Examples with OAuth2RefreshToken org.springframework.security.oauth2.core.OAuth2RefreshToken used on opensource projects

Example 46 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project ORCID-Source by ORCID.

the class OrcidTokenStoreServiceTest method testRemoveRefreshToken.

@Test
@Transactional
public void testRemoveRefreshToken() throws Exception {
    OAuth2AccessToken token = orcidTokenStoreService.readAccessToken("some-long-oauth2-token-value-3");
    orcidTokenStoreService.removeRefreshToken(token.getRefreshToken());
    OAuth2RefreshToken refreshToken = orcidTokenStoreService.readRefreshToken("some-long-oauth2-refresh-value-3");
    assertNull(refreshToken);
}

Example 47 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesImpl method createAccessToken.

@Override
public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException {
    OrcidOauth2AuthInfo authInfo = new OrcidOauth2AuthInfo(authentication);
    String userOrcid = authInfo.getUserOrcid();
    DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
    int validitySeconds = getAccessTokenValiditySeconds(authentication.getOAuth2Request());
    if (validitySeconds > 0) {
        accessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
    }
    accessToken.setScope(authentication.getOAuth2Request().getScope());
    if (customTokenEnhancer != null) {
        accessToken = new DefaultOAuth2AccessToken(customTokenEnhancer.enhance(accessToken, authentication));
    }
    if (this.isSupportRefreshToken(authentication.getOAuth2Request())) {
        OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken(UUID.randomUUID().toString());
        accessToken.setRefreshToken(refreshToken);
    }
    orcidTokenStore.storeAccessToken(accessToken, authentication);
    LOGGER.info("Creating new access token: clientId={}, scopes={}, userOrcid={}", new Object[] { authInfo.getClientId(), authInfo.getScopes(), userOrcid });
    return accessToken;
}

Example 48 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project cuba by cuba-platform.

the class OAuthTokenRevoker method revokeRefreshToken.

@Nullable
public String revokeRefreshToken(String tokenValue, Authentication clientAuth) {
    OAuth2RefreshToken refreshToken = tokenStore.readRefreshToken(tokenValue);
    if (refreshToken != null) {
        OAuth2Authentication authToRevoke = tokenStore.readAuthenticationForRefreshToken(refreshToken);
        checkIfTokenIsIssuedToClient(clientAuth, authToRevoke);
        tokenStore.removeAccessTokenUsingRefreshToken(refreshToken);
        tokenStore.removeRefreshToken(refreshToken);
        log.debug("Successfully removed refresh token {} (and any associated access token).", refreshToken);
        return refreshToken.getValue();
    }
    log.debug("No refresh token {} found in the token store.", tokenValue);
    return null;
}

Example 49 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesImpl method generateAccessToken.

private DefaultOAuth2AccessToken generateAccessToken(OAuth2Authentication authentication) {
    DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
    int validitySeconds = getAccessTokenValiditySeconds(authentication.getOAuth2Request());
    if (validitySeconds > 0) {
        accessToken.setExpiration(new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
    }
    accessToken.setScope(authentication.getOAuth2Request().getScope());
    if (customTokenEnhancer != null) {
        accessToken = new DefaultOAuth2AccessToken(customTokenEnhancer.enhance(accessToken, authentication));
    }
    if (this.isSupportRefreshToken(authentication.getOAuth2Request())) {
        OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken(UUID.randomUUID().toString());
        accessToken.setRefreshToken(refreshToken);
    }
    return accessToken;
}

Example 50 with OAuth2RefreshToken

use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.

the class OAuth2TokenDAO method readAuthenticationForRefreshToken.

@Override
public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken refreshToken) {
    OAuth2Authentication authentication = null;
    Connection conn = null;
    PreparedStatement stat = null;
    ResultSet res = null;
    try {
        conn = this.getConnection();
        stat = conn.prepareStatement(SELECT_TOKEN_BY_REFRESH);
        stat.setString(1, refreshToken.getValue());
        res = stat.executeQuery();
        if (res.next()) {
            String username = res.getString("localuser");
            UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(username, "");
            String clientid = res.getString("clientid");
            Map<String, String> requestParameters = new HashMap<>();
            requestParameters.put(OAuth2Utils.GRANT_TYPE, res.getString("granttype"));
            OAuth2Request oAuth2Request = new OAuth2Request(requestParameters, clientid, null, true, null, null, null, null, null);
            authentication = new OAuth2Authentication(oAuth2Request, auth);
        }
    } catch (Exception t) {
        logger.error("Error while reading tokens", t);
        throw new RuntimeException("Error while reading tokens", t);
    } finally {
        this.closeDaoResources(res, stat, conn);
    }
    return authentication;
}