use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JaxbOAuth2AccessTokenMessageConverterTests method readAccessToken.
@Test
public void readAccessToken() throws IOException {
when(inputMessage.getBody()).thenReturn(createInputStream(OAUTH_ACCESSTOKEN));
OAuth2AccessToken token = converter.read(OAuth2AccessToken.class, inputMessage);
assertTokenEquals(accessToken, token);
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class JaxbOAuth2AccessTokenMessageConverterTests method assertTokenEquals.
private static void assertTokenEquals(OAuth2AccessToken expected, OAuth2AccessToken actual) {
assertEquals(expected.getTokenType(), actual.getTokenType());
assertEquals(expected.getValue(), actual.getValue());
OAuth2RefreshToken expectedRefreshToken = expected.getRefreshToken();
if (expectedRefreshToken == null) {
assertNull(actual.getRefreshToken());
} else {
assertEquals(expectedRefreshToken.getValue(), actual.getRefreshToken().getValue());
}
assertEquals(expected.getScope(), actual.getScope());
Date expectedExpiration = expected.getExpiration();
if (expectedExpiration == null) {
assertNull(actual.getExpiration());
} else {
assertEquals(expectedExpiration.getTime(), actual.getExpiration().getTime());
}
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testImplicitError.
@Test
public void testImplicitError() throws Exception {
endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {
public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return true;
}
});
endpoint.setTokenGranter(new TokenGranter() {
public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
return null;
}
});
AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", "myscope", Collections.singleton("token"));
ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
String url = ((RedirectView) result.getView()).getUrl();
assertTrue("Wrong view: " + result, url.startsWith("http://anywhere.com"));
assertTrue("No error: " + result, url.contains("#error="));
assertTrue("Wrong state: " + result, url.contains("&state=mystate"));
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testImplicitAppendsScopeWhenDefaulting.
@Test
public void testImplicitAppendsScopeWhenDefaulting() throws Exception {
endpoint.setTokenGranter(new TokenGranter() {
public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
token.setScope(new LinkedHashSet<String>(Arrays.asList("read", "write")));
return token;
}
});
endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {
public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return true;
}
public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
return authorizationRequest;
}
});
client.setScope(Collections.singleton("read"));
AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", null, Collections.singleton("token"));
ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
String url = ((RedirectView) result.getView()).getUrl();
assertTrue("Wrong scope: " + result, url.contains("&scope=read%20write"));
}
use of org.springframework.security.oauth2.core.OAuth2AccessToken in project spring-security-oauth by spring-projects.
the class AuthorizationCodeTokenGranterTests method testAuthorizationCodeGrant.
@Test
public void testAuthorizationCodeGrant() {
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("marissa", "koala", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
parameters.clear();
parameters.put(OAuth2Utils.CLIENT_ID, "foo");
parameters.put(OAuth2Utils.SCOPE, "scope");
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request(parameters, "foo", true, Collections.singleton("scope"));
String code = authorizationCodeServices.createAuthorizationCode(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
parameters.putAll(storedOAuth2Request.getRequestParameters());
parameters.put("code", code);
TokenRequest tokenRequest = requestFactory.createTokenRequest(parameters, client);
AuthorizationCodeTokenGranter granter = new AuthorizationCodeTokenGranter(providerTokenServices, authorizationCodeServices, clientDetailsService, requestFactory);
OAuth2AccessToken token = granter.grant("authorization_code", tokenRequest);
assertTrue(providerTokenServices.loadAuthentication(token.getValue()).isAuthenticated());
}
Aggregations