use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.
the class OrcidRefreshTokenTokenGranterTest method createRefreshTokenWithoutRevokeParentAndWithNarrowerScopes.
@Test
public void createRefreshTokenWithoutRevokeParentAndWithNarrowerScopes() {
// Create token, create refresh with narrower scopes and without
// disabling parent token, parent should work, refresh should have
// narrower scopes
long time = System.currentTimeMillis();
String parentScope = "/person/read-limited";
String refreshScope = "/orcid-bio/read-limited";
String tokenValue = "parent-token-" + time;
String refreshTokenValue = "refresh-token-" + time;
Boolean revokeOld = false;
Date parentTokenExpiration = new Date(time + 10000);
Long expireIn = null;
OrcidOauth2TokenDetail parent = createToken(CLIENT_ID_1, USER_ORCID, tokenValue, refreshTokenValue, parentTokenExpiration, parentScope);
OAuth2AccessToken refresh = generateRefreshToken(parent, null, revokeOld, expireIn, refreshScope);
assertNotNull(refresh);
OrcidOauth2TokenDetail parentToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(parent.getTokenValue());
assertNotNull(parentToken);
assertEquals(tokenValue, parentToken.getTokenValue());
assertFalse(parentToken.getTokenDisabled());
assertEquals(parentScope, parentToken.getScope());
assertNotNull(parentToken.getTokenExpiration());
OrcidOauth2TokenDetail refreshToken = orcidOauth2TokenDetailService.findIgnoringDisabledByTokenValue(refresh.getValue());
assertNotNull(refreshToken);
assertNotNull(refreshToken.getTokenValue());
assertNotNull(refreshToken.getRefreshTokenValue());
assertFalse(refreshToken.getTokenDisabled());
assertEquals(refreshScope, refreshToken.getScope());
assertNotNull(refreshToken.getTokenExpiration());
assertEquals(parentToken.getTokenExpiration().getTime(), refreshToken.getTokenExpiration().getTime());
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesImpl method createAccessToken.
@Override
public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException {
OrcidOauth2AuthInfo authInfo = new OrcidOauth2AuthInfo(authentication);
String userOrcid = authInfo.getUserOrcid();
DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
int validitySeconds = getAccessTokenValiditySeconds(authentication.getOAuth2Request());
if (validitySeconds > 0) {
accessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
}
accessToken.setScope(authentication.getOAuth2Request().getScope());
if (customTokenEnhancer != null) {
accessToken = new DefaultOAuth2AccessToken(customTokenEnhancer.enhance(accessToken, authentication));
}
if (this.isSupportRefreshToken(authentication.getOAuth2Request())) {
OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken(UUID.randomUUID().toString());
accessToken.setRefreshToken(refreshToken);
}
orcidTokenStore.storeAccessToken(accessToken, authentication);
LOGGER.info("Creating new access token: clientId={}, scopes={}, userOrcid={}", new Object[] { authInfo.getClientId(), authInfo.getScopes(), userOrcid });
return accessToken;
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project ORCID-Source by ORCID.
the class InternalClientCredentialEndPointDelegatorImpl method obtainOauth2Token.
@Override
@Transactional
public Response obtainOauth2Token(String authorization, MultivaluedMap<String, String> formParams) {
String clientId = formParams.getFirst("client_id");
String scopeList = formParams.getFirst("scope");
String grantType = formParams.getFirst("grant_type");
// Verify it is a client_credentials grant type request
if (!OrcidOauth2Constants.GRANT_TYPE_CLIENT_CREDENTIALS.equals(grantType)) {
Object[] params = { grantType };
throw new UnsupportedGrantTypeException(localeManager.resolveMessage("apiError.unsupported_client_type.exception", params));
}
Authentication client = getClientAuthentication();
if (!client.isAuthenticated()) {
LOGGER.info("Not authenticated for OAuth2: clientId={}, grantType={}, scope={}", new Object[] { clientId, grantType, scopeList });
throw new InsufficientAuthenticationException(localeManager.resolveMessage("apiError.client_not_authenticated.exception"));
}
Set<String> scopes = new HashSet<String>();
if (StringUtils.isNotEmpty(scopeList)) {
scopes = OAuth2Utils.parseParameterList(scopeList);
}
// Verify it is requesting an internal scope
HashSet<String> filteredScopes = new HashSet<String>();
for (String scope : scopes) {
ScopePathType scopeType = ScopePathType.fromValue(scope);
if (scopeType.isInternalScope()) {
filteredScopes.add(scope);
}
}
if (filteredScopes.isEmpty()) {
String message = localeManager.resolveMessage("apiError.9015.developerMessage", new Object[] {});
throw new OrcidInvalidScopeException(message);
}
OAuth2AccessToken token = generateToken(client, scopes, null, null, grantType, null, null, null, false, 0L);
return getResponse(token);
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class AccessTokenProviderChainTests method testSunnyDayClientCredentialsWithTokenServicesSave.
@Test
public void testSunnyDayClientCredentialsWithTokenServicesSave() throws Exception {
AccessTokenProviderChain chain = new AccessTokenProviderChain(Arrays.asList(new StubAccessTokenProvider()));
chain.setClientTokenServices(clientTokenServices);
AccessTokenRequest request = new DefaultAccessTokenRequest();
resource = new ClientCredentialsResourceDetails();
resource.setId("resource");
OAuth2AccessToken token = chain.obtainAccessToken(resource, request);
assertNotNull(token);
Mockito.verify(clientTokenServices).saveAccessToken(resource, null, token);
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JdbcClientTokenServicesTests method testSaveAndRemoveToken.
@Test
public void testSaveAndRemoveToken() throws Exception {
OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setClientId("client");
resource.setScope(Arrays.asList("foo", "bar"));
tokenStore.saveAccessToken(resource, authentication, accessToken);
tokenStore.removeAccessToken(resource, authentication);
// System.err.println(new JdbcTemplate(db).queryForList("select * from oauth_client_token"));
OAuth2AccessToken result = tokenStore.getAccessToken(resource, authentication);
assertNull(result);
}
Aggregations