessToken.getValue());
        // Keep the store consistent (maybe the same user is represented by this authentication but the details have
        // changed)
        storeAccessToken(accessToken, authentication);
    }
    return accessToken;
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) ResultSet(java.sql.ResultSet) EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException) RowMapper(org.springframework.jdbc.core.RowMapper)

Example 79 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class JwtAccessTokenConverter method enhance.

public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
    DefaultOAuth2AccessToken result = new DefaultOAuth2AccessToken(accessToken);
    Map<String, Object> info = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
    String tokenId = result.getValue();
    if (!info.containsKey(TOKEN_ID)) {
        info.put(TOKEN_ID, tokenId);
    } else {
        tokenId = (String) info.get(TOKEN_ID);
    }
    result.setAdditionalInformation(info);
    result.setValue(encode(result, authentication));
    OAuth2RefreshToken refreshToken = result.getRefreshToken();
    if (refreshToken != null) {
        DefaultOAuth2AccessToken encodedRefreshToken = new DefaultOAuth2AccessToken(accessToken);
        encodedRefreshToken.setValue(refreshToken.getValue());
        // Refresh tokens do not expire unless explicitly of the right type
        encodedRefreshToken.setExpiration(null);
        try {
            Map<String, Object> claims = objectMapper.parseMap(JwtHelper.decode(refreshToken.getValue()).getClaims());
            if (claims.containsKey(TOKEN_ID)) {
                encodedRefreshToken.setValue(claims.get(TOKEN_ID).toString());
            }
        } catch (IllegalArgumentException e) {
        }
        Map<String, Object> refreshTokenInfo = new LinkedHashMap<String, Object>(accessToken.getAdditionalInformation());
        refreshTokenInfo.put(TOKEN_ID, encodedRefreshToken.getValue());
        refreshTokenInfo.put(ACCESS_TOKEN_ID, tokenId);
        encodedRefreshToken.setAdditionalInformation(refreshTokenInfo);
        DefaultOAuth2RefreshToken token = new DefaultOAuth2RefreshToken(encode(encodedRefreshToken, authentication));
        if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
            Date expiration = ((ExpiringOAuth2RefreshToken) refreshToken).getExpiration();
            encodedRefreshToken.setExpiration(expiration);
            token = new DefaultExpiringOAuth2RefreshToken(encode(encodedRefreshToken, authentication), expiration);
        }
        result.setRefreshToken(token);
    }
    return result;
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) LinkedHashMap(java.util.LinkedHashMap) ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)

Example 80 with OAuth2AccessToken

use of org.springframework.security.oauth2.common.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class RedisTokenStore method readAccessToken.

@Override
public OAuth2AccessToken readAccessToken(String tokenValue) {
    byte[] key = serializeKey(ACCESS + tokenValue);
    byte[] bytes = null;
    RedisConnection conn = getConnection();
    try {
        bytes = conn.get(key);
    } finally {
        conn.close();
    }
    OAuth2AccessToken accessToken = deserializeAccessToken(bytes);
    return accessToken;
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) RedisConnection(org.springframework.data.redis.connection.RedisConnection)

Aggregations

OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)173 Test (org.junit.Test)126 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)112 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)66 Date (java.util.Date)36 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)31 Authentication (org.springframework.security.core.Authentication)27 HashMap (java.util.HashMap)22 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)19 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)18 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)18 DBUnitTest (org.orcid.test.DBUnitTest)17 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)17 OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)16 OrcidOauth2TokenDetail (org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)11 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)10 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)10 Transactional (org.springframework.transaction.annotation.Transactional)10 TokenGranter (org.springframework.security.oauth2.provider.TokenGranter)9 ModelAndView (org.springframework.web.servlet.ModelAndView)9