use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class DefaultAccessTokenConverter method extractAuthentication.
public OAuth2Authentication extractAuthentication(Map<String, ?> map) {
Map<String, String> parameters = new HashMap<String, String>();
Set<String> scope = extractScope(map);
Authentication user = userTokenConverter.extractAuthentication(map);
String clientId = (String) map.get(CLIENT_ID);
parameters.put(CLIENT_ID, clientId);
if (includeGrantType && map.containsKey(GRANT_TYPE)) {
parameters.put(GRANT_TYPE, (String) map.get(GRANT_TYPE));
}
Set<String> resourceIds = new LinkedHashSet<String>(map.containsKey(AUD) ? getAudience(map) : Collections.<String>emptySet());
Collection<? extends GrantedAuthority> authorities = null;
if (user == null && map.containsKey(AUTHORITIES)) {
@SuppressWarnings("unchecked") String[] roles = ((Collection<String>) map.get(AUTHORITIES)).toArray(new String[0]);
authorities = AuthorityUtils.createAuthorityList(roles);
}
OAuth2Request request = new OAuth2Request(parameters, clientId, authorities, true, scope, resourceIds, null, null, null);
return new OAuth2Authentication(request, user);
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class DefaultAccessTokenConverter method convertAccessToken.
public Map<String, ?> convertAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) {
Map<String, Object> response = new HashMap<String, Object>();
OAuth2Request clientToken = authentication.getOAuth2Request();
if (!authentication.isClientOnly()) {
response.putAll(userTokenConverter.convertUserAuthentication(authentication.getUserAuthentication()));
} else {
if (clientToken.getAuthorities() != null && !clientToken.getAuthorities().isEmpty()) {
response.put(UserAuthenticationConverter.AUTHORITIES, AuthorityUtils.authorityListToSet(clientToken.getAuthorities()));
}
}
if (token.getScope() != null) {
response.put(SCOPE, token.getScope());
}
if (token.getAdditionalInformation().containsKey(JTI)) {
response.put(JTI, token.getAdditionalInformation().get(JTI));
}
if (token.getExpiration() != null) {
response.put(EXP, token.getExpiration().getTime() / 1000);
}
if (includeGrantType && authentication.getOAuth2Request().getGrantType() != null) {
response.put(GRANT_TYPE, authentication.getOAuth2Request().getGrantType());
}
response.putAll(token.getAdditionalInformation());
response.put(CLIENT_ID, clientToken.getClientId());
if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) {
response.put(AUD, clientToken.getResourceIds());
}
return response;
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2ClientAuthenticationProcessingFilterTests method testAuthentication.
@Test
public void testAuthentication() throws Exception {
filter.setRestTemplate(restTemplate);
filter.setTokenServices(tokenServices);
Mockito.when(restTemplate.getAccessToken()).thenReturn(new DefaultOAuth2AccessToken("FOO"));
Set<String> scopes = new HashSet<String>();
scopes.addAll(Arrays.asList("read", "write"));
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("client", false, scopes);
this.authentication = new OAuth2Authentication(storedOAuth2Request, null);
Mockito.when(tokenServices.loadAuthentication("FOO")).thenReturn(authentication);
Authentication authentication = filter.attemptAuthentication(new MockHttpServletRequest(), null);
assertEquals(this.authentication, authentication);
Mockito.verify(restTemplate, Mockito.times(1)).getAccessToken();
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2ClientAuthenticationProcessingFilterTests method testSuccessfulAuthentication.
@Test
public void testSuccessfulAuthentication() throws Exception {
filter.setRestTemplate(restTemplate);
Set<String> scopes = new HashSet<String>();
scopes.addAll(Arrays.asList("read", "write"));
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request("client", false, scopes);
this.authentication = new OAuth2Authentication(storedOAuth2Request, null);
filter.successfulAuthentication(new MockHttpServletRequest(), new MockHttpServletResponse(), null, authentication);
Mockito.verify(restTemplate, Mockito.times(1)).getAccessToken();
}
use of org.springframework.security.oauth2.provider.OAuth2Request in project spring-security-oauth by spring-projects.
the class OAuth2ExpressionUtils method clientHasAnyRole.
public static boolean clientHasAnyRole(Authentication authentication, String... roles) {
if (authentication instanceof OAuth2Authentication) {
OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();
Collection<? extends GrantedAuthority> clientAuthorities = clientAuthentication.getAuthorities();
if (clientAuthorities != null) {
Set<String> roleSet = AuthorityUtils.authorityListToSet(clientAuthorities);
for (String role : roles) {
if (roleSet.contains(role)) {
return true;
}
}
}
}
return false;
}
Aggregations