Examples with ClientDetailsService org.springframework.security.oauth2.provider.ClientDetailsService used on opensource projects

Example 16 with ClientDetailsService

use of org.springframework.security.oauth2.provider.ClientDetailsService in project spring-security-oauth by spring-projects.

the class DefaultTokenServices method loadAuthentication.

public OAuth2Authentication loadAuthentication(String accessTokenValue) throws AuthenticationException, InvalidTokenException {
    OAuth2AccessToken accessToken = tokenStore.readAccessToken(accessTokenValue);
    if (accessToken == null) {
        throw new InvalidTokenException("Invalid access token: " + accessTokenValue);
    } else if (accessToken.isExpired()) {
        tokenStore.removeAccessToken(accessToken);
        throw new InvalidTokenException("Access token expired: " + accessTokenValue);
    }
    OAuth2Authentication result = tokenStore.readAuthentication(accessToken);
    if (result == null) {
        // in case of race condition
        throw new InvalidTokenException("Invalid access token: " + accessTokenValue);
    }
    if (clientDetailsService != null) {
        String clientId = result.getOAuth2Request().getClientId();
        try {
            clientDetailsService.loadClientByClientId(clientId);
        } catch (ClientRegistrationException e) {
            throw new InvalidTokenException("Client not valid: " + clientId, e);
        }
    }
    return result;
}

Example 17 with ClientDetailsService

use of org.springframework.security.oauth2.provider.ClientDetailsService in project ORCID-Source by ORCID.

the class OrcidClientCredentialsCheckerTest method setup.

@Before
public void setup() {
    MockitoAnnotations.initMocks(this);
    oAuth2RequestFactory = new DefaultOAuth2RequestFactory(clientDetailsService);
    checker = new OrcidClientCredentialsChecker(oAuth2RequestFactory);
    checker.setClientDetailsEntityCacheManager(clientDetailsEntityCacheManager);
    checker.setOrcidOAuth2RequestValidator(orcidOAuth2RequestValidator);
}

Example 18 with ClientDetailsService

use of org.springframework.security.oauth2.provider.ClientDetailsService in project spring-security-oauth by spring-projects.

the class SparklrUserApprovalHandler method checkForPreApproval.

/**
	 * Allows automatic approval for a white list of clients in the implicit grant case.
	 * 
	 * @param authorizationRequest The authorization request.
	 * @param userAuthentication the current user authentication
	 * 
	 * @return An updated request if it has already been approved by the current user.
	 */
@Override
public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
    boolean approved = false;
    // If we are allowed to check existing approvals this will short circuit the decision
    if (useApprovalStore) {
        authorizationRequest = super.checkForPreApproval(authorizationRequest, userAuthentication);
        approved = authorizationRequest.isApproved();
    } else {
        if (clientDetailsService != null) {
            Collection<String> requestedScopes = authorizationRequest.getScope();
            try {
                ClientDetails client = clientDetailsService.loadClientByClientId(authorizationRequest.getClientId());
                for (String scope : requestedScopes) {
                    if (client.isAutoApprove(scope)) {
                        approved = true;
                        break;
                    }
                }
            } catch (ClientRegistrationException e) {
            }
        }
    }
    authorizationRequest.setApproved(approved);
    return authorizationRequest;
}

Example 19 with ClientDetailsService

use of org.springframework.security.oauth2.provider.ClientDetailsService in project spring-security-oauth by spring-projects.

the class AuthorizationServerEndpointsConfiguration method authorizationEndpoint.

@Bean
public AuthorizationEndpoint authorizationEndpoint() throws Exception {
    AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint();
    FrameworkEndpointHandlerMapping mapping = getEndpointsConfigurer().getFrameworkEndpointHandlerMapping();
    authorizationEndpoint.setUserApprovalPage(extractPath(mapping, "/oauth/confirm_access"));
    authorizationEndpoint.setProviderExceptionHandler(exceptionTranslator());
    authorizationEndpoint.setErrorPage(extractPath(mapping, "/oauth/error"));
    authorizationEndpoint.setTokenGranter(tokenGranter());
    authorizationEndpoint.setClientDetailsService(clientDetailsService);
    authorizationEndpoint.setAuthorizationCodeServices(authorizationCodeServices());
    authorizationEndpoint.setOAuth2RequestFactory(oauth2RequestFactory());
    authorizationEndpoint.setOAuth2RequestValidator(oauth2RequestValidator());
    authorizationEndpoint.setUserApprovalHandler(userApprovalHandler());
    return authorizationEndpoint;
}

Example 20 with ClientDetailsService

use of org.springframework.security.oauth2.provider.ClientDetailsService in project spring-security-oauth by spring-projects.

the class AuthorizationServerEndpointsConfigurer method createDefaultTokenServices.

private DefaultTokenServices createDefaultTokenServices() {
    DefaultTokenServices tokenServices = new DefaultTokenServices();
    tokenServices.setTokenStore(tokenStore());
    tokenServices.setSupportRefreshToken(true);
    tokenServices.setReuseRefreshToken(reuseRefreshToken);
    tokenServices.setClientDetailsService(clientDetailsService());
    tokenServices.setTokenEnhancer(tokenEnhancer());
    addUserDetailsService(tokenServices, this.userDetailsService);
    return tokenServices;
}