Search in sources :

Example 91 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class RefreshTokenSupportTests method testHappyDay.

/**
 * tests a happy-day flow of the refresh token provider.
 */
@Test
public void testHappyDay() throws Exception {
    OAuth2AccessToken accessToken = getAccessToken("read", "my-trusted-client");
    // now use the refresh token to get a new access token.
    assertNotNull(accessToken.getRefreshToken());
    OAuth2AccessToken newAccessToken = refreshAccessToken(accessToken.getRefreshToken().getValue());
    assertFalse(newAccessToken.getValue().equals(accessToken.getValue()));
    // make sure the new access token can be used.
    verifyTokenResponse(newAccessToken.getValue(), HttpStatus.OK);
    // make sure the old access token isn't valid anymore.
    verifyTokenResponse(accessToken.getValue(), HttpStatus.UNAUTHORIZED);
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) Test(org.junit.Test)

Example 92 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class ClientCredentialsGrantTests method testConnectDirectlyToResourceServer.

@Test
public void testConnectDirectlyToResourceServer() throws Exception {
    ClientCredentialsResourceDetails resource = new ClientCredentialsResourceDetails();
    resource.setAccessTokenUri(serverRunning.getUrl("/sparklr2/oauth/token"));
    resource.setClientId("my-client-with-registered-redirect");
    resource.setId("sparklr");
    resource.setScope(Arrays.asList("trust"));
    ClientCredentialsAccessTokenProvider provider = new ClientCredentialsAccessTokenProvider();
    OAuth2AccessToken accessToken = provider.obtainAccessToken(resource, new DefaultAccessTokenRequest());
    OAuth2RestTemplate template = new OAuth2RestTemplate(resource, new DefaultOAuth2ClientContext(accessToken));
    String result = template.getForObject(serverRunning.getUrl("/sparklr2/photos/trusted/message"), String.class);
    assertEquals("Hello, Trusted Client", result);
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) DefaultOAuth2ClientContext(org.springframework.security.oauth2.client.DefaultOAuth2ClientContext) ClientCredentialsResourceDetails(org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails) ClientCredentialsAccessTokenProvider(org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider) OAuth2RestTemplate(org.springframework.security.oauth2.client.OAuth2RestTemplate) DefaultAccessTokenRequest(org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest) Test(org.junit.Test)

Example 93 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class AdminController method enhance.

private Collection<OAuth2AccessToken> enhance(Collection<OAuth2AccessToken> tokens) {
    Collection<OAuth2AccessToken> result = new ArrayList<OAuth2AccessToken>();
    for (OAuth2AccessToken prototype : tokens) {
        DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(prototype);
        OAuth2Authentication authentication = tokenStore.readAuthentication(token);
        if (authentication == null) {
            continue;
        }
        String clientId = authentication.getOAuth2Request().getClientId();
        if (clientId != null) {
            Map<String, Object> map = new HashMap<String, Object>(token.getAdditionalInformation());
            map.put("client_id", clientId);
            token.setAdditionalInformation(map);
            result.add(token);
        }
    }
    return result;
}
Also used : HashMap(java.util.HashMap) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) ArrayList(java.util.ArrayList) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)

Example 94 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class DefaultOAuth2RequestAuthenticator method authenticate.

@Override
public void authenticate(OAuth2ProtectedResourceDetails resource, OAuth2ClientContext clientContext, ClientHttpRequest request) {
    OAuth2AccessToken accessToken = clientContext.getAccessToken();
    if (accessToken == null) {
        throw new AccessTokenRequiredException(resource);
    }
    String tokenType = accessToken.getTokenType();
    if (!StringUtils.hasText(tokenType)) {
        // we'll assume basic bearer token type if none is specified.
        tokenType = OAuth2AccessToken.BEARER_TYPE;
    } else if (tokenType.equalsIgnoreCase(OAuth2AccessToken.BEARER_TYPE)) {
        // gh-1346
        // Ensure we use the correct syntax for the "Bearer" authentication scheme
        tokenType = OAuth2AccessToken.BEARER_TYPE;
    }
    request.getHeaders().set("Authorization", String.format("%s %s", tokenType, accessToken.getValue()));
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AccessTokenRequiredException(org.springframework.security.oauth2.client.http.AccessTokenRequiredException)

Example 95 with OAuth2AccessToken

use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.

the class OAuth2RestTemplate method acquireAccessToken.

protected OAuth2AccessToken acquireAccessToken(OAuth2ClientContext oauth2Context) throws UserRedirectRequiredException {
    AccessTokenRequest accessTokenRequest = oauth2Context.getAccessTokenRequest();
    if (accessTokenRequest == null) {
        throw new AccessTokenRequiredException("No OAuth 2 security context has been established. Unable to access resource '" + this.resource.getId() + "'.", resource);
    }
    // Transfer the preserved state from the (longer lived) context to the current request.
    String stateKey = accessTokenRequest.getStateKey();
    if (stateKey != null) {
        accessTokenRequest.setPreservedState(oauth2Context.removePreservedState(stateKey));
    }
    OAuth2AccessToken existingToken = oauth2Context.getAccessToken();
    if (existingToken != null) {
        accessTokenRequest.setExistingToken(existingToken);
    }
    OAuth2AccessToken accessToken = null;
    accessToken = accessTokenProvider.obtainAccessToken(resource, accessTokenRequest);
    if (accessToken == null || accessToken.getValue() == null) {
        throw new IllegalStateException("Access token provider returned a null access token, which is illegal according to the contract.");
    }
    oauth2Context.setAccessToken(accessToken);
    return accessToken;
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) AccessTokenRequiredException(org.springframework.security.oauth2.client.http.AccessTokenRequiredException) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)

Aggregations

OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)265 Test (org.junit.Test)177 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)144 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)93 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)71 Test (org.junit.jupiter.api.Test)48 Date (java.util.Date)44 Authentication (org.springframework.security.core.Authentication)41 HashMap (java.util.HashMap)39 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)35 Instant (java.time.Instant)32 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)31 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)28 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)26 OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)21 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)20 DBUnitTest (org.orcid.test.DBUnitTest)19 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)19 OAuth2RefreshToken (org.springframework.security.oauth2.core.OAuth2RefreshToken)19 Map (java.util.Map)18