Example 1 with UserApprovalHandler
use of org.springframework.security.oauth2.provider.approval.UserApprovalHandler in project spring-security-oauth by spring-projects.
the class AuthorizationEndpointTests method testApprovalStoreAddsScopes.
@Test
public void testApprovalStoreAddsScopes() throws Exception {
ApprovalStoreUserApprovalHandler userApprovalHandler = new ApprovalStoreUserApprovalHandler();
userApprovalHandler.setApprovalStore(new InMemoryApprovalStore());
endpoint.setUserApprovalHandler(userApprovalHandler);
ModelAndView result = endpoint.authorize(model, getAuthorizationRequest("foo", null, null, "read", Collections.singleton("code")).getRequestParameters(), sessionStatus, principal);
assertEquals("forward:/oauth/confirm_access", result.getViewName());
assertTrue(result.getModel().containsKey("scopes"));
}
Also used :
InMemoryApprovalStore(org.springframework.security.oauth2.provider.approval.InMemoryApprovalStore)
ModelAndView(org.springframework.web.servlet.ModelAndView)
ApprovalStoreUserApprovalHandler(org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler)
Test(org.junit.Test)
Example 2 with UserApprovalHandler
use of org.springframework.security.oauth2.provider.approval.UserApprovalHandler in project spring-security-oauth by spring-projects.
the class AuthorizationServerEndpointsConfiguration method authorizationEndpoint.
@Bean
public AuthorizationEndpoint authorizationEndpoint() throws Exception {
AuthorizationEndpoint authorizationEndpoint = new AuthorizationEndpoint();
FrameworkEndpointHandlerMapping mapping = getEndpointsConfigurer().getFrameworkEndpointHandlerMapping();
authorizationEndpoint.setUserApprovalPage(extractPath(mapping, "/oauth/confirm_access"));
authorizationEndpoint.setProviderExceptionHandler(exceptionTranslator());
authorizationEndpoint.setErrorPage(extractPath(mapping, "/oauth/error"));
authorizationEndpoint.setTokenGranter(tokenGranter());
authorizationEndpoint.setClientDetailsService(clientDetailsService);
authorizationEndpoint.setAuthorizationCodeServices(authorizationCodeServices());
authorizationEndpoint.setOAuth2RequestFactory(oauth2RequestFactory());
authorizationEndpoint.setOAuth2RequestValidator(oauth2RequestValidator());
authorizationEndpoint.setUserApprovalHandler(userApprovalHandler());
return authorizationEndpoint;
}
Also used :
FrameworkEndpointHandlerMapping(org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping)
AuthorizationEndpoint(org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint)
AbstractFactoryBean(org.springframework.beans.factory.config.AbstractFactoryBean)
FactoryBean(org.springframework.beans.factory.FactoryBean)
Bean(org.springframework.context.annotation.Bean)
Example 3 with UserApprovalHandler
use of org.springframework.security.oauth2.provider.approval.UserApprovalHandler in project spring-security-oauth by spring-projects.
the class AuthorizationServerEndpointsConfigurer method userApprovalHandler.
private UserApprovalHandler userApprovalHandler() {
if (userApprovalHandler == null) {
if (approvalStore() != null) {
ApprovalStoreUserApprovalHandler handler = new ApprovalStoreUserApprovalHandler();
handler.setApprovalStore(approvalStore());
handler.setRequestFactory(requestFactory());
handler.setClientDetailsService(clientDetailsService);
this.userApprovalHandler = handler;
} else if (tokenStore() != null) {
TokenStoreUserApprovalHandler userApprovalHandler = new TokenStoreUserApprovalHandler();
userApprovalHandler.setTokenStore(tokenStore());
userApprovalHandler.setClientDetailsService(clientDetailsService());
userApprovalHandler.setRequestFactory(requestFactory());
this.userApprovalHandler = userApprovalHandler;
} else {
throw new IllegalStateException("Either a TokenStore or an ApprovalStore must be provided");
}
}
return this.userApprovalHandler;
}
Also used :
TokenStoreUserApprovalHandler(org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler)
ApprovalStoreUserApprovalHandler(org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler)
Example 4 with UserApprovalHandler
use of org.springframework.security.oauth2.provider.approval.UserApprovalHandler in project spring-boot by spring-projects.
the class OAuth2AutoConfigurationTests method testDefaultConfiguration.
@Test
public void testDefaultConfiguration() {
this.context = new AnnotationConfigServletWebServerApplicationContext();
this.context.register(AuthorizationAndResourceServerConfiguration.class, MinimalSecureWebApplication.class);
this.context.refresh();
this.context.getBean(AUTHORIZATION_SERVER_CONFIG);
this.context.getBean(RESOURCE_SERVER_CONFIG);
this.context.getBean(OAuth2MethodSecurityConfiguration.class);
ClientDetails config = this.context.getBean(BaseClientDetails.class);
AuthorizationEndpoint endpoint = this.context.getBean(AuthorizationEndpoint.class);
UserApprovalHandler handler = (UserApprovalHandler) ReflectionTestUtils.getField(endpoint, "userApprovalHandler");
ClientDetailsService clientDetailsService = this.context.getBean(ClientDetailsService.class);
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(config.getClientId());
assertThat(AopUtils.isJdkDynamicProxy(clientDetailsService)).isTrue();
assertThat(AopUtils.getTargetClass(clientDetailsService).getName()).isEqualTo(InMemoryClientDetailsService.class.getName());
assertThat(handler).isInstanceOf(ApprovalStoreUserApprovalHandler.class);
assertThat(clientDetails).isEqualTo(config);
verifyAuthentication(config);
assertThat(this.context.getBeanNamesForType(OAuth2RestOperations.class)).isEmpty();
}
Also used :
InMemoryClientDetailsService(org.springframework.security.oauth2.provider.client.InMemoryClientDetailsService)
BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)
ClientDetails(org.springframework.security.oauth2.provider.ClientDetails)
AnnotationConfigServletWebServerApplicationContext(org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)
ApprovalStoreUserApprovalHandler(org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler)
UserApprovalHandler(org.springframework.security.oauth2.provider.approval.UserApprovalHandler)
AuthorizationEndpoint(org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint)
ClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService)
InMemoryClientDetailsService(org.springframework.security.oauth2.provider.client.InMemoryClientDetailsService)
Test(org.junit.Test)
Aggregations
ApprovalStoreUserApprovalHandler (org.springframework.security.oauth2.provider.approval.ApprovalStoreUserApprovalHandler)3
Test (org.junit.Test)2
AuthorizationEndpoint (org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint)2
FactoryBean (org.springframework.beans.factory.FactoryBean)1
AbstractFactoryBean (org.springframework.beans.factory.config.AbstractFactoryBean)1
AnnotationConfigServletWebServerApplicationContext (org.springframework.boot.web.servlet.context.AnnotationConfigServletWebServerApplicationContext)1
Bean (org.springframework.context.annotation.Bean)1
ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)1
ClientDetailsService (org.springframework.security.oauth2.provider.ClientDetailsService)1
InMemoryApprovalStore (org.springframework.security.oauth2.provider.approval.InMemoryApprovalStore)1
TokenStoreUserApprovalHandler (org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler)1
UserApprovalHandler (org.springframework.security.oauth2.provider.approval.UserApprovalHandler)1
BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)1
InMemoryClientDetailsService (org.springframework.security.oauth2.provider.client.InMemoryClientDetailsService)1
FrameworkEndpointHandlerMapping (org.springframework.security.oauth2.provider.endpoint.FrameworkEndpointHandlerMapping)1
ModelAndView (org.springframework.web.servlet.ModelAndView)1
