Search in sources :

Example 16 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class BaseClientDetailsTests method testJsonDeserializeWithArraysAsStrings.

@Test
public void testJsonDeserializeWithArraysAsStrings() throws Exception {
    // Collection values can be deserialized from space or comma-separated lists
    String value = "{\"foo\":\"bar\",\"client_id\":\"foo\",\"scope\":\"bar  foo\",\"authorized_grant_types\":\"authorization_code\",\"authorities\":\"ROLE_USER,ROLE_ADMIN\"}";
    BaseClientDetails details = new ObjectMapper().readValue(value, BaseClientDetails.class);
    BaseClientