Example 6 with ApprovalStore
use of org.springframework.security.oauth2.provider.approval.ApprovalStore in project spring-security-oauth by spring-projects.
the class AuthorizationServerEndpointsConfigurer method approvalStore.
private ApprovalStore approvalStore() {
if (approvalStore == null && tokenStore() != null && !isApprovalStoreDisabled()) {
TokenApprovalStore tokenApprovalStore = new TokenApprovalStore();
tokenApprovalStore.setTokenStore(tokenStore());
this.approvalStore = tokenApprovalStore;
}
return this.approvalStore;
}
Also used :
TokenApprovalStore(org.springframework.security.oauth2.provider.approval.TokenApprovalStore)
Example 7 with ApprovalStore
use of org.springframework.security.oauth2.provider.approval.ApprovalStore in project spring-security-oauth by spring-projects.
the class AuthorizationServerEndpointsConfigurer method userApprovalHandler.
private UserApprovalHandler userApprovalHandler() {
if (userApprovalHandler == null) {
if (approvalStore() != null) {
ApprovalStoreUserApprovalHandler handler = new ApprovalStoreUserApprovalHandler();
handler.setApprovalStore(approvalStore());
handler.setRequestFactory(requestFactory());
handler.setClientDetailsService(clientDetailsService);
this.userApprovalHandler = handler;
} else if (tokenStore() != null) {
TokenStoreUserApprovalHandler userApprovalHandler = new TokenStoreUserApprovalHandler();
userApprovalHandler.setTokenStore(tokenStore());
userApprovalHandler.setClientDetailsService(clientDetailsService());
userApprovalHandler.setRequestFactory(requestFactory());
this.userApprovalHandler = userApprovalHandler;
} else {
throw new IllegalStateException("Either a TokenStore or an ApprovalStore must be provided");
}
}
return this.userApprovalHandler;
}
Also used :
TokenStoreUserApprovalHandler(org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler)
ApprovalStoreUserApprovalHandler(org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler)
Example 8 with ApprovalStore
use of org.springframework.security.oauth2.provider.approval.ApprovalStore in project spring-security-oauth by spring-projects.
the class JwtTokenStore method readRefreshToken.
@Override
public OAuth2RefreshToken readRefreshToken(String tokenValue) {
OAuth2AccessToken encodedRefreshToken = convertAccessToken(tokenValue);
OAuth2RefreshToken refreshToken = createRefreshToken(encodedRefreshToken);
if (approvalStore != null) {
OAuth2Authentication authentication = readAuthentication(tokenValue);
if (authentication.getUserAuthentication() != null) {
String userId = authentication.getUserAuthentication().getName();
String clientId = authentication.getOAuth2Request().getClientId();
Collection<Approval> approvals = approvalStore.getApprovals(userId, clientId);
Collection<String> approvedScopes = new HashSet<String>();
for (Approval approval : approvals) {
if (approval.isApproved()) {
approvedScopes.add(approval.getScope());
}
}
if (!approvedScopes.containsAll(authentication.getOAuth2Request().getScope())) {
return null;
}
}
}
return refreshToken;
}
Also used :
DefaultExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)
OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken)
DefaultOAuth2RefreshToken(org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Approval(org.springframework.security.oauth2.provider.approval.Approval)
Example 9 with ApprovalStore
use of org.springframework.security.oauth2.provider.approval.ApprovalStore in project spring-security-oauth by spring-projects.
the class JwtTokenStoreTests method removeAccessToken.
@Test
public void removeAccessToken() throws Exception {
tokenStore.setApprovalStore(approvalStore);
approvalStore.addApprovals(Collections.singleton(new Approval("test", "id", "read", new Date(), ApprovalStatus.APPROVED)));
assertEquals(1, approvalStore.getApprovals("test", "id").size());
tokenStore.removeAccessToken(expectedOAuth2AccessToken);
assertEquals(1, approvalStore.getApprovals("test", "id").size());
}Aggregations
Approval (org.springframework.security.oauth2.provider.approval.Approval)6
Date (java.util.Date)4
Test (org.junit.Test)4
DefaultOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken)3
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)2
Advised (org.springframework.aop.framework.Advised)1
JdbcTemplate (org.springframework.jdbc.core.JdbcTemplate)1
Authentication (org.springframework.security.core.Authentication)1
DefaultExpiringOAuth2RefreshToken (org.springframework.security.oauth2.common.DefaultExpiringOAuth2RefreshToken)1
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)1
OAuth2RefreshToken (org.springframework.security.oauth2.common.OAuth2RefreshToken)1
ApprovalStore (org.springframework.security.oauth2.provider.approval.ApprovalStore)1
ApprovalStoreUserApprovalHandler (org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler)1
InMemoryApprovalStore (org.springframework.security.oauth2.provider.approval.InMemoryApprovalStore)1
JdbcApprovalStore (org.springframework.security.oauth2.provider.approval.JdbcApprovalStore)1
TokenApprovalStore (org.springframework.security.oauth2.provider.approval.TokenApprovalStore)1
TokenStoreUserApprovalHandler (org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler)1
