Search in sources :

Example 76 with AuthorizationRequest

use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.

the class OAuth2AuthenticationTests method testSerializationWithDetails.

@Test
public void testSerializationWithDetails() {
    OAuth2Authentication holder = new OAuth2Authentication(new AuthorizationRequest("client", Arrays.asList("read")).createOAuth2Request(), new UsernamePasswordAuthenticationToken("user", "pwd"));
    holder.setDetails(new OAuth2AuthenticationDetails(new MockHttpServletRequest()));
    OAuth2Authentication other = (OAuth2Authentication) SerializationUtils.deserialize(SerializationUtils.serialize(holder));
    assertEquals(holder, other);
}
Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) OAuth2AuthenticationDetails(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails) Test(org.junit.Test)

Example 77 with AuthorizationRequest

use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testExplicitlyApprovedScopes.

@Test
public void testExplicitlyApprovedScopes() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    authorizationRequest.setApprovalParameters(Collections.singletonMap("scope.read", "approved"));
    AuthorizationRequest result = handler.updateAfterApproval(authorizationRequest, userAuthentication);
    assertTrue(handler.isApproved(result, userAuthentication));
    assertEquals(1, store.getApprovals("user", "client").size());
    assertEquals(1, result.getScope().size());
    assertTrue(result.isApproved());
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) Test(org.junit.Test)

Example 78 with AuthorizationRequest

use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testAutoapprovedAllScopes.

@Test
public void testAutoapprovedAllScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("true")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) Test(org.junit.Test)

Example 79 with AuthorizationRequest

use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testAutoapprovedScopes.

@Test
public void testAutoapprovedScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("read")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) Test(org.junit.Test)

Example 80 with AuthorizationRequest

use of org.springframework.security.oauth2.provider.AuthorizationRequest in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testExplicitlyUnapprovedScopes.

@Test
public void testExplicitlyUnapprovedScopes() {
    store.addApprovals(Arrays.asList(new Approval("user", "client", "read", new Date(System.currentTimeMillis() + 10000), Approval.ApprovalStatus.DENIED)));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertFalse(result.isApproved());
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) Date(java.util.Date) Test(org.junit.Test)

Aggregations

AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)66 Test (org.junit.Test)57 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)45 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)42 Authentication (org.springframework.security.core.Authentication)33 HashMap (java.util.HashMap)18 ModelAndView (org.springframework.web.servlet.ModelAndView)16 HashSet (java.util.HashSet)15 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)15 OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)14 RedirectView (org.springframework.web.servlet.view.RedirectView)14 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)13 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)12 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)12 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)12 Date (java.util.Date)11 ScopePathType (org.orcid.jaxb.model.message.ScopePathType)10 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)8 TokenGranter (org.springframework.security.oauth2.provider.TokenGranter)8 DefaultUserApprovalHandler (org.springframework.security.oauth2.provider.approval.DefaultUserApprovalHandler)8