Example 76 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.
the class ApiOAuth2TokenManagerTest method readAuthenticationForRefreshToken.
@Test
public void readAuthenticationForRefreshToken() throws Exception {
when(tokenDAO.readAuthenticationForRefreshToken(Mockito.any(OAuth2RefreshToken.class))).thenReturn(Mockito.any(OAuth2Authentication.class));
OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value");
OAuth2Authentication auth = this.tokenManager.readAuthenticationForRefreshToken(refreshToken);
Assert.assertNull(auth);
Mockito.verify(tokenDAO, Mockito.times(1)).readAuthenticationForRefreshToken(refreshToken);
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Test(org.junit.Test)
Example 77 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project entando-core by entando.
the class OAuth2TokenDAO method readRefreshToken.
@Override
public OAuth2RefreshToken readRefreshToken(String tokenValue) {
FieldSearchFilter filter = new FieldSearchFilter("refreshtoken", tokenValue, true);
FieldSearchFilter[] filters = { filter };
List<String> accessTokens = super.searchId(filters);
if (null != accessTokens && accessTokens.size() > 0) {
return new DefaultOAuth2RefreshToken(tokenValue);
}
return null;
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
FieldSearchFilter(com.agiletec.aps.system.common.FieldSearchFilter)
Example 78 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project ORCID-Source by ORCID.
the class OrcidTokenStoreServiceImpl method getOauth2AccessTokenFromDetails.
private OAuth2AccessToken getOauth2AccessTokenFromDetails(OrcidOauth2TokenDetail detail) {
DefaultOAuth2AccessToken token = null;
if (detail != null && StringUtils.isNotBlank(detail.getTokenValue())) {
token = new DefaultOAuth2AccessToken(detail.getTokenValue());
token.setExpiration(detail.getTokenExpiration());
token.setScope(OAuth2Utils.parseParameterList(detail.getScope()));
token.setTokenType(detail.getTokenType());
String refreshToken = detail.getRefreshTokenValue();
OAuth2RefreshToken rt;
if (StringUtils.isNotBlank(refreshToken)) {
if (detail.getRefreshTokenExpiration() != null) {
rt = new DefaultExpiringOAuth2RefreshToken(detail.getRefreshTokenValue(), detail.getRefreshTokenExpiration());
} else {
rt = new DefaultOAuth2RefreshToken(detail.getRefreshTokenValue());
}
token.setRefreshToken(rt);
}
ProfileEntity profile = detail.getProfile();
if (profile != null) {
Map<String, Object> additionalInfo = new HashMap<String, Object>();
additionalInfo.put(OrcidOauth2Constants.ORCID, profile.getId());
additionalInfo.put(OrcidOauth2Constants.PERSISTENT, detail.isPersistent());
additionalInfo.put(OrcidOauth2Constants.DATE_CREATED, detail.getDateCreated());
additionalInfo.put(OrcidOauth2Constants.TOKEN_VERSION, detail.getVersion());
token.setAdditionalInformation(additionalInfo);
}
String clientId = detail.getClientDetailsId();
if (!PojoUtil.isEmpty(clientId)) {
Map<String, Object> additionalInfo = new HashMap<String, Object>();
Map<String, Object> additionalInfoInToken = token.getAdditionalInformation();
if (additionalInfoInToken != null && !additionalInfoInToken.isEmpty()) {
additionalInfo.putAll(additionalInfoInToken);
}
// Copy to a new one to avoid unmodifiable
additionalInfo.put(OrcidOauth2Constants.CLIENT_ID, clientId);
token.setAdditionalInformation(additionalInfo);
}
}
return token;
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
HashMap(java.util.HashMap)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
Example 79 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project ORCID-Source by ORCID.
the class OrcidTokenStoreServiceImpl method populatePropertiesFromTokenAndAuthentication.
private OrcidOauth2TokenDetail populatePropertiesFromTokenAndAuthentication(OAuth2AccessToken token, OAuth2Authentication authentication, OrcidOauth2TokenDetail detail) {
OAuth2Request authorizationRequest = authentication.getOAuth2Request();
if (detail == null) {
detail = new OrcidOauth2TokenDetail();
}
// Update to put auth code in token detail so it can be revoked based on code if needed.
