Examples with Approval org.springframework.security.oauth2.provider.approval.Approval used on opensource projects

Example 51 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testApprovalsAddedForAutoapprovedScopes.

@Test
public void testApprovalsAddedForAutoapprovedScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("read")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    Collection<Approval> approvals = store.getApprovals(userAuthentication.getName(), "client");
    assertEquals(1, approvals.size());
    Approval approval = approvals.iterator().next();
    assertEquals("read", approval.getScope());
}

Example 52 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class TokenApprovalStoreTests method addApprovals.

@Override
protected boolean addApprovals(Collection<Approval> approvals) {
    Map<String, Map<String, Set<String>>> clientIds = new HashMap<String, Map<String, Set<String>>>();
    for (Approval approval : approvals) {
        String clientId = approval.getClientId();
        if (!clientIds.containsKey(clientId)) {
            clientIds.put(clientId, new HashMap<String, Set<String>>());
        }
        String userId = approval.getUserId();
        Map<String, Set<String>> users = clientIds.get(clientId);
        if (!users.containsKey(userId)) {
            users.put(userId, new HashSet<String>());
        }
        Set<String> scopes = users.get(userId);
        scopes.add(approval.getScope());
    }
    for (String clientId : clientIds.keySet()) {
        Map<String, Set<String>> users = clientIds.get(clientId);
        for (String userId : users.keySet()) {
            Authentication user = new UsernamePasswordAuthenticationToken(userId, "N/A", AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
            AuthorizationRequest authorizationRequest = new AuthorizationRequest();
            authorizationRequest.setClientId(clientId);
            Set<String> scopes = users.get(userId);
            authorizationRequest.setScope(scopes);
            OAuth2Request request = authorizationRequest.createOAuth2Request();
            OAuth2Authentication authentication = new OAuth2Authentication(request, user);
            DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
            token.setScope(scopes);
            tokenStore.storeAccessToken(token, authentication);
        }
    }
    return super.addApprovals(approvals);
}

Example 53 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class AbstractImplicitProviderTests method testPostForNonAutomaticApprovalToken.

@Test
@OAuth2ContextConfiguration(resource = NonAutoApproveImplicit.class, initialize = false)
public void testPostForNonAutomaticApprovalToken() throws Exception {
    HttpHeaders headers = new HttpHeaders();
    headers.set("Authorization", "Basic " + new String(Base64.encode("user:password".getBytes())));
    context.getAccessTokenRequest().setHeaders(headers);
    try {
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
    // ignore
    }
    // add user approval parameter for the second request
    context.getAccessTokenRequest().add(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
    context.getAccessTokenRequest().add("scope.read", "true");
    assertNotNull(context.getAccessToken());
}

Example 54 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-cloud-security by spring-cloud.

the class OAuth2FeignRequestInterceptor method acquireAccessToken.

/**
 * Try to acquire the token using a access token provider.
 * @return valid access token
 * @throws UserRedirectRequiredException in case the user needs to be redirected to an
 * approval page or login page
 */
protected OAuth2AccessToken acquireAccessToken() throws UserRedirectRequiredException {
    AccessTokenRequest tokenRequest = oAuth2ClientContext.getAccessTokenRequest();
    if (tokenRequest == null) {
        throw new AccessTokenRequiredException("Cannot find valid context on request for resource '" + resource.getId() + "'.", resource);
    }
    String stateKey = tokenRequest.getStateKey();
    if (stateKey != null) {
        tokenRequest.setPreservedState(oAuth2ClientContext.removePreservedState(stateKey));
    }
    OAuth2AccessToken existingToken = oAuth2ClientContext.getAccessToken();
    if (existingToken != null) {
        oAuth2ClientContext.setAccessToken(existingToken);
    }
    OAuth2AccessToken obtainableAccessToken;
    obtainableAccessToken = accessTokenProvider.obtainAccessToken(resource, tokenRequest);
    if (obtainableAccessToken == null || obtainableAccessToken.getValue() == null) {
        throw new IllegalStateException(" Access token provider returned a null token, which is illegal according to the contract.");
    }
    oAuth2ClientContext.setAccessToken(obtainableAccessToken);
    return obtainableAccessToken;
}

Example 55 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project wumei-smart by kerwincui.

the class SpeakerApprovalHandler method updateAfterApproval.

@Override
public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
    // 获取授权过的范围
    Set<String> requestedScopes = authorizationRequest.getScope();
    Set<String> approvedScopes = new HashSet<String>();
    Set<Approval> approvals = new HashSet<Approval>();
    Date expiry = computeExpiry();
    // 存储授权或拒绝的范围
    Map<String, String> approvalParameters = authorizationRequest.getApprovalParameters();
    for (String requestedScope : requestedScopes) {
        String approvalParameter = OAuth2Utils.SCOPE_PREFIX + requestedScope;
        String value = approvalParameters.get(approvalParameter);
        value = value == null ? "" : value.toLowerCase();
        if ("true".equals(value) || value.startsWith("approve") || value.equals("on")) {
            approvedScopes.add(requestedScope);
            approvals.add(new Approval(userAuthentication.getName(), authorizationRequest.getClientId(), requestedScope, expiry, Approval.ApprovalStatus.APPROVED));
        } else {
            approvals.add(new Approval(userAuthentication.getName(), authorizationRequest.getClientId(), requestedScope, expiry, Approval.ApprovalStatus.DENIED));
        }
    }
    approvalStore.addApprovals(approvals);
    boolean approved;
    authorizationRequest.setScope(approvedScopes);
    if (approvedScopes.isEmpty() && !requestedScopes.isEmpty()) {
        approved = false;
    } else {
        approved = true;
    }
    authorizationRequest.setApproved(approved);
    return authorizationRequest;
}