Examples with OAuth2Authentication org.springframework.security.oauth2.provider.OAuth2Authentication used on opensource projects

Search in sources :

Example 56 with OAuth2Authentication

use of org.springframework.security.oauth2.provider.OAuth2Authentication in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method testAuthenticationPreservesGrantType.

@Test
public void testAuthenticationPreservesGrantType() throws Exception {
    DefaultAccessTokenConverter delegate = new DefaultAccessTokenConverter();
    delegate.setIncludeGrantType(true);
    enhancer.setAccessTokenConverter(delegate);
    expectedOAuth2AccessToken = enhancer.enhance(new DefaultOAuth2AccessToken("FOO"), expectedAuthentication);
    OAuth2Authentication authentication = tokenStore.readAuthentication(expectedOAuth2AccessToken.getValue());
    assertEquals("password", authentication.getOAuth2Request().getGrantType());
}
Also used : DefaultAccessTokenConverter(org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 57 with OAuth2Authentication

use of org.springframework.security.oauth2.provider.OAuth2Authentication in project spring-security-oauth by spring-projects.

the class TokenStoreBaseTests method testFindAccessTokensByClientId.

@Test
public void testFindAccessTokensByClientId() {
    String clientId = "id" + UUID.randomUUID();
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request(clientId, false), new TestAuthentication("test2", false));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    Collection<OAuth2AccessToken> actualOAuth2AccessTokens = getTokenStore().findTokensByClientId(clientId);
    assertEquals(1, actualOAuth2AccessTokens.size());
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 58 with OAuth2Authentication

use of org.springframework.security.oauth2.provider.OAuth2Authentication in project spring-security-oauth by spring-projects.

the class TokenStoreBaseTests method testRetrieveAccessToken.

@Test
public void testRetrieveAccessToken() {
    //Test approved request
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", true);
    OAuth2Authentication authentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test2", true));
    DefaultOAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    expectedOAuth2AccessToken.setExpiration(new Date(Long.MAX_VALUE - 1));
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, authentication);
    //Test unapproved request
    storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    authentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test2", true));
    OAuth2AccessToken actualOAuth2AccessToken = getTokenStore().getAccessToken(authentication);
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    assertEquals(authentication.getUserAuthentication(), getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getUserAuthentication());
    // The authorizationRequest does not match because it is unapproved, but the token was granted to an approved request
    assertFalse(storedOAuth2Request.equals(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getOAuth2Request()));
    actualOAuth2AccessToken = getTokenStore().getAccessToken(authentication);
    assertEquals(expectedOAuth2AccessToken, actualOAuth2AccessToken);
    getTokenStore().removeAccessToken(expectedOAuth2AccessToken);
    assertNull(getTokenStore().readAccessToken("testToken"));
    assertNull(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
    assertNull(getTokenStore().getAccessToken(authentication));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 59 with OAuth2Authentication

use of org.springframework.security.oauth2.provider.OAuth2Authentication in project spring-security-oauth by spring-projects.

the class TokenStoreBaseTests method testGetAccessTokenForDeletedUser.

@Test
public void testGetAccessTokenForDeletedUser() throws Exception {
    //Test approved request
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", true);
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test", true));
    OAuth2AccessToken expectedOAuth2AccessToken = new DefaultOAuth2AccessToken("testToken");
    getTokenStore().storeAccessToken(expectedOAuth2AccessToken, expectedAuthentication);
    assertEquals(expectedOAuth2AccessToken, getTokenStore().getAccessToken(expectedAuthentication));
    assertEquals(expectedAuthentication, getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()));
    //Test unapproved request
    storedOAuth2Request = RequestTokenFactory.createOAuth2Request("id", false);
    OAuth2Authentication anotherAuthentication = new OAuth2Authentication(storedOAuth2Request, new TestAuthentication("test", true));
    assertEquals(expectedOAuth2AccessToken, getTokenStore().getAccessToken(anotherAuthentication));
    // The generated key for the authentication is the same as before, but the two auths are not equal. This could
    // happen if there are 2 users in a system with the same username, or (more likely), if a user account was
    // deleted and re-created.
    assertEquals(anotherAuthentication.getUserAuthentication(), getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getUserAuthentication());
    // The authorizationRequest does not match because it is unapproved, but the token was granted to an approved request
    assertFalse(storedOAuth2Request.equals(getTokenStore().readAuthentication(expectedOAuth2AccessToken.getValue()).getOAuth2Request()));
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Example 60 with OAuth2Authentication

use of org.springframework.security.oauth2.provider.OAuth2Authentication in project spring-security-oauth by spring-projects.

the class TokenStoreBaseTests method testRemovedTokenCannotBeFoundByUsername.

@Test
public void testRemovedTokenCannotBeFoundByUsername() {
    OAuth2AccessToken token = new DefaultOAuth2AccessToken("testToken");
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false), new TestAuthentication("test2", false));
    getTokenStore().storeAccessToken(token, expectedAuthentication);
    getTokenStore().removeAccessToken(token);
    Collection<OAuth2AccessToken> tokens = getTokenStore().findTokensByClientIdAndUserName("id", "test2");
    assertFalse(tokens.contains(token));
    assertTrue(tokens.isEmpty());
}
Also used : DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Aggregations

OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)167 Test (org.junit.Test)116 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)84 Authentication (org.springframework.security.core.Authentication)69 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)58 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)50 Date (java.util.Date)34 HashMap (java.util.HashMap)23 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)21 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)20 DBUnitTest (org.orcid.test.DBUnitTest)17 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)15 DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)15 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)15 HashSet (java.util.HashSet)13 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)13 ExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken)13 OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)13 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)13 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)12
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial