Search in sources :

Example 6 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class AuthorizationEndpointTests method testApproveOrDenyWithOAuth2RequestWithoutRedirectUri.

/**
	 * Ensure that if the approval endpoint is called without a resolved redirect URI, the request fails.
	 * @throws Exception
	 */
@Test(expected = InvalidRequestException.class)
public void testApproveOrDenyWithOAuth2RequestWithoutRedirectUri() throws Exception {
    AuthorizationRequest request = getAuthorizationRequest("foo", null, null, null, Collections.singleton("code"));
    request.setApproved(true);
    Map<String, String> approvalParameters = new HashMap<String, String>();
    approvalParameters.put("user_oauth_approval", "true");
    model.put("authorizationRequest", request);
    endpoint.approveOrDeny(approvalParameters, model, sessionStatus, principal);
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) HashMap(java.util.HashMap) Test(org.junit.Test)

Example 7 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class AccessConfirmationController method getAccessConfirmation.

@RequestMapping("/oauth/confirm_access")
public ModelAndView getAccessConfirmation(Map<String, Object> model, Principal principal) throws Exception {
    AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
    model.put("auth_request", clientAuth);
    model.put("client", client);
    Map<String, String> scopes = new LinkedHashMap<String, String>();
    for (String scope : clientAuth.getScope()) {
        scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
    }
    for (Approval approval : approvalStore.getApprovals(principal.getName(), client.getClientId())) {
        if (clientAuth.getScope().contains(approval.getScope())) {
            scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(), approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
        }
    }
    model.put("scopes", scopes);
    return new ModelAndView("access_confirmation", model);
}
Also used : AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) ModelAndView(org.springframework.web.servlet.ModelAndView) Approval(org.springframework.security.oauth2.provider.approval.Approval) LinkedHashMap(java.util.LinkedHashMap) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 8 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class AuthorizationCodeProviderTests method approveAccessTokenGrant.

private void approveAccessTokenGrant(String currentUri, boolean approved) {
    AccessTokenRequest request = context.getAccessTokenRequest();
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) context.getResource();
    request.setCookie(cookie);
    if (currentUri != null) {
        request.setCurrentUri(currentUri);
    }
    String location = null;
    try {
        // First try to obtain the access token...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        // Expected and necessary, so that the correct state is set up in the request...
        location = e.getRedirectUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    try {
        // Now try again and the token provider will redirect for user approval...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserApprovalRequiredException e) {
        // Expected and necessary, so that the user can approve the grant...
        location = e.getApprovalUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    // The approval (will be processed on the next attempt to obtain an access token)...
    request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
}
Also used : UserApprovalRequiredException(org.springframework.security.oauth2.client.resource.UserApprovalRequiredException) AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails) AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest) UserRedirectRequiredException(org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)

Example 9 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method removeRefreshToken.

@Test
public void removeRefreshToken() throws Exception {
    tokenStore.setApprovalStore(approvalStore);
    approvalStore.addApprovals(Collections.singleton(new Approval("test", "id", "read", new Date(), ApprovalStatus.APPROVED)));
    assertEquals(1, approvalStore.getApprovals("test", "id").size());
    tokenStore.removeRefreshToken(new DefaultOAuth2RefreshToken(expectedOAuth2AccessToken.getValue()));
    assertEquals(0, approvalStore.getApprovals("test", "id").size());
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) Approval(org.springframework.security.oauth2.provider.approval.Approval) Date(java.util.Date) Test(org.junit.Test)

Example 10 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method removeAccessTokenFromRefreshToken.

@Test
public void removeAccessTokenFromRefreshToken() throws Exception {
    tokenStore.setApprovalStore(approvalStore);
    approvalStore.addApprovals(Collections.singleton(new Approval("test", "id", "read", new Date(), ApprovalStatus.APPROVED)));
    assertEquals(1, approvalStore.getApprovals("test", "id").size());
    tokenStore.removeAccessTokenUsingRefreshToken(new DefaultOAuth2RefreshToken(expectedOAuth2AccessToken.getValue()));
    assertEquals(1, approvalStore.getApprovals("test", "id").size());
}
Also used : DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken) Approval(org.springframework.security.oauth2.provider.approval.Approval) Date(java.util.Date) Test(org.junit.Test)

Aggregations

Test (org.junit.Test)12 Date (java.util.Date)10 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)9 Approval (org.springframework.security.oauth2.provider.approval.Approval)7 UserRedirectRequiredException (org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)6 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)6 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5 AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)4 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)4 HashSet (java.util.HashSet)3 Authentication (org.springframework.security.core.Authentication)3 UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)3 AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)3 DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)3 ClientRegistrationException (org.springframework.security.oauth2.provider.ClientRegistrationException)3 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)3 ModelAndView (org.springframework.web.servlet.ModelAndView)3 HashMap (java.util.HashMap)2 HttpHeaders (org.springframework.http.HttpHeaders)2 UnsupportedResponseTypeException (org.springframework.security.oauth2.common.exceptions.UnsupportedResponseTypeException)2