Search in sources :

Example 26 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project spring-security-oauth by spring-projects.

the class TokenStoreBaseTests method testRemoveRefreshToken.

@Test
public void testRemoveRefreshToken() {
    OAuth2RefreshToken expectedExpiringRefreshToken = new DefaultExpiringOAuth2RefreshToken("testToken", new Date());
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    getTokenStore().storeRefreshToken(expectedExpiringRefreshToken, expectedAuthentication);
    getTokenStore().removeRefreshToken(expectedExpiringRefreshToken);
    assertNull(getTokenStore().readRefreshToken("testToken"));
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) Date(java.util.Date) Test(org.junit.Test)

Example 27 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceImpl method getOauth2AccessTokenFromDetails.

private OAuth2AccessToken getOauth2AccessTokenFromDetails(OrcidOauth2TokenDetail detail) {
    DefaultOAuth2AccessToken token = null;
    if (detail != null && StringUtils.isNotBlank(detail.getTokenValue())) {
        token = new DefaultOAuth2AccessToken(detail.getTokenValue());
        token.setExpiration(detail.getTokenExpiration());
        token.setScope(OAuth2Utils.parseParameterList(detail.getScope()));
        token.setTokenType(detail.getTokenType());
        String refreshToken = detail.getRefreshTokenValue();
        OAuth2RefreshToken rt;
        if (StringUtils.isNotBlank(refreshToken)) {
            if (detail.getRefreshTokenExpiration() != null) {
                rt = new DefaultExpiringOAuth2RefreshToken(detail.getRefreshTokenValue(), detail.getRefreshTokenExpiration());
            } else {
                rt = new DefaultOAuth2RefreshToken(detail.getRefreshTokenValue());
            }
            token.setRefreshToken(rt);
        }
        ProfileEntity profile = detail.getProfile();
        if (profile != null) {
            Map<String, Object> additionalInfo = new HashMap<String, Object>();
            additionalInfo.put(OrcidOauth2Constants.ORCID, profile.getId());
            additionalInfo.put(OrcidOauth2Constants.PERSISTENT, detail.isPersistent());
            additionalInfo.put(OrcidOauth2Constants.DATE_CREATED, detail.getDateCreated());
            additionalInfo.put(OrcidOauth2Constants.TOKEN_VERSION, detail.getVersion());
            token.setAdditionalInformation(additionalInfo);
        }
        String clientId = detail.getClientDetailsId();
        if (!PojoUtil.isEmpty(clientId)) {
            Map<String, Object> additionalInfo = new HashMap<String, Object>();
            Map<String, Object> additionalInfoInToken = token.getAdditionalInformation();
            if (additionalInfoInToken != null && !additionalInfoInToken.isEmpty()) {
                additionalInfo.putAll(additionalInfoInToken);
            }
            // Copy to a new one to avoid unmodifiable  
            additionalInfo.put(OrcidOauth2Constants.CLIENT_ID, clientId);
            token.setAdditionalInformation(additionalInfo);
        }
    }
    return token;
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) HashMap(java.util.HashMap) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)

Example 28 with OAuth2RefreshToken

use of org.springframework.security.oauth2.common.OAuth2RefreshToken in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceImpl method populatePropertiesFromTokenAndAuthentication.

private OrcidOauth2TokenDetail populatePropertiesFromTokenAndAuthentication(OAuth2AccessToken token, OAuth2Authentication authentication, OrcidOauth2TokenDetail detail) {
    OAuth2Request authorizationRequest = authentication.getOAuth2Request();
    if (detail == null) {
        detail = new OrcidOauth2TokenDetail();
    }
    String clientId = authorizationRequest.getClientId();
    String authKey = authenticationKeyGenerator.extractKey(authentication);
    detail.setAuthenticationKey(authKey);
    detail.setClientDetailsId(clientId);
    OAuth2RefreshToken refreshToken = token.getRefreshToken();
    if (refreshToken != null && StringUtils.isNotBlank(refreshToken.getValue())) {
        if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
            // Override the refresh token expiration from the client
            // details, and make it the same as the token itself
            detail.setRefreshTokenExpiration(token.getExpiration());
        }
        detail.setRefreshTokenValue(refreshToken.getValue());
    }
    if (!authentication.isClientOnly()) {
        Object principal = authentication.getPrincipal();
        if (principal instanceof ProfileEntity) {
            ProfileEntity profileEntity = (ProfileEntity) authentication.getPrincipal();
            profileEntity = profileEntityCacheManager.retrieve(profileEntity.getId());
            detail.setProfile(profileEntity);
        }
    }
    detail.setTokenValue(token.getValue());
    detail.setTokenType(token.getTokenType());
    detail.setTokenExpiration(token.getExpiration());
    detail.setApproved(authorizationRequest.isApproved());
    detail.setRedirectUri(authorizationRequest.getRedirectUri());
    Set<String> resourceIds = authorizationRequest.getResourceIds();
    if (resourceIds == null || resourceIds.isEmpty()) {
        ClientDetailsEntity clientDetails = clientDetailsEntityCacheManager.retrieve(clientId);
        resourceIds = clientDetails.getResourceIds();
    }
    detail.setResourceId(OAuth2Utils.formatParameterList(resourceIds));
    detail.setResponseType(OAuth2Utils.formatParameterList(authorizationRequest.getResponseTypes()));
    detail.setScope(OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
    Map<String, Object> additionalInfo = token.getAdditionalInformation();
    if (additionalInfo != null) {
        if (additionalInfo.containsKey(OrcidOauth2Constants.TOKEN_VERSION)) {
            String sVersion = String.valueOf(additionalInfo.get(OrcidOauth2Constants.TOKEN_VERSION));
            detail.setVersion(Long.valueOf(sVersion));
        } else {
            // TODO: As of Jan 2015 all tokens will be new tokens, so, we
            // will have to remove the token version code and
            // treat all tokens as new tokens
            detail.setVersion(Long.valueOf(OrcidOauth2Constants.PERSISTENT_TOKEN));
        }
        if (additionalInfo.containsKey(OrcidOauth2Constants.PERSISTENT)) {
            boolean isPersistentKey = (Boolean) additionalInfo.get(OrcidOauth2Constants.PERSISTENT);
            detail.setPersistent(isPersistentKey);
        } else {
            detail.setPersistent(false);
        }
    } else {
        detail.setPersistent(false);
    }
    return detail;
}
Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity) ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)

Aggregations

OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)24 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)16 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)16 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)15 Test (org.junit.Test)13 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)12 Date (java.util.Date)11 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)9 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)9 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)4 Transactional (org.springframework.transaction.annotation.Transactional)4 RedisConnection (org.springframework.data.redis.connection.RedisConnection)3 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)2 DBUnitTest (org.orcid.test.DBUnitTest)2 Authentication (org.springframework.security.core.Authentication)2 ClientDetailsService (org.springframework.security.oauth2.provider.ClientDetailsService)2 HashMap (java.util.HashMap)1 LinkedHashMap (java.util.LinkedHashMap)1 OrcidOauth2AuthInfo (org.orcid.core.oauth.OrcidOauth2AuthInfo)1 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)1