Example 31 with Builder
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder in project spring-security-oauth by spring-projects.
the class WhitelabelApprovalEndpoint method createTemplate.
protected String createTemplate(Map<String, Object> model, HttpServletRequest request) {
AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");
String clientId = authorizationRequest.getClientId();
StringBuilder builder = new StringBuilder();
builder.append("<html><body><h1>OAuth Approval</h1>");
builder.append("<p>Do you authorize \"").append(HtmlUtils.htmlEscape(clientId));
builder.append("\" to access your protected resources?</p>");
builder.append("<form id=\"confirmationForm\" name=\"confirmationForm\" action=\"");
String requestPath = ServletUriComponentsBuilder.fromContextPath(request).build().getPath();
if (requestPath == null) {
requestPath = "";
}
builder.append(requestPath).append("/oauth/authorize\" method=\"post\">");
builder.append("<input name=\"user_oauth_approval\" value=\"true\" type=\"hidden\"/>");
String csrfTemplate = null;
CsrfToken csrfToken = (CsrfToken) (model.containsKey("_csrf") ? model.get("_csrf") : request.getAttribute("_csrf"));
if (csrfToken != null) {
csrfTemplate = "<input type=\"hidden\" name=\"" + HtmlUtils.htmlEscape(csrfToken.getParameterName()) + "\" value=\"" + HtmlUtils.htmlEscape(csrfToken.getToken()) + "\" />";
}
if (csrfTemplate != null) {
builder.append(csrfTemplate);
}
String authorizeInputTemplate = "<label><input name=\"authorize\" value=\"Authorize\" type=\"submit\"/></label></form>";
if (model.containsKey("scopes") || request.getAttribute("scopes") != null) {
builder.append(createScopes(model, request));
builder.append(authorizeInputTemplate);
} else {
builder.append(authorizeInputTemplate);
builder.append("<form id=\"denialForm\" name=\"denialForm\" action=\"");
builder.append(requestPath).append("/oauth/authorize\" method=\"post\">");
builder.append("<input name=\"user_oauth_approval\" value=\"false\" type=\"hidden\"/>");
if (csrfTemplate != null) {
builder.append(csrfTemplate);
}
builder.append("<label><input name=\"deny\" value=\"Deny\" type=\"submit\"/></label></form>");
}
builder.append("</body></html>");
return builder.toString();
}
Also used :
AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest)
CsrfToken(org.springframework.security.web.csrf.CsrfToken)
Example 32 with Builder
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder in project spring-security-oauth by spring-projects.
the class AuthorizationServerSecurityConfigurer method init.
@Override
public void init(HttpSecurity http) throws Exception {
registerDefaultAuthenticationEntryPoint(http);
AuthenticationManagerBuilder builder = http.getSharedObject(AuthenticationManagerBuilder.class);
if (authenticationEventPublisher != null) {
builder.authenticationEventPublisher(authenticationEventPublisher);
}
if (authenticationProviders.isEmpty()) {
if (passwordEncoder != null) {
builder.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService())).passwordEncoder(passwordEncoder());
} else {
builder.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService()));
}
} else {
for (AuthenticationProvider provider : authenticationProviders) {
builder.authenticationProvider(provider);
}
}
http.securityContext().securityContextRepository(new NullSecurityContextRepository()).and().csrf().disable().httpBasic().authenticationEntryPoint(this.authenticationEntryPoint).realmName(realm);
if (sslOnly) {
http.requiresChannel().anyRequest().requiresSecure();
}
}
Also used :
AuthenticationManagerBuilder(org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder)
NullSecurityContextRepository(org.springframework.security.web.context.NullSecurityContextRepository)
AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
DaoAuthenticationProvider(org.springframework.security.authentication.dao.DaoAuthenticationProvider)
ClientDetailsUserDetailsService(org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService)
Example 33 with Builder
use of org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest.Builder in project spring-security-oauth by spring-projects.
the class AuthorizationCodeAccessTokenProvider method getRedirectForAuthorization.
private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {
// we don't have an authorization code yet. So first get that.
TreeMap<String, String> requestParameters = new TreeMap<String, String>();
// oauth2 spec, section 3
requestParameters.put("response_type", "code");
requestParameters.put("client_id", resource.getClientId());
// Client secret is not required in the initial authorization request
String redirectUri = resource.getRedirectUri(request);
if (redirectUri != null) {
requestParameters.put("redirect_uri", redirectUri);
}
if (resource.isScoped()) {
StringBuilder builder = new StringBuilder();
List<String> scope = resource.getScope();
if (scope != null) {
Iterator<String> scopeIt = scope.iterator();
while (scopeIt.hasNext()) {
builder.append(scopeIt.next());
if (scopeIt.hasNext()) {
builder.append(' ');
}
}
}
requestParameters.put("scope", builder.toString());
}
UserRedirectRequiredException redirectException = new UserRedirectRequiredException(resource.getUserAuthorizationUri(), requestParameters);
String stateKey = stateKeyGenerator.generateKey(resource);
redirectException.setStateKey(stateKey);
request.setStateKey(stateKey);
redirectException.setStateToPreserve(redirectUri);
request.setPreservedState(redirectUri);
return redirectException;
}
Also used :
TreeMap(java.util.TreeMap)
UserRedirectRequiredException(org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)
Aggregations
Test (org.junit.jupiter.api.Test)9
Jwt (org.springframework.security.oauth2.jwt.Jwt)8
ClientRegistration (org.springframework.security.oauth2.client.registration.ClientRegistration)6
GrantedAuthority (org.springframework.security.core.GrantedAuthority)5
Authentication (org.springframework.security.core.Authentication)3
Builder (org.springframework.security.oauth2.client.registration.ClientRegistration.Builder)3
ClientRegistrationException (org.springframework.security.oauth2.provider.ClientRegistrationException)3
EncryptionException (com.evolveum.midpoint.prism.crypto.EncryptionException)2
HttpServletRequest (jakarta.servlet.http.HttpServletRequest)2
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)2
HashMap (java.util.HashMap)2
Base64Exception (org.apache.cxf.common.util.Base64Exception)2
CommonOAuth2Provider (org.springframework.security.config.oauth2.client.CommonOAuth2Provider)2
AuthenticationException (org.springframework.security.core.AuthenticationException)2
OAuth2AuthorizeRequest (org.springframework.security.oauth2.client.OAuth2AuthorizeRequest)2
ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)2
UriComponentsBuilder (org.springframework.web.util.UriComponentsBuilder)2
DefaultExceptionMessageBuilder (com.epam.ta.reportportal.commons.exception.message.DefaultExceptionMessageBuilder)1
DefaultErrorResolver (com.epam.ta.reportportal.commons.exception.rest.DefaultErrorResolver)1
ReportPortalExceptionResolver (com.epam.ta.reportportal.commons.exception.rest.ReportPortalExceptionResolver)1
