Search in sources :

Example 1 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class JaxbOAuth2AccessTokenMessageConverterTests method assertTokenEquals.

private static void assertTokenEquals(OAuth2AccessToken expected, OAuth2AccessToken actual) {
    assertEquals(expected.getTokenType(), actual.getTokenType());
    assertEquals(expected.getValue(), actual.getValue());
    OAuth2RefreshToken expectedRefreshToken = expected.getRefreshToken();
    if (expectedRefreshToken == null) {
        assertNull(actual.getRefreshToken());
    } else {
        assertEquals(expectedRefreshToken.getValue(), actual.getRefreshToken().getValue());
    }
    assertEquals(expected.getScope(), actual.getScope());
    Date expectedExpiration = expected.getExpiration();
    if (expectedExpiration == null) {
        assertNull(actual.getExpiration());
    } else {
        assertEquals(expectedExpiration.getTime(), actual.getExpiration().getTime());
    }
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) Date(java.util.Date)

Example 2 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class AbstractDefaultTokenServicesTests method testRefreshedTokenNotExpiring.

@Test
public void testRefreshedTokenNotExpiring() throws Exception {
    getTokenServices().setRefreshTokenValiditySeconds(0);
    OAuth2RefreshToken expectedExpiringRefreshToken = getTokenServices().createAccessToken(createAuthentication()).getRefreshToken();
    assertFalse(expectedExpiringRefreshToken instanceof DefaultExpiringOAuth2RefreshToken);
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) Test(org.junit.Test)

Example 3 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class AccessTokenProviderChain method obtainAccessToken.

public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails resource, AccessTokenRequest request) throws UserRedirectRequiredException, AccessDeniedException {
    OAuth2AccessToken accessToken = null;
    OAuth2AccessToken existingToken = null;
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    if (auth instanceof AnonymousAuthenticationToken) {
        if (!resource.isClientOnly()) {
            throw new InsufficientAuthenticationException("Authentication is required to obtain an access token (anonymous not allowed)");
        }
    }
    if (resource.isClientOnly() || (auth != null && auth.isAuthenticated())) {
        existingToken = request.getExistingToken();
        if (existingToken == null && clientTokenServices != null) {
            existingToken = clientTokenServices.getAccessToken(resource, auth);
        }
        if (existingToken != null) {
            if (existingToken.isExpired()) {
                if (clientTokenServices != null) {
                    clientTokenServices.removeAccessToken(resource, auth);
                }
                OAuth2RefreshToken refreshToken = existingToken.getRefreshToken();
                if (refreshToken != null) {
                    accessToken = refreshAccessToken(resource, refreshToken, request);
                }
            } else {
                accessToken = existingToken;
            }
        }
    }
    if (accessToken == null) {
        // looks like we need to try to obtain a new token.
        accessToken = obtainNewAccessTokenInternal(resource, request);
        if (accessToken == null) {
            throw new IllegalStateException("An OAuth 2 access token must be obtained or an exception thrown.");
        }
    }
    if (clientTokenServices != null && (resource.isClientOnly() || auth != null && auth.isAuthenticated())) {
        clientTokenServices.saveAccessToken(resource, auth, accessToken);
    }
    return accessToken;
}
Also used : OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Authentication(org.springframework.security.core.Authentication) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) InsufficientAuthenticationException(org.springframework.security.authentication.InsufficientAuthenticationException)

Example 4 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class RedisTokenStoreMockTests method storeRefreshTokenRemoveRefreshTokenVerifyKeysRemoved.

// gh-572
@Test
public void storeRefreshTokenRemoveRefreshTokenVerifyKeysRemoved() {
    OAuth2RefreshToken oauth2RefreshToken = new DefaultOAuth2RefreshToken("refresh-token-" + UUID.randomUUID());
    OAuth2Authentication oauth2Authentication = new OAuth2Authentication(request, authentication);
    tokenStore.storeRefreshToken(oauth2RefreshToken, oauth2Authentication);
    ArgumentCaptor<byte[]> keyArgs = ArgumentCaptor.forClass(byte[].class);
    verify(connection, times(2)).set(keyArgs.capture(), any(byte[].class));
    tokenStore.removeRefreshToken(oauth2RefreshToken);
    for (byte[] key : keyArgs.getAllValues()) {
        verify(connection).del(key);
    }
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 5 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class RedisTokenStorePrefixTests method testExpiringRefreshToken.

@Test
public void testExpiringRefreshToken() throws InterruptedException {
    String refreshToken = UUID.randomUUID().toString();
    DefaultOAuth2RefreshToken expectedExpiringRefreshToken = new DefaultExpiringOAuth2RefreshToken(refreshToken, new Date(System.currentTimeMillis() + 1500));
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    getTokenStore().storeRefreshToken(expectedExpiringRefreshToken, expectedAuthentication);
    OAuth2RefreshToken actualExpiringRefreshToken = getTokenStore().readRefreshToken(refreshToken);
    assertEquals(expectedExpiringRefreshToken, actualExpiringRefreshToken);
    assertEquals(expectedAuthentication, getTokenStore().readAuthenticationForRefreshToken(expectedExpiringRefreshToken));
    // let the token expire
    Thread.sleep(1500);
    // now it should be gone
    assertNull(getTokenStore().readRefreshToken(refreshToken));
    assertNull(getTokenStore().readAuthenticationForRefreshToken(expectedExpiringRefreshToken));
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) Date(java.util.Date) Test(org.junit.Test)

Aggregations

OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)24 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)16 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)16 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)15 Test (org.junit.Test)13 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)12 Date (java.util.Date)11 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)9 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)9 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)4 Transactional (org.springframework.transaction.annotation.Transactional)4 RedisConnection (org.springframework.data.redis.connection.RedisConnection)3 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)2 DBUnitTest (org.orcid.test.DBUnitTest)2 Authentication (org.springframework.security.core.Authentication)2 ClientDetailsService (org.springframework.security.oauth2.provider.ClientDetailsService)2 HashMap (java.util.HashMap)1 LinkedHashMap (java.util.LinkedHashMap)1 OrcidOauth2AuthInfo (org.orcid.core.oauth.OrcidOauth2AuthInfo)1 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)1