Examples with UnapprovedClientAuthenticationException org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException used on opensource projects

Search in sources :

Example 1 with UnapprovedClientAuthenticationException

use of org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException in project fw-cloud-framework by liuweijw.

the class AjaxLoginSuccessHandler method onAuthenticationSuccess.

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
    String header = request.getHeader(SecurityConstant.AUTHORIZATION);
    if (StringHelper.isBlank(header) || !header.startsWith(SecurityConstant.BASIC)) {
        throw new UnapprovedClientAuthenticationException("请求头中client信息为空");
    }
    try {
        String[] tokens = extractAndDecodeHeader(header);
        assert tokens.length == 2;
        String clientId = tokens[0];
        String clientSecret = tokens[1];
        JSONObject params = new JSONObject();
        params.put("clientId", clientId);
        params.put("clientSecret", clientSecret);
        params.put("authentication", authentication);
        ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
        TokenRequest tokenRequest = new TokenRequest(MapUtil.newHashMap(), clientId, clientDetails.getScope(), "mobile");
        OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
        OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
        OAuth2AccessToken oAuth2AccessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
        response.setCharacterEncoding(CommonConstant.UTF8);
        response.setContentType(CommonConstant.CONTENT_TYPE);
        PrintWriter printWriter = response.getWriter();
        printWriter.append(objectMapper.writeValueAsString(oAuth2AccessToken));
    } catch (IOException e) {
        throw new BadCredentialsException("Failed to decode basic authentication token");
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) JSONObject(com.alibaba.fastjson.JSONObject) UnapprovedClientAuthenticationException(org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) IOException(java.io.IOException) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) PrintWriter(java.io.PrintWriter)

Example 2 with UnapprovedClientAuthenticationException

use of org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException in project new-cloud by xie-summer.

the class MobileLoginSuccessHandler method onAuthenticationSuccess.

/**
 * Called when a user has been successfully authenticated.
 * 调用spring security oauth API 生成 oAuth2AccessToken
 *
 * @param request        the request which caused the successful authentication
 * @param response       the response
 * @param authentication the <tt>Authentication</tt> object which was created during
 */
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
    String header = request.getHeader("Authorization");
    if (header == null || !header.startsWith(BASIC_)) {
        throw new UnapprovedClientAuthenticationException("请求头中client信息为空");
    }
    try {
        String[] tokens = extractAndDecodeHeader(header);
        assert tokens.length == 2;
        String clientId = tokens[0];
        String clientSecret = tokens[1];
        JSONObject params = new JSONObject();
        params.put("clientId", clientId);
        params.put("clientSecret", clientSecret);
        params.put("authentication", authentication);
        ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
        TokenRequest tokenRequest = new TokenRequest(MapUtil.newHashMap(), clientId, clientDetails.getScope(), "mobile");
        OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
        OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
        OAuth2AccessToken oAuth2AccessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
        logger.info("获取token 成功:{}", oAuth2AccessToken.getValue());
        response.setCharacterEncoding(CommonConstant.UTF8);
        response.setContentType(CommonConstant.CONTENT_TYPE);
        PrintWriter printWriter = response.getWriter();
        printWriter.append(objectMapper.writeValueAsString(oAuth2AccessToken));
    } catch (IOException e) {
        throw new BadCredentialsException("Failed to decode basic authentication token");
    }
}
Also used : JSONObject(com.alibaba.fastjson.JSONObject) UnapprovedClientAuthenticationException(org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) IOException(java.io.IOException) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) PrintWriter(java.io.PrintWriter)

Example 3 with UnapprovedClientAuthenticationException

use of org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException in project paascloud-master by paascloud.

the class UacUserLoginController method refreshToken.

/**
 * 刷新token.
 *
 * @param request      the request
 * @param refreshToken the refresh token
 * @param accessToken  the access token
 *
 * @return the wrapper
 */
@GetMapping(value = "/auth/user/refreshToken")
@ApiOperation(httpMethod = "POST", value = "刷新token")
public Wrapper<String> refreshToken(HttpServletRequest request, @RequestParam(value = "refreshToken") String refreshToken, @RequestParam(value = "accessToken") String accessToken) {
    String token;
    try {
        Preconditions.checkArgument(org.apache.commons.lang3.StringUtils.isNotEmpty(accessToken), "accessToken is null");
        Preconditions.checkArgument(org.apache.commons.lang3.StringUtils.isNotEmpty(refreshToken), "refreshToken is null");
        String header = request.getHeader(HttpHeaders.AUTHORIZATION);
        if (header == null || !header.startsWith(BEARER_TOKEN_TYPE)) {
            throw new UnapprovedClientAuthenticationException("请求头中无client信息");
        }
        String[] tokens = RequestUtil.extractAndDecodeHeader(header);
        assert tokens.length == 2;
        String clientId = tokens[0];
        String clientSecret = tokens[1];
        ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
        if (clientDetails == null) {
            throw new UnapprovedClientAuthenticationException("clientId对应的配置信息不存在:" + clientId);
        } else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) {
            throw new UnapprovedClientAuthenticationException("clientSecret不匹配:" + clientId);
        }
        token = uacUserTokenService.refreshToken(accessToken, refreshToken, request);
    } catch (Exception e) {
        logger.error("refreshToken={}", e.getMessage(), e);
        return WrapMapper.error();
    }
    return WrapMapper.ok(token);
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) UnapprovedClientAuthenticationException(org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException) UnapprovedClientAuthenticationException(org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException) ApiOperation(io.swagger.annotations.ApiOperation)

Example 4 with UnapprovedClientAuthenticationException

use of org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException in project paascloud-master by paascloud.

the class PcAuthenticationSuccessHandler method onAuthenticationSuccess.

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
    logger.info("登录成功");
    String header = request.getHeader(HttpHeaders.AUTHORIZATION);
    if (header == null || !header.startsWith(BEARER_TOKEN_TYPE)) {
        throw new UnapprovedClientAuthenticationException("请求头中无client信息");
    }
    String[] tokens = RequestUtil.extractAndDecodeHeader(header);
    assert tokens.length == 2;
    String clientId = tokens[0];
    String clientSecret = tokens[1];
    ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
    if (clientDetails == null) {
        throw new UnapprovedClientAuthenticationException("clientId对应的配置信息不存在:" + clientId);
    } else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) {
        throw new UnapprovedClientAuthenticationException("clientSecret不匹配:" + clientId);
    }
    TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "custom");
    OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
    OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
    SecurityUser principal = (SecurityUser) authentication.getPrincipal();
    uacUserService.handlerLoginData(token, principal, request);
    log.info("用户【 {} 】记录登录日志", principal.getUsername());
    response.setContentType("application/json;charset=UTF-8");
    response.getWriter().write((objectMapper.writeValueAsString(WrapMapper.ok(token))));
}
Also used : SecurityUser(com.paascloud.security.core.SecurityUser) UnapprovedClientAuthenticationException(org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)

Aggregations

UnapprovedClientAuthenticationException (org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException)4 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)3 JSONObject (com.alibaba.fastjson.JSONObject)2 IOException (java.io.IOException)2 PrintWriter (java.io.PrintWriter)2 BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)2 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)2 SecurityUser (com.paascloud.security.core.SecurityUser)1 ApiOperation (io.swagger.annotations.ApiOperation)1 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)1 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)1 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial