Example 86 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class TokenStoreBaseTests method testStoreRefreshToken.
@Test
public /**
* NB: This used to test expiring refresh tokens. That test has been moved to sub-classes since not all stores support the functionality
*/
void testStoreRefreshToken() {
String refreshToken = "testToken" + UUID.randomUUID();
DefaultOAuth2RefreshToken expectedRefreshToken = new DefaultOAuth2RefreshToken(refreshToken);
OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
getTokenStore().storeRefreshToken(expectedRefreshToken, expectedAuthentication);
OAuth2RefreshToken actualExpiringRefreshToken = getTokenStore().readRefreshToken(refreshToken);
assertEquals(expectedRefreshToken, actualExpiringRefreshToken);
assertEquals(expectedAuthentication, getTokenStore().readAuthenticationForRefreshToken(expectedRefreshToken));
getTokenStore().removeRefreshToken(expectedRefreshToken);
assertNull(getTokenStore().readRefreshToken(refreshToken));
assertNull(getTokenStore().readAuthentication(expectedRefreshToken.getValue()));
}
Also used :
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Test(org.junit.Test)
Example 87 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractDefaultTokenServicesTests method testRefreshTokenNonExpiring.
@Test
public void testRefreshTokenNonExpiring() throws Exception {
ClientDetailsService clientDetailsService = new InMemoryClientDetailsServiceBuilder().withClient("id").refreshTokenValiditySeconds(0).authorizedGrantTypes("refresh_token").and().build();
DefaultTokenServices tokenServices = getTokenServices();
tokenServices.setClientDetailsService(clientDetailsService);
OAuth2RefreshToken refreshToken = tokenServices.createAccessToken(createAuthentication()).getRefreshToken();
assertNotNull(refreshToken);
assertFalse(refreshToken instanceof ExpiringOAuth2RefreshToken);
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
InMemoryClientDetailsServiceBuilder(org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder)
ClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService)
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
Test(org.junit.Test)
Example 88 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project spring-security-oauth by spring-projects.
the class AbstractPersistentDefaultTokenServicesTests method testNotReuseRefreshTokenMaintainsState.
@Test
public void testNotReuseRefreshTokenMaintainsState() throws Exception {
getTokenServices().setSupportRefreshToken(true);
getTokenServices().setReuseRefreshToken(false);
OAuth2AccessToken accessToken = getTokenServices().createAccessToken(createAuthentication());
OAuth2RefreshToken expectedExpiringRefreshToken = accessToken.getRefreshToken();
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", null, null);
OAuth2AccessToken refreshedAccessToken = getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
assertNotNull(refreshedAccessToken);
assertEquals(1, getRefreshTokenCount());
}
Also used :
ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
TokenRequest(org.springframework.security.oauth2.provider.TokenRequest)
Test(org.junit.Test)
Example 89 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project FoodSocial by zxlrise.
the class UserController method logout.
/**
* 安全退出
*
* @param access_token
* @param authorization
* @return
*/
@GetMapping("user/logout")
public ResultInfo logout(String access_token, String authorization) {
// 判断 access_token 是否为空,为空将 authorization 赋值给 access_token
if (StringUtils.isBlank(access_token)) {
access_token = authorization;
}
// 判断 authorization 是否为空
if (StringUtils.isBlank(access_token)) {
return ResultInfoUtil.buildSuccess(request.getServletPath(), "退出成功");
}
// 判断 bearer token 是否为空
if (access_token.toLowerCase().contains("bearer ".toLowerCase())) {
access_token = access_token.toLowerCase().replace("bearer ", "");
}
// 清除 redis token 信息
OAuth2AccessToken oAuth2AccessToken = redisTokenStore.readAccessToken(access_token);
if (oAuth2AccessToken != null) {
redisTokenStore.removeAccessToken(oAuth2AccessToken);
OAuth2RefreshToken refreshToken = oAuth2AccessToken.getRefreshToken();
redisTokenStore.removeRefreshToken(refreshToken);
}
return ResultInfoUtil.buildSuccess(request.getServletPath(), "退出成功");
}
Also used :
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
GetMapping(org.springframework.web.bind.annotation.GetMapping)
Example 90 with OAuth2RefreshToken
use of org.springframework.security.oauth2.core.OAuth2RefreshToken in project okta-idx-java by okta.
the class HelperUtil method buildOAuth2RefreshToken.
public OAuth2RefreshToken buildOAuth2RefreshToken(final JsonNode node) {
OAuth2RefreshToken oAuth2RefreshToken = null;
final JsonNode refreshTokenNode = node.get("refresh_token");
if (refreshTokenNode != null) {
final String refreshTokenStr = refreshTokenNode.textValue();
if (Strings.hasText(refreshTokenStr)) {
oAuth2RefreshToken = new OAuth2RefreshToken(refreshTokenStr, null);
}
}
return oAuth2RefreshToken;
}
Also used :
OAuth2RefreshToken(org.springframework.security.oauth2.core.OAuth2RefreshToken)
JsonNode(com.fasterxml.jackson.databind.JsonNode)
Aggregations
OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)74
OAuth2RefreshToken (org.springframework.security.oauth2.core.OAuth2RefreshToken)57
Test (org.junit.jupiter.api.Test)41
Test (org.junit.Test)39
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)38
OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)33
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)31
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)25
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)25
OAuth2AuthorizedClient (org.springframework.security.oauth2.client.OAuth2AuthorizedClient)24
ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)24
Authentication (org.springframework.security.core.Authentication)20
Instant (java.time.Instant)19
ClientRequest (org.springframework.web.reactive.function.client.ClientRequest)18
RegisteredClient (org.springframework.security.oauth2.server.authorization.client.RegisteredClient)17
DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)16
HashMap (java.util.HashMap)15
OAuth2Authorization (org.springframework.security.oauth2.server.authorization.OAuth2Authorization)14
RedisConnection (org.springframework.data.redis.connection.RedisConnection)13
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)13
