use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.
the class OrcidAuthorizationCodeServiceImpl method getDetailFromAuthorization.
private OrcidOauth2AuthoriziationCodeDetail getDetailFromAuthorization(String code, OAuth2Authentication authentication) {
OAuth2Request oAuth2Request = authentication.getOAuth2Request();
OrcidOauth2AuthoriziationCodeDetail detail = new OrcidOauth2AuthoriziationCodeDetail();
Map<String, String> requestParameters = oAuth2Request.getRequestParameters();
if (requestParameters != null && !requestParameters.isEmpty()) {
String clientId = (String) requestParameters.get(CLIENT_ID);
ClientDetailsEntity clientDetails = getClientDetails(clientId);
if (clientDetails == null) {
return null;
}
detail.setScopes(OAuth2Utils.parseParameterList((String) requestParameters.get(SCOPE)));
detail.setState((String) requestParameters.get(STATE));
detail.setRedirectUri((String) requestParameters.get(REDIRECT_URI));
detail.setResponseType((String) requestParameters.get(RESPONSE_TYPE));
detail.setClientDetailsEntity(clientDetails);
//persist the openID params if present
if (requestParameters.get(OrcidOauth2Constants.NONCE) != null)
detail.setNonce((String) requestParameters.get(OrcidOauth2Constants.NONCE));
}
detail.setId(code);
detail.setApproved(authentication.getOAuth2Request().isApproved());
Authentication userAuthentication = authentication.getUserAuthentication();
Object principal = userAuthentication.getPrincipal();
ProfileEntity entity = null;
if (principal instanceof OrcidProfileUserDetails) {
OrcidProfileUserDetails userDetails = (OrcidProfileUserDetails) principal;
String effectiveOrcid = userDetails.getOrcid();
if (effectiveOrcid != null) {
entity = profileEntityCacheManager.retrieve(effectiveOrcid);
}
}
if (entity == null) {
return null;
}
detail.setProfileEntity(entity);
detail.setAuthenticated(userAuthentication.isAuthenticated());
Set<String> authorities = getStringSetFromGrantedAuthorities(authentication.getAuthorities());
detail.setAuthorities(authorities);
Object authenticationDetails = userAuthentication.getDetails();
if (authenticationDetails instanceof WebAuthenticationDetails) {
detail.setSessionId(((WebAuthenticationDetails) authenticationDetails).getSessionId());
}
boolean isPersistentTokenEnabledByUser = false;
//Set token version to persistent token
//TODO: As of Jan 2015 all tokens will be new tokens, so, we will have to remove the token version code and
//treat all tokens as new tokens
detail.setVersion(Long.valueOf(OrcidOauth2Constants.PERSISTENT_TOKEN));
if (requestParameters.containsKey(OrcidOauth2Constants.GRANT_PERSISTENT_TOKEN)) {
String grantPersitentToken = (String) requestParameters.get(OrcidOauth2Constants.GRANT_PERSISTENT_TOKEN);
if (Boolean.parseBoolean(grantPersitentToken)) {
isPersistentTokenEnabledByUser = true;
}
}
detail.setPersistent(isPersistentTokenEnabledByUser);
return detail;
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.
the class OrcidTokenStoreServiceTest method testStoreAccessToken.
@Test
@Transactional
public void testStoreAccessToken() throws Exception {
String clientId = "4444-4444-4444-4441";
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("some-long-oauth2-token-value-9");
ExpiringOAuth2RefreshToken refreshToken = new DefaultExpiringOAuth2RefreshToken("some-long-oauth2-refresh-value-9", new Date());
token.setRefreshToken(refreshToken);
token.setScope(new HashSet<String>(Arrays.asList("/orcid-bio/read", "/orcid-works/read")));
token.setTokenType("bearer");
token.setExpiration(new Date());
Map<String, String> parameters = new HashMap<String, String>();
parameters.put("client_id", clientId);
parameters.put("state", "read");
parameters.put("scope", "/orcid-profile/write");
parameters.put("redirect_uri", "http://www.google.com/");
parameters.put("response_type", "bearer");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ProfileEntity profileEntity = profileEntityManager.findByOrcid("4444-4444-4444-4444");
OrcidOauth2UserAuthentication userAuthentication = new OrcidOauth2UserAuthentication(profileEntity, true);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
orcidTokenStoreService.storeAccessToken(token, authentication);
OAuth2AccessToken oAuth2AccessToken = orcidTokenStoreService.readAccessToken("some-long-oauth2-token-value-9");
assertNotNull(oAuth2AccessToken);
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method testReissuedAccessTokenHasUpdatedExpiration.
@Test
public void testReissuedAccessTokenHasUpdatedExpiration() throws InterruptedException {
Date earliestExpiry = oneHoursTime();
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date latestExpiry = oneHoursTime();
assertNotNull(oauth2AccessToken);
assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
Thread.sleep(1000);
earliestExpiry = oneHoursTime();
OAuth2AccessToken reissuedOauth2AccessToken = tokenServices.createAccessToken(authentication);
latestExpiry = oneHoursTime();
assertNotNull(reissuedOauth2AccessToken);
assertFalse(reissuedOauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(reissuedOauth2AccessToken.getExpiration().after(latestExpiry));
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method tokenExpireIn20YearsTest.
/**
* Check that the token created with a persistent code will expire within 20 years
* */
@Test
public void tokenExpireIn20YearsTest() throws InterruptedException {
Date in20years = twentyYearsTime();
Thread.sleep(2000);
Map<String, String> requestParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
requestParameters.put(OAuth2Utils.CLIENT_ID, clientId);
requestParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
requestParameters.put("code", "code1");
requestParameters.put(OrcidOauth2Constants.IS_PERSISTENT, "true");
OAuth2Request request = new OAuth2Request(requestParameters, clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date tokenExpiration = oauth2AccessToken.getExpiration();
//The token expires in 20 years
assertFalse(in20years.after(tokenExpiration));
in20years = twentyYearsTime();
//Confirm the token expires in 20 years
assertFalse(tokenExpiration.after(in20years));
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.
the class OrcidRandomValueTokenServicesTest method testCreateAddWorkAccessToken.
@Test
public void testCreateAddWorkAccessToken() {
Date earliestExpiry = oneHoursTime();
Map<String, String> authorizationParameters = new HashMap<>();
String clientId = "4444-4444-4444-4441";
authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
Date latestExpiry = oneHoursTime();
assertNotNull(oauth2AccessToken);
assertFalse(oauth2AccessToken.getExpiration().before(earliestExpiry));
assertFalse(oauth2AccessToken.getExpiration().after(latestExpiry));
}
Aggregations