Search in sources :

Example 1 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method testReissuedAccessTokenHasUpdatedExpiration.

@Test
public void testReissuedAccessTokenHasUpdatedExpiration() throws InterruptedException {
    Date earliestExpiry = oneHoursTime();
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date latestExpiry = oneHoursTime();
    assertNotNull(oauth2AccessToken);
    assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
    Thread.sleep(1000);
    earliestExpiry = oneHoursTime();
    OAuth2AccessToken reissuedOauth2AccessToken = tokenServices.createAccessToken(authentication);
    latestExpiry = oneHoursTime();
    assertNotNull(reissuedOauth2AccessToken);
    assertFalse(reissuedOauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(reissuedOauth2AccessToken.getExpiration().after(latestExpiry));
}
Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) HashMap(java.util.HashMap) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) Authentication(org.springframework.security.core.Authentication) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Date(java.util.Date) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 2 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method testCreateAddWorkAccessToken.

@Test
public void testCreateAddWorkAccessToken() {
    Date earliestExpiry = oneHoursTime();
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date latestExpiry = oneHoursTime();
    assertNotNull(oauth2AccessToken);
    assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
    assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
}
Also used : ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) HashMap(java.util.HashMap) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) Authentication(org.springframework.security.core.Authentication) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Date(java.util.Date) OrcidOauth2ClientAuthentication(org.orcid.core.oauth.OrcidOauth2ClientAuthentication) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 3 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceTest method testRemoveRefreshToken.

@Test
@Transactional
public void testRemoveRefreshToken() throws Exception {
    OAuth2AccessToken token = orcidTokenStoreService.readAccessToken("some-long-oauth2-token-value-3");
    orcidTokenStoreService.removeRefreshToken(token.getRefreshToken());
    OAuth2RefreshToken refreshToken = orcidTokenStoreService.readRefreshToken("some-long-oauth2-refresh-value-3");
    assertNull(refreshToken);
}
Also used : ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 4 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenTest.

@Test
public void createRefreshTokenTest() {
    // Create token, create refresh, parent should be disabled, scopes
    // should be equal
    long time = System.currentTimeMillis();
    String scope = "/activities/update";
    String tokenValue = "parent-token-" + time;
    String refreshTokenValue = "refresh-token-" + time;
    Boolean revokeOld = null;
    Date parentTokenExpiration = new Date(time + 10000);
    Long expireIn = null;
    OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, scope);
    OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn, scope);
    assertNotNull(refresh);
    OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
    assertNotNull(parentToken);
    assertEquals(tokenValue, parentToken.getTokenValue());
    assertTrue(parentToken.getTokenDisabled());
    assertEquals(scope, parentToken.getScope());
    assertNotNull(parentToken.getTokenExpiration());
    OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
    assertNotNull(refreshToken);
    assertNotNull(refreshToken.getTokenValue());
    assertNotNull(refreshToken.getRefreshTokenValue());
    assertFalse(refreshToken.getTokenDisabled());
    assertEquals(scope, refreshToken.getScope());
    assertNotNull(refreshToken.getTokenExpiration());
    assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Date(java.util.Date) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Example 5 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.

the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenWithoutRevokeParent.

@Test
public void createRefreshTokenWithoutRevokeParent() {
    // Create token, create refresh without disabling parent token, parent
    // should be enabled, refresh should be enabled
    long time = System.currentTimeMillis();
    String parentScope = "/activities/update /read-limited";
    String tokenValue = "parent-token-" + time;
    String refreshTokenValue = "refresh-token-" + time;
    Boolean revokeOld = false;
    Date parentTokenExpiration = new Date(time + 10000);
    Long expireIn = null;
    OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);
    OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn);
    assertNotNull(refresh);
    OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
    assertNotNull(parentToken);
    assertEquals(tokenValue, parentToken.getTokenValue());
    assertFalse(parentToken.getTokenDisabled());
    assertNotNull(parentToken.getTokenExpiration());
    OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
    assertNotNull(refreshToken);
    assertNotNull(refreshToken.getTokenValue());
    assertNotNull(refreshToken.getRefreshTokenValue());
    assertFalse(refreshToken.getTokenDisabled());
    assertNotNull(refreshToken.getTokenExpiration());
    assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
    assertEquals(parentToken.getScope(), refreshToken.getScope());
    Set<String> tokenScopes = OAuth2Utils.parseParameterList(parentToken.getScope());
    Set<String> originalScopes = OAuth2Utils.parseParameterList(parentScope);
    assertEquals(originalScopes, tokenScopes);
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Date(java.util.Date) OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail) DBUnitTest(org.orcid.test.DBUnitTest) Test(org.junit.Test)

Aggregations

OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)234 Test (org.junit.Test)149 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)124 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)79 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)67 Test (org.junit.jupiter.api.Test)46 HashMap (java.util.HashMap)38 Date (java.util.Date)37 Authentication (org.springframework.security.core.Authentication)35 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)33 Instant (java.time.Instant)32 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)26 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)24 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)22 DBUnitTest (org.orcid.test.DBUnitTest)19 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)19 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)19 OAuth2RefreshToken (org.springframework.security.oauth2.core.OAuth2RefreshToken)19 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)18 Map (java.util.Map)17