Examples with OAuth2Request org.springframework.security.oauth2.provider.OAuth2Request used on opensource projects

Example 61 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-boot by spring-projects.

the class UserInfoTokenServices method extractAuthentication.

private OAuth2Authentication extractAuthentication(Map<String, Object> map) {
    Object principal = getPrincipal(map);
    List<GrantedAuthority> authorities = this.authoritiesExtractor.extractAuthorities(map);
    OAuth2Request request = new OAuth2Request(null, this.clientId, null, true, null, null, null, null, null);
    UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(principal, "N/A", authorities);
    token.setDetails(map);
    return new OAuth2Authentication(request, token);
}

Example 62 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class SourceManagerImpl method retrieveSourceEntity.

@Override
public SourceEntity retrieveSourceEntity() {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication == null) {
        return null;
    }
    // API
    if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
        OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
        String clientId = authorizationRequest.getClientId();
        ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
        SourceEntity sourceEntity = new SourceEntity();
        sourceEntity.setSourceClient(new ClientDetailsEntity(clientId, clientDetails.getClientName()));
        sourceEntity.getSourceName();
        return sourceEntity;
    }
    String userOrcid = retrieveEffectiveOrcid(authentication);
    if (userOrcid == null) {
        // Must be system role
        return null;
    }
    // Normal web user
    SourceEntity sourceEntity = new SourceEntity();
    sourceEntity.setSourceProfile(new ProfileEntity(userOrcid));
    return sourceEntity;
}

Example 63 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidRandomValueTokenServicesTest method tokenExpireInAnHourTest.

/**
     * Check that the token created with a non persistent code will expire within an hour 
     * */
@Test
public void tokenExpireInAnHourTest() throws InterruptedException {
    Map<String, String> authorizationParameters = new HashMap<>();
    String clientId = "4444-4444-4444-4441";
    authorizationParameters.put(OAuth2Utils.CLIENT_ID, clientId);
    authorizationParameters.put(OAuth2Utils.SCOPE, "/orcid-works/create");
    authorizationParameters.put("code", "code2");
    OAuth2Request request = new OAuth2Request(Collections.<String, String>emptyMap(), clientId, Collections.<GrantedAuthority>emptyList(), true, new HashSet<String>(Arrays.asList("/orcid-profile/read-limited")), Collections.<String>emptySet(), null, Collections.<String>emptySet(), Collections.<String, Serializable>emptyMap());
    ClientDetailsEntity clientDetails = clientDetailsManager.findByClientId(clientId);
    Authentication userAuthentication = new OrcidOauth2ClientAuthentication(clientDetails);
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    OAuth2AccessToken oauth2AccessToken = tokenServices.createAccessToken(authentication);
    Date tokenExpiration = oauth2AccessToken.getExpiration();
    Thread.sleep(2000);
    //The token expires in less than one hour
    assertFalse(tokenExpiration.after(oneHoursTime()));
}

Example 64 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class NotificationsApiServiceDelegatorImpl method findPermissionNotifications.

@Override
@AccessControl(requiredScope = ScopePathType.PREMIUM_NOTIFICATION)
public Response findPermissionNotifications(String orcid) {
    // Get the client profile information
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    String clientId = null;
    if (OAuth2Authentication.class.isAssignableFrom(authentication.getClass())) {
        OAuth2Request authorizationRequest = ((OAuth2Authentication) authentication).getOAuth2Request();
        clientId = authorizationRequest.getClientId();
    }
    NotificationPermissions notifications = notificationManager.findPermissionsByOrcidAndClient(orcid, clientId, 0, MAX_NOTIFICATIONS_AVAILABLE);
    return Response.ok(notifications).build();
}

Example 65 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project ORCID-Source by ORCID.

the class OrcidAuthorizationCodeServiceImpl method remove.

@Override
protected OAuth2Authentication remove(String code) {
    OrcidOauth2AuthoriziationCodeDetail detail = orcidOauth2AuthoriziationCodeDetailDao.removeAndReturn(code);
    if (detail == null) {
        LOGGER.info("No such authorization code to remove: code={}", new Object[] { code });
        return null;
    }
    OrcidOauth2AuthInfo authInfo = new OrcidOauth2AuthInfo(detail.getClientDetailsEntity().getId(), detail.getScopes(), detail.getProfileEntity().getId());
    LOGGER.info("Removed authorization code: code={}, clientId={}, scopes={}, userOrcid={}", new Object[] { code, authInfo.getClientId(), authInfo.getScopes(), authInfo.getUserOrcid() });
    OAuth2Request oAuth2Request = new OAuth2Request(Collections.<String, String>emptyMap(), authInfo.getClientId(), Collections.<GrantedAuthority>emptyList(), true, authInfo.getScopes(), detail.getResourceIds(), detail.getRedirectUri(), new HashSet<String>(Arrays.asList(detail.getResponseType())), Collections.<String, Serializable>emptyMap());
    Authentication userAuth = getUserAuthentication(detail);
    OAuth2Authentication result = new OAuth2Authentication(oAuth2Request, userAuth);
    return result;
}