Example 26 with Approval
use of org.springframework.security.oauth2.provider.approval.Approval in project spring-security-oauth by spring-projects.
the class AbstractAuthorizationCodeProviderTests method approveAccessTokenGrant.
protected void approveAccessTokenGrant(String currentUri, boolean approved) {
AccessTokenRequest request = context.getAccessTokenRequest();
request.setHeaders(getAuthenticatedHeaders());
AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) context.getResource();
if (currentUri != null) {
request.setCurrentUri(currentUri);
}
String location = null;
try {
// First try to obtain the access token...
assertNotNull(context.getAccessToken());
fail("Expected UserRedirectRequiredException");
} catch (UserRedirectRequiredException e) {
// Expected and necessary, so that the correct state is set up in the request...
location = e.getRedirectUri();
}
assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
assertNull(request.getAuthorizationCode());
verifyAuthorizationPage(context.getRestTemplate(), location);
try {
// Now try again and the token provider will redirect for user approval...
assertNotNull(context.getAccessToken());
fail("Expected UserRedirectRequiredException");
} catch (UserApprovalRequiredException e) {
// Expected and necessary, so that the user can approve the grant...
location = e.getApprovalUri();
}
assertTrue(location.startsWith(resource.getUserAuthorizationUri()));
assertNull(request.getAuthorizationCode());
// The approval (will be processed on the next attempt to obtain an access token)...
request.set(OAuth2Utils.USER_OAUTH_APPROVAL, "" + approved);
}
Also used :
UserApprovalRequiredException(org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)
AuthorizationCodeResourceDetails(org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)
AccessTokenRequest(org.springframework.security.oauth2.client.token.AccessTokenRequest)
UserRedirectRequiredException(org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)
Aggregations
Test (org.junit.Test)12
Date (java.util.Date)10
AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)9
Approval (org.springframework.security.oauth2.provider.approval.Approval)7
UserRedirectRequiredException (org.springframework.security.oauth2.client.resource.UserRedirectRequiredException)6
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)6
ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)5
AccessTokenRequest (org.springframework.security.oauth2.client.token.AccessTokenRequest)4
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)4
HashSet (java.util.HashSet)3
Authentication (org.springframework.security.core.Authentication)3
UserApprovalRequiredException (org.springframework.security.oauth2.client.resource.UserApprovalRequiredException)3
AuthorizationCodeResourceDetails (org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails)3
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)3
ClientRegistrationException (org.springframework.security.oauth2.provider.ClientRegistrationException)3
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)3
ModelAndView (org.springframework.web.servlet.ModelAndView)3
HashMap (java.util.HashMap)2
HttpHeaders (org.springframework.http.HttpHeaders)2
UnsupportedResponseTypeException (org.springframework.security.oauth2.common.exceptions.UnsupportedResponseTypeException)2
