Search in sources :

Example 71 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.

the class AuthorizationEndpoint method getImplicitGrantResponse.

// We can grant a token and return it with implicit approval.
private ModelAndView getImplicitGrantResponse(AuthorizationRequest authorizationRequest) {
    try {
        TokenRequest tokenRequest = getOAuth2RequestFactory().createTokenRequest(authorizationRequest, "implicit");
        OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest);
        OAuth2AccessToken accessToken = getAccessTokenForImplicitGrant(tokenRequest, storedOAuth2Request);
        if (accessToken == null) {
            throw new UnsupportedResponseTypeException("Unsupported response type: token");
        }
        return new ModelAndView(new RedirectView(appendAccessToken(authorizationRequest, accessToken), false, true, false));
    } catch (OAuth2Exception e) {
        return new ModelAndView(new RedirectView(getUnsuccessfulRedirect(authorizationRequest, e, true), false, true, false));
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) ImplicitTokenRequest(org.springframework.security.oauth2.provider.implicit.ImplicitTokenRequest) ModelAndView(org.springframework.web.servlet.ModelAndView) RedirectView(org.springframework.web.servlet.view.RedirectView) UnsupportedResponseTypeException(org.springframework.security.oauth2.common.exceptions.UnsupportedResponseTypeException) OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception)

Example 72 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.

the class AuthorizationEndpoint method generateCode.

private String generateCode(AuthorizationRequest authorizationRequest, Authentication authentication) throws AuthenticationException {
    try {
        OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest);
        OAuth2Authentication combinedAuth = new OAuth2Authentication(storedOAuth2Request, authentication);
        String code = authorizationCodeServices.createAuthorizationCode(combinedAuth);
        return code;
    } catch (OAuth2Exception e) {
        if (authorizationRequest.getState() != null) {
            e.addAdditionalInformation("state", authorizationRequest.getState());
        }
        throw e;
    }
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception)

Example 73 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.

the class DefaultTokenServices method createRefreshedAuthentication.

/**
	 * Create a refreshed authentication.
	 * 
	 * @param authentication The authentication.
	 * @param request The scope for the refreshed token.
	 * @return The refreshed authentication.
	 * @throws InvalidScopeException If the scope requested is invalid or wider than the original scope.
	 */
private OAuth2Authentication createRefreshedAuthentication(OAuth2Authentication authentication, TokenRequest request) {
    OAuth2Authentication narrowed = authentication;
    Set<String> scope = request.getScope();
    OAuth2Request clientAuth = authentication.getOAuth2Request().refresh(request);
    if (scope != null && !scope.isEmpty()) {
        Set<String> originalScope = clientAuth.getScope();
        if (originalScope == null || !originalScope.containsAll(scope)) {
            throw new InvalidScopeException("Unable to narrow the scope of the client authentication to " + scope + ".", originalScope);
        } else {
            clientAuth = clientAuth.narrowScope(scope);
        }
    }
    narrowed = new OAuth2Authentication(clientAuth, authentication.getUserAuthentication());
    return narrowed;
}
Also used : OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) InvalidScopeException(org.springframework.security.oauth2.common.exceptions.InvalidScopeException)

Example 74 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.

the class DefaultTokenServices method getAccessTokenValiditySeconds.

/**
	 * The access token validity period in seconds
	 * 
	 * @param clientAuth the current authorization request
	 * @return the access token validity period in seconds
	 */
protected int getAccessTokenValiditySeconds(OAuth2Request clientAuth) {
    if (clientDetailsService != null) {
        ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
        Integer validity = client.getAccessTokenValiditySeconds();
        if (validity != null) {
            return validity;
        }
    }
    return accessTokenValiditySeconds;
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails)

Example 75 with OAuth2Request

use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.

the class DefaultTokenServices method getRefreshTokenValiditySeconds.

/**
	 * The refresh token validity period in seconds
	 * 
	 * @param clientAuth the current authorization request
	 * @return the refresh token validity period in seconds
	 */
protected int getRefreshTokenValiditySeconds(OAuth2Request clientAuth) {
    if (clientDetailsService != null) {
        ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
        Integer validity = client.getRefreshTokenValiditySeconds();
        if (validity != null) {
            return validity;
        }
    }
    return refreshTokenValiditySeconds;
}
Also used : ClientDetails(org.springframework.security.oauth2.provider.ClientDetails)

Aggregations

OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)99 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)77 Authentication (org.springframework.security.core.Authentication)57 Test (org.junit.Test)56 HashMap (java.util.HashMap)21 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)16 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)15 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)14 ProfileEntity (org.orcid.persistence.jpa.entities.ProfileEntity)13 ClientDetailsEntity (org.orcid.persistence.jpa.entities.ClientDetailsEntity)12 Date (java.util.Date)11 HashSet (java.util.HashSet)11 Expression (org.springframework.expression.Expression)10 DBUnitTest (org.orcid.test.DBUnitTest)8 EvaluationContext (org.springframework.expression.EvaluationContext)8 MethodInvocation (org.aopalliance.intercept.MethodInvocation)7 OrcidOAuth2Authentication (org.orcid.core.oauth.OrcidOAuth2Authentication)7 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)7 BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)7 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)7