Examples with TokenRequest org.springframework.security.oauth2.provider.TokenRequest used on opensource projects

Example 1 with TokenRequest

use of org.springframework.security.oauth2.provider.TokenRequest in project spring-security-oauth by spring-projects.

the class TokenEndpointTests method testGetAccessTokenWithScope.

@Test
public void testGetAccessTokenWithScope() throws HttpRequestMethodNotSupportedException {
    when(clientDetailsService.loadClientByClientId(clientId)).thenReturn(clientDetails);
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put("client_id", clientId);
    parameters.put("scope", "read");
    parameters.put("grant_type", "authorization_code");
    parameters.put("code", "kJAHDFG");
    OAuth2AccessToken expectedToken = new DefaultOAuth2AccessToken("FOO");
    ArgumentCaptor<TokenRequest> captor = ArgumentCaptor.forClass(TokenRequest.class);
    when(tokenGranter.grant(Mockito.eq("authorization_code"), captor.capture())).thenReturn(expectedToken);
    @SuppressWarnings("unchecked") Map<String, String> anyMap = Mockito.any(Map.class);
    when(authorizationRequestFactory.createTokenRequest(anyMap, Mockito.eq(clientDetails))).thenReturn(createFromParameters(parameters));
    ResponseEntity<OAuth2AccessToken> response = endpoint.postAccessToken(clientAuthentication, parameters);
    assertNotNull(response);
    assertEquals(HttpStatus.OK, response.getStatusCode());
    OAuth2AccessToken body = response.getBody();
    assertEquals(body, expectedToken);
    assertTrue("Wrong body: " + body, body.getTokenType() != null);
    assertTrue("Scope of token request not cleared", captor.getValue().getScope().isEmpty());
}

Example 2 with TokenRequest

use of org.springframework.security.oauth2.provider.TokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationEndpointTests method testImplicitError.

@Test
public void testImplicitError() throws Exception {
    endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {

        public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return authorizationRequest;
        }

        public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return authorizationRequest;
        }

        public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return true;
        }
    });
    endpoint.setTokenGranter(new TokenGranter() {

        public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
            return null;
        }
    });
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", "myscope", Collections.singleton("token"));
    ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
    String url = ((RedirectView) result.getView()).getUrl();
    assertTrue("Wrong view: " + result, url.startsWith("http://anywhere.com"));
    assertTrue("No error: " + result, url.contains("#error="));
    assertTrue("Wrong state: " + result, url.contains("&state=mystate"));
}

Example 3 with TokenRequest

use of org.springframework.security.oauth2.provider.TokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationEndpointTests method testImplicitAppendsScopeWhenDefaulting.

@Test
public void testImplicitAppendsScopeWhenDefaulting() throws Exception {
    endpoint.setTokenGranter(new TokenGranter() {

        public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
            DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
            token.setScope(new LinkedHashSet<String>(Arrays.asList("read", "write")));
            return token;
        }
    });
    endpoint.setUserApprovalHandler(new DefaultUserApprovalHandler() {

        public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return true;
        }

        public AuthorizationRequest checkForPreApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return authorizationRequest;
        }

        public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
            return authorizationRequest;
        }
    });
    client.setScope(Collections.singleton("read"));
    AuthorizationRequest authorizationRequest = getAuthorizationRequest("foo", "http://anywhere.com", "mystate", null, Collections.singleton("token"));
    ModelAndView result = endpoint.authorize(model, authorizationRequest.getRequestParameters(), sessionStatus, principal);
    String url = ((RedirectView) result.getView()).getUrl();
    assertTrue("Wrong scope: " + result, url.contains("&scope=read%20write"));
}

Example 4 with TokenRequest

use of org.springframework.security.oauth2.provider.TokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeTokenGranterTests method testAuthorizationCodeGrant.

@Test
public void testAuthorizationCodeGrant() {
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("marissa", "koala", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
    parameters.clear();
    parameters.put(OAuth2Utils.CLIENT_ID, "foo");
    parameters.put(OAuth2Utils.SCOPE, "scope");
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request(parameters, "foo", true, Collections.singleton("scope"));
    String code = authorizationCodeServices.createAuthorizationCode(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
    parameters.putAll(storedOAuth2Request.getRequestParameters());
    parameters.put("code", code);
    TokenRequest tokenRequest = requestFactory.createTokenRequest(parameters, client);
    AuthorizationCodeTokenGranter granter = new AuthorizationCodeTokenGranter(providerTokenServices, authorizationCodeServices, clientDetailsService, requestFactory);
    OAuth2AccessToken token = granter.grant("authorization_code", tokenRequest);
    assertTrue(providerTokenServices.loadAuthentication(token.getValue()).isAuthenticated());
}

Example 5 with TokenRequest

use of org.springframework.security.oauth2.provider.TokenRequest in project spring-security-oauth by spring-projects.

the class AuthorizationCodeTokenGranterTests method testAuthorizationRequestPreserved.

@Test
public void testAuthorizationRequestPreserved() {
    parameters.clear();
    parameters.put(OAuth2Utils.CLIENT_ID, "foo");
    parameters.put(OAuth2Utils.SCOPE, "read");
    OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request(parameters, "foo", null, true, Collections.singleton("read"), Collections.singleton("resource"), null, null, null);
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("marissa", "koala", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
    String code = authorizationCodeServices.createAuthorizationCode(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
    parameters.put("code", code);
    // Ensure even if token request asks for more scope they are not granted
    parameters.put(OAuth2Utils.SCOPE, "read write");
    TokenRequest tokenRequest = requestFactory.createTokenRequest(parameters, client);
    AuthorizationCodeTokenGranter granter = new AuthorizationCodeTokenGranter(providerTokenServices, authorizationCodeServices, clientDetailsService, requestFactory);
    OAuth2AccessToken token = granter.grant("authorization_code", tokenRequest);
    OAuth2Request finalRequest = providerTokenServices.loadAuthentication(token.getValue()).getOAuth2Request();
    assertEquals("[read]", finalRequest.getScope().toString());
    assertEquals("[resource]", finalRequest.getResourceIds().toString());
    assertTrue(finalRequest.isApproved());
}