Examples with OAuth2AuthorizationExchange org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange used on opensource projects

Search in sources :

Example 41 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class ServerOAuth2AuthorizationCodeAuthenticationTokenConverter method authenticationRequest.

private Mono<OAuth2AuthorizationCodeAuthenticationToken> authenticationRequest(ServerWebExchange exchange, OAuth2AuthorizationRequest authorizationRequest) {
    // @formatter:off
    return Mono.just(authorizationRequest).map(OAuth2AuthorizationRequest::getAttributes).flatMap((attributes) -> {
        String id = (String) attributes.get(OAuth2ParameterNames.REGISTRATION_ID);
        if (id == null) {
            return oauth2AuthorizationException(CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE);
        }
        return this.clientRegistrationRepository.findByRegistrationId(id);
    }).switchIfEmpty(oauth2AuthorizationException(CLIENT_REGISTRATION_NOT_FOUND_ERROR_CODE)).map((clientRegistration) -> {
        OAuth2AuthorizationResponse authorizationResponse = convertResponse(exchange);
        OAuth2AuthorizationCodeAuthenticationToken authenticationRequest = new OAuth2AuthorizationCodeAuthenticationToken(clientRegistration, new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse));
        return authenticationRequest;
    });
// @formatter:on
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)

Example 42 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OAuth2AuthorizationCodeGrantRequestEntityConverter method createParameters.

@Override
protected MultiValueMap<String, String> createParameters(OAuth2AuthorizationCodeGrantRequest authorizationCodeGrantRequest) {
    ClientRegistration clientRegistration = authorizationCodeGrantRequest.getClientRegistration();
    OAuth2AuthorizationExchange authorizationExchange = authorizationCodeGrantRequest.getAuthorizationExchange();
    MultiValueMap<String, String> parameters = new LinkedMultiValueMap<>();
    parameters.add(OAuth2ParameterNames.GRANT_TYPE, authorizationCodeGrantRequest.getGrantType().getValue());
    parameters.add(OAuth2ParameterNames.CODE, authorizationExchange.getAuthorizationResponse().getCode());
    String redirectUri = authorizationExchange.getAuthorizationRequest().getRedirectUri();
    String codeVerifier = authorizationExchange.getAuthorizationRequest().getAttribute(PkceParameterNames.CODE_VERIFIER);
    if (redirectUri != null) {
        parameters.add(OAuth2ParameterNames.REDIRECT_URI, redirectUri);
    }
    if (!ClientAuthenticationMethod.CLIENT_SECRET_BASIC.equals(clientRegistration.getClientAuthenticationMethod()) && !ClientAuthenticationMethod.BASIC.equals(clientRegistration.getClientAuthenticationMethod())) {
        parameters.add(OAuth2ParameterNames.CLIENT_ID, clientRegistration.getClientId());
    }
    if (ClientAuthenticationMethod.CLIENT_SECRET_POST.equals(clientRegistration.getClientAuthenticationMethod()) || ClientAuthenticationMethod.POST.equals(clientRegistration.getClientAuthenticationMethod())) {
        parameters.add(OAuth2ParameterNames.CLIENT_SECRET, clientRegistration.getClientSecret());
    }
    if (codeVerifier != null) {
        parameters.add(PkceParameterNames.CODE_VERIFIER, codeVerifier);
    }
    return parameters;
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) LinkedMultiValueMap(org.springframework.util.LinkedMultiValueMap) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)

Example 43 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OidcAuthorizationCodeReactiveAuthenticationManagerTests method loginToken.

private OAuth2AuthorizationCodeAuthenticationToken loginToken() {
    ClientRegistration clientRegistration = this.registration.build();
    Map<String, Object> attributes = new HashMap<>();
    Map<String, Object> additionalParameters = new HashMap<>();
    try {
        String nonce = this.secureKeyGenerator.generateKey();
        this.nonceHash = OidcAuthorizationCodeReactiveAuthenticationManager.createHash(nonce);
        attributes.put(OidcParameterNames.NONCE, nonce);
        additionalParameters.put(OidcParameterNames.NONCE, this.nonceHash);
    } catch (NoSuchAlgorithmException ex) {
    }
    // @formatter:off
    OAuth2AuthorizationRequest authorizationRequest = OAuth2AuthorizationRequest.authorizationCode().state("state").clientId(clientRegistration.getClientId()).authorizationUri(clientRegistration.getProviderDetails().getAuthorizationUri()).redirectUri(clientRegistration.getRedirectUri()).scopes(clientRegistration.getScopes()).additionalParameters(additionalParameters).attributes(attributes).build();
    OAuth2AuthorizationResponse authorizationResponse = this.authorizationResponseBldr.redirectUri(clientRegistration.getRedirectUri()).build();
    // @formatter:on
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, authorizationResponse);
    return new OAuth2AuthorizationCodeAuthenticationToken(clientRegistration, authorizationExchange);
}
Also used : ClientRegistration(org.springframework.security.oauth2.client.registration.ClientRegistration) HashMap(java.util.HashMap) OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationCodeAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) OAuth2AuthorizationResponse(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)

Example 44 with OAuth2AuthorizationExchange

use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange in project spring-security by spring-projects.

the class OidcAuthorizationCodeAuthenticationProviderTests method authenticateWhenAuthorizationRequestDoesNotContainOpenidScopeThenReturnNull.

@Test
public void authenticateWhenAuthorizationRequestDoesNotContainOpenidScopeThenReturnNull() {
    // @formatter:off
    OAuth2AuthorizationRequest authorizationRequest = TestOAuth2AuthorizationRequests.request().scope("scope1").build();
    // @formatter:on
    OAuth2AuthorizationExchange authorizationExchange = new OAuth2AuthorizationExchange(authorizationRequest, this.authorizationResponse);
    OAuth2LoginAuthenticationToken authentication = (OAuth2LoginAuthenticationToken) this.authenticationProvider.authenticate(new OAuth2LoginAuthenticationToken(this.clientRegistration, authorizationExchange));
    assertThat(authentication).isNull();
}
Also used : OAuth2AuthorizationExchange(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange) OAuth2AuthorizationRequest(org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest) OAuth2LoginAuthenticationToken(org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken) Test(org.junit.jupiter.api.Test)

Aggregations

OAuth2AuthorizationExchange (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExchange)44 OAuth2AuthorizationResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationResponse)26 Test (org.junit.jupiter.api.Test)24 OAuth2AuthorizationRequest (org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest)23 ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)19 OAuth2AuthorizationCodeAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2AuthorizationCodeAuthenticationToken)10 HashMap (java.util.HashMap)9 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)9 OAuth2LoginAuthenticationToken (org.springframework.security.oauth2.client.authentication.OAuth2LoginAuthenticationToken)8 OAuth2AccessTokenResponse (org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse)8 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)7 ServerAuthenticationConverter (org.springframework.security.web.server.authentication.ServerAuthenticationConverter)7 WebTestClient (org.springframework.test.web.reactive.server.WebTestClient)7 BeforeEach (org.junit.jupiter.api.BeforeEach)5 HttpHeaders (org.springframework.http.HttpHeaders)5 OAuth2AuthorizationCodeGrantRequest (org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest)5 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)4 ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)4 BDDMockito.given (org.mockito.BDDMockito.given)4 Mockito.mock (org.mockito.Mockito.mock)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial