Example 6 with OAuth2AuthenticationDetails
use of org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails in project credhub by cloudfoundry-incubator.
the class UserContextFactory method createUserContext.
public UserContext createUserContext(OAuth2Authentication authentication, String token) {
OAuth2Request oauth2Request = authentication.getOAuth2Request();
String clientId = oauth2Request.getClientId();
String grantType = oauth2Request.getGrantType();
String userId = null;
String userName = null;
String issuer = null;
long validFrom = 0;
long validUntil = 0;
String scope = null;
if (token == null) {
OAuth2AuthenticationDetails authDetails = (OAuth2AuthenticationDetails) authentication.getDetails();
token = authDetails.getTokenValue();
}
OAuth2AccessToken accessToken;
accessToken = resourceServerTokenServices.readAccessToken(token);
if (accessToken != null) {
Set<String> scopes = accessToken.getScope();
scope = scopes == null ? null : String.join(",", scopes);
Map<String, Object> additionalInformation = accessToken.getAdditionalInformation();
userName = (String) additionalInformation.get("user_name");
userId = (String) additionalInformation.get("user_id");
issuer = (String) additionalInformation.get("iss");
validFrom = claimValueAsLong(additionalInformation);
validUntil = accessToken.getExpiration().toInstant().getEpochSecond();
}
return new UserContext(userId, userName, issuer, validFrom, validUntil, clientId, scope, grantType, UserContext.AUTH_METHOD_UAA);
}
Also used :
OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request)
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2AuthenticationDetails(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails)
Example 7 with OAuth2AuthenticationDetails
use of org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails in project spring-security-oauth by spring-projects.
the class OAuth2AuthenticationManagerTests method testDetailsEnhanced.
@Test
public void testDetailsEnhanced() throws Exception {
authentication.setDetails("DETAILS");
Mockito.when(tokenServices.loadAuthentication("FOO")).thenReturn(authentication);
PreAuthenticatedAuthenticationToken request = new PreAuthenticatedAuthenticationToken("FOO", "");
MockHttpServletRequest servletRequest = new MockHttpServletRequest();
servletRequest.setAttribute(OAuth2AuthenticationDetails.ACCESS_TOKEN_VALUE, "BAR");
OAuth2AuthenticationDetails details = new OAuth2AuthenticationDetails(servletRequest);
request.setDetails(details);
Authentication result = manager.authenticate(request);
assertEquals(authentication, result);
assertEquals("BAR", ((OAuth2AuthenticationDetails) result.getDetails()).getTokenValue());
assertEquals("DETAILS", ((OAuth2AuthenticationDetails) result.getDetails()).getDecodedDetails());
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Authentication(org.springframework.security.core.Authentication)
PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)
Test(org.junit.Test)
Example 8 with OAuth2AuthenticationDetails
use of org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails in project spring-security-oauth by spring-projects.
the class OAuth2AuthenticationTests method testSerializationWithDetails.
@Test
public void testSerializationWithDetails() {
OAuth2Authentication holder = new OAuth2Authentication(new AuthorizationRequest("client", Arrays.asList("read")).createOAuth2Request(), new UsernamePasswordAuthenticationToken("user", "pwd"));
holder.setDetails(new OAuth2AuthenticationDetails(new MockHttpServletRequest()));
OAuth2Authentication other = (OAuth2Authentication) SerializationUtils.deserialize(SerializationUtils.serialize(holder));
assertEquals(holder, other);
}
Also used :
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
OAuth2AuthenticationDetails(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails)
Test(org.junit.Test)
Example 9 with OAuth2AuthenticationDetails
use of org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails in project cuba by cuba-platform.
the class IdpAuthLifecycleManager method handleBeforeRestInvocationEvent.
@Order(Events.HIGHEST_PLATFORM_PRECEDENCE + 100)
@EventListener
public void handleBeforeRestInvocationEvent(BeforeRestInvocationEvent event) {
if (idpConfig.getIdpEnabled()) {
if (idpConfig.getIdpPingSessionOnRequest() && event.getAuthentication() instanceof OAuth2Authentication) {
IdpSessionStatus status = pingIdpSession(event.getAuthentication());
if (status == IdpSessionStatus.EXPIRED) {
Object details = event.getAuthentication().getDetails();
String accessToken = ((OAuth2AuthenticationDetails) details).getTokenValue();
oAuthTokenRevoker.revokeAccessToken(accessToken);
log.info("IDP session is expired. REST token {} revoked", accessToken);
event.preventInvocation();
String idpLoginUrl = getIdpLoginUrl(idpConfig.getIdpDefaultRedirectUrl());
Gson gson = new Gson();
String body = gson.toJson(new IdpSessionExpiredResponse("idp_session_expired", idpLoginUrl));
HttpServletResponse response = (HttpServletResponse) event.getResponse();
try {
response.setHeader(HttpHeaders.CONTENT_TYPE, "application/json; charset=UTF-8");
response.getWriter().write(body);
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
} catch (IOException e) {
throw new RuntimeException("Unable to send status to client", e);
}
}
}
}
}
Also used :
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
Gson(com.google.gson.Gson)
HttpServletResponse(javax.servlet.http.HttpServletResponse)
OAuth2AuthenticationDetails(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails)
IOException(java.io.IOException)
Order(org.springframework.core.annotation.Order)
EventListener(org.springframework.context.event.EventListener)
Example 10 with OAuth2AuthenticationDetails
use of org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails in project cuba by cuba-platform.
the class IdpAuthLifecycleManager method pingIdpSession.
protected IdpSessionStatus pingIdpSession(Authentication authentication) {
if (authentication instanceof OAuth2Authentication) {
Object details = authentication.getDetails();
String accessTokenId = ((OAuth2AuthenticationDetails) details).getTokenValue();
OAuth2AccessToken accessToken = tokenStore.readAccessToken(accessTokenId);
if (accessToken == null) {
return IdpSessionStatus.UNSUPPORTED;
}
String idpSessionId = getIdpSessionId(accessToken);
if (idpSessionId == null) {
return IdpSessionStatus.UNSUPPORTED;
}
return pingIdpSessionServer(idpSessionId);
}
return IdpSessionStatus.UNSUPPORTED;
}
Also used :
OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken)
OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)
OAuth2AuthenticationDetails(org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails)
Aggregations
OAuth2AuthenticationDetails (org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails)11
OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)9
Authentication (org.springframework.security.core.Authentication)8
Test (org.junit.Test)5
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)4
OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)4
OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)3
HashSet (java.util.HashSet)2
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)2
DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)2
PreAuthenticatedAuthenticationToken (org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)2
Gson (com.google.gson.Gson)1
RequestContext (com.netflix.zuul.context.RequestContext)1
IOException (java.io.IOException)1
HashMap (java.util.HashMap)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
HttpServletResponse (javax.servlet.http.HttpServletResponse)1
StringContains.containsString (org.hamcrest.core.StringContains.containsString)1
Before (org.junit.Before)1
EventListener (org.springframework.context.event.EventListener)1
