Examples with Approval org.springframework.security.oauth2.provider.approval.Approval used on opensource projects

Example 21 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class AuthorizationEndpoint method getImplicitGrantResponse.

// We can grant a token and return it with implicit approval.
private ModelAndView getImplicitGrantResponse(AuthorizationRequest authorizationRequest) {
    try {
        TokenRequest tokenRequest = getOAuth2RequestFactory().createTokenRequest(authorizationRequest, "implicit");
        OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest);
        OAuth2AccessToken accessToken = getAccessTokenForImplicitGrant(tokenRequest, storedOAuth2Request);
        if (accessToken == null) {
            throw new UnsupportedResponseTypeException("Unsupported response type: token");
        }
        return new ModelAndView(new RedirectView(appendAccessToken(authorizationRequest, accessToken), false, true, false));
    } catch (OAuth2Exception e) {
        return new ModelAndView(new RedirectView(getUnsuccessfulRedirect(authorizationRequest, e, true), false, true, false));
    }
}

Example 22 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class JwtTokenStore method readRefreshToken.

@Override
public OAuth2RefreshToken readRefreshToken(String tokenValue) {
    OAuth2AccessToken encodedRefreshToken = convertAccessToken(tokenValue);
    OAuth2RefreshToken refreshToken = createRefreshToken(encodedRefreshToken);
    if (approvalStore != null) {
        OAuth2Authentication authentication = readAuthentication(tokenValue);
        if (authentication.getUserAuthentication() != null) {
            String userId = authentication.getUserAuthentication().getName();
            String clientId = authentication.getOAuth2Request().getClientId();
            Collection<Approval> approvals = approvalStore.getApprovals(userId, clientId);
            Collection<String> approvedScopes = new HashSet<String>();
            for (Approval approval : approvals) {
                if (approval.isApproved()) {
                    approvedScopes.add(approval.getScope());
                }
            }
            if (!approvedScopes.containsAll(authentication.getOAuth2Request().getScope())) {
                return null;
            }
        }
    }
    return refreshToken;
}

Example 23 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testExplicitlyUnapprovedScopes.

@Test
public void testExplicitlyUnapprovedScopes() {
    store.addApprovals(Arrays.asList(new Approval("user", "client", "read", new Date(System.currentTimeMillis() + 10000), Approval.ApprovalStatus.DENIED)));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertFalse(result.isApproved());
}

Example 24 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class AbstractEmptyAuthorizationCodeProviderTests method approveAccessTokenGrant.

protected void approveAccessTokenGrant(String currentUri, boolean approved) {
    AccessTokenRequest request = context.getAccessTokenRequest();
    request.setHeaders(getAuthenticatedHeaders());
    AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) context.getResource();
    if (currentUri != null) {
        request.setCurrentUri(currentUri);
    }
    String location = null;
    try {
        // First try to obtain the access token...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserRedirectRequiredException e) {
        // Expected and necessary, so that the correct state is set up in the request...
        location = e.getRedirectUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    verifyAuthorizationPage(context.getRestTemplate(), location);
    try {
        // Now try again and the token provider will redirect for user approval...
        assertNotNull(context.getAccessToken());
        fail("Expected UserRedirectRequiredException");
    } catch (UserApprovalRequiredException e) {
        // Expected and necessary, so that the user can approve the grant...
        location = e.getApprovalUri();
    }
    assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
    assertNull(request.getAuthorizationCode());
    // The approval (will be processed on the next attempt to obtain an access token)...
    request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
}

Example 25 with Approval

use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.

the class JwtTokenStoreTests method removeAccessToken.

@Test
public void removeAccessToken() throws Exception {
    tokenStore.setApprovalStore(approvalStore);
    approvalStore.addApprovals(Collections.singleton(new Approval("test", "id", "read", new Date(), ApprovalStatus.APPROVED)));
    assertEquals(1, approvalStore.getApprovals("test", "id").size());
    tokenStore.removeAccessToken(expectedOAuth2AccessToken);
    assertEquals(1, approvalStore.getApprovals("test", "id").size());
}