Examples with ClientDetails org.springframework.security.oauth2.provider.ClientDetails used on opensource projects

Example 36 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project ORCID-Source by ORCID.

the class OrcidImplicitTokenGranter method getOAuth2Authentication.

/**
 * Note, client must have implicit scope in client_authorized_grant_type
 * table to get this far. Otherwise request will be rejected by
 * OrcidClientCredentialsChecker
 */
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest clientToken) {
    Authentication userAuthSpring = SecurityContextHolder.getContext().getAuthentication();
    if (userAuthSpring == null || !userAuthSpring.isAuthenticated()) {
        throw new InsufficientAuthenticationException("There is no currently logged in user");
    }
    OAuth2Request request = ((ImplicitTokenRequest) clientToken).getOAuth2Request();
    OrcidOauth2UserAuthentication userAuth = new OrcidOauth2UserAuthentication(profileEntityManager.findByOrcid(userAuthSpring.getName()), userAuthSpring.isAuthenticated());
    OAuth2Authentication result = new OAuth2Authentication(request, userAuth);
    return result;
}

Example 37 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method tokenExpireIn20YearsTest.

/**
 * Check that the token created with a persistent code will expire within 20 years
 */
@Test
public void tokenExpireIn20YearsTest() throws InterruptedException {
    Date in20years = twentyYearsTime();
    Thread.sleep(2000);
    Map<String, String> requestParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    requestParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    requestParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    requestParameters.put("code", "code1");
    requestParameters.put(OrcidOauth2Constants.IS_PERSISTENT, "true");
    OAuth2Request request = new OAuth2Request(requestParameters, clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date tokenExpiration = oauth2AccessToken.getExpiration();
    // The token expires in 20 years
    assertFalse(in20years.after(tokenExpiration));
    in20years = twentyYearsTime();
    // Confirm the token expires in 20 years
    assertFalse(tokenExpiration.after(in20years));
}

Example 38 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project spring-security-oauth by spring-projects.

the class TokenEndpointTests method testGetAccessTokenWithScope.

@Test
public void testGetAccessTokenWithScope() throws HttpRequestMethodNotSupportedException {
    when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(clientDetails);
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put("client_id", clientId);
    parameters.put("scope", "read");
    parameters.put("grant_type", "authorization_code");
    parameters.put("code", "kJAHDFG");
    OAuth2AccessToken expectedToken = new DefaultOAuth2AccessToken("FOO");
    ArgumentCaptor<TokenRequest> captor = ArgumentCaptor.forClass(TokenRequest.class);
    when(tokenGranter.grant(eq("authorization_code"), captor.capture())).thenReturn(expectedToken);
    @SuppressWarnings("unchecked") Map<String, String> anyMap = Mockito.any(Map.class);
    when(authorizationRequestFactory.createTokenRequest(anyMap, eq(clientDetails))).thenReturn(createFromParameters(parameters));
    ResponseEntity<OAuth2AccessToken> response = endpoint.postAccessToken(clientAuthentication, parameters);
    assertNotNull(response);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    OAuth2AccessToken body = response.getBody();
    assertEquals(body, expectedToken);
    assertTrue("Wrong body: " + body, body.getTokenType() != null);
    assertTrue("Scope of token request not cleared", captor.getValue().getScope().isEmpty());
}

Example 39 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project spring-security-oauth by spring-projects.

the class TokenEndpointTests method testGetAccessTokenReturnsHeaderContentTypeJson.

// gh-1268
@Test
public void testGetAccessTokenReturnsHeaderContentTypeJson() throws Exception {
    when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(clientDetails);
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put("client_id", clientId);
    parameters.put("scope", "read");
    parameters.put("grant_type", "authorization_code");
    parameters.put("code", "kJAHDFG");
    OAuth2AccessToken expectedToken = new DefaultOAuth2AccessToken("FOO");
    when(tokenGranter.grant(eq("authorization_code"), any(TokenRequest.class))).thenReturn(expectedToken);
    when(authorizationRequestFactory.createTokenRequest(any(Map.class), eq(clientDetails))).thenReturn(createFromParameters(parameters));
    ResponseEntity<OAuth2AccessToken> response = endpoint.postAccessToken(clientAuthentication, parameters);
    assertNotNull(response);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    assertEquals("application/json;charset=UTF-8", response.getHeaders().get("Content-Type").iterator().next());
}

Example 40 with ClientDetails

use of org.springframework.security.oauth2.provider.ClientDetails in project spring-security-oauth by spring-projects.

the class ResourceOwnerPasswordTokenGranter method getOAuth2Authentication.

@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
    Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
    String username = parameters.get("username");
    String password = parameters.get("password");
    // Protect from downstream leaks of password
    parameters.remove("password");
    Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password);
    ((AbstractAuthenticationToken) userAuth).setDetails(parameters);
    try {
        userAuth = authenticationManager.authenticate(userAuth);
    } catch (AccountStatusException ase) {
        // covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)
        throw new InvalidGrantException(ase.getMessage());
    } catch (BadCredentialsException e) {
        // If the username/password are wrong the spec says we should send 400/invalid grant
        throw new InvalidGrantException(e.getMessage());
    }
    if (userAuth == null || !userAuth.isAuthenticated()) {
        throw new InvalidGrantException("Could not authenticate user: " + username);
    }
    OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
    return new OAuth2Authentication(storedOAuth2Request, userAuth);
}