if (authentication.getOAuth2Request().getRequestParameters().get("code") != null) {
detail.setAuthorizationCode(authentication.getOAuth2Request().getRequestParameters().get("code").toString());
}
String clientId = authorizationRequest.getClientId();
String authKey = authenticationKeyGenerator.extractKey(authentication);
detail.setAuthenticationKey(authKey);
detail.setClientDetailsId(clientId);
OAuth2RefreshToken refreshToken = token.getRefreshToken();
if (refreshToken != null && StringUtils.isNotBlank(refreshToken.getValue())) {
if (refreshToken instanceof ExpiringOAuth2RefreshToken) {
// Override the refresh token expiration from the client
// details, and make it the same as the token itself
detail.setRefreshTokenExpiration(token.getExpiration());
}
detail.setRefreshTokenValue(refreshToken.getValue());
}
if (!authentication.isClientOnly()) {
Object principal = authentication.getPrincipal();
if (principal instanceof ProfileEntity) {
ProfileEntity profileEntity = (ProfileEntity) authentication.getPrincipal();
profileEntity = profileEntityCacheManager.retrieve(profileEntity.getId());
detail.setProfile(profileEntity);
}
}
detail.setTokenValue(token.getValue());
detail.setTokenType(token.getTokenType());
detail.setTokenExpiration(token.getExpiration());
detail.setApproved(authorizationRequest.isApproved());
detail.setRedirectUri(authorizationRequest.getRedirectUri());
Set<String> resourceIds = authorizationRequest.getResourceIds();
if (resourceIds == null || resourceIds.isEmpty()) {
ClientDetailsEntity clientDetails = clientDetailsEntityCacheManager.retrieve(clientId);
resourceIds = clientDetails.getResourceIds();
}
detail.setResourceId(OAuth2Utils.formatParameterList(resourceIds));
detail.setResponseType(OAuth2Utils.formatParameterList(authorizationRequest.getResponseTypes()));
detail.setScope(OAuth2Utils.formatParameterList(authorizationRequest.getScope()));
Map<String, Object> additionalInfo = token.getAdditionalInformation();
if (additionalInfo != null) {
if (additionalInfo.containsKey(OrcidOauth2Constants.TOKEN_VERSION)) {
String sVersion = String.valueOf(additionalInfo.get(OrcidOauth2Constants.TOKEN_VERSION));
detail.setVersion(Long.valueOf(sVersion));
} else {
// TODO: As of Jan 2015 all tokens will be new tokens, so, we
// will have to remove the token version code and
// treat all tokens as new tokens
detail.setVersion(Long.valueOf(OrcidOauth2Constants.PERSISTENT_TOKEN));
}
if (additionalInfo.containsKey(OrcidOauth2Constants.PERSISTENT)) {
boolean isPersistentKey = (Boolean) additionalInfo.get(OrcidOauth2Constants.PERSISTENT);
detail.setPersistent(isPersistentKey);
} else {
detail.setPersistent(false);
}
} else {
detail.setPersistent(false);
}
return detail;
}
Also used :
ClientDetailsEntity(org.orcid.persistence.jpa.entities.ClientDetailsEntity)
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
OrcidOauth2TokenDetail(org.orcid.persistence.jpa.entities.OrcidOauth2TokenDetail)
ProfileEntity(org.orcid.persistence.jpa.entities.ProfileEntity)
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
Example 80 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class DefaultTokenServices method createRefreshToken.
private OAuth2RefreshToken createRefreshToken(OAuth2Authentication authentication) {
if (!isSupportRefreshToken(authentication.getOAuth2Request())) {
return null;
}
int validitySeconds = getRefreshTokenValiditySeconds(authentication.getOAuth2Request());
String tokenValue = new String(Base64.encodeBase64URLSafe(DEFAULT_TOKEN_GENERATOR.generateKey()), US_ASCII);
if (validitySeconds > 0) {
return new DefaultExpiringOAuth2RefreshToken(tokenValue, new Date(System.currentTimeMillis() + (validitySeconds * 1000L)));
}
return new DefaultOAuth2RefreshToken(tokenValue);
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
Date(java.util.Date)
Aggregations
OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)74
OAuth2RefreshToken (org.springframework.security.oauth2.core.OAuth2RefreshToken)57
Test (org.junit.jupiter.api.Test)41
Test (org.junit.Test)39
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)38
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)33
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)31
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)25
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)25
OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)24
ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)24
Authentication (org.springframework.security.core.Authentication)20
Instant (java.time.Instant)19
ClientRequest (org.springframework.web.reactive.function.client.ClientRequest)18
RegisteredClient (org.springframework.security.oauth2.server.authorization.client.RegisteredClient)17
DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)16
HashMap (java.util.HashMap)15
OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)14
RedisConnection (org.springframework.data.redis.connection.RedisConnection)13
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)13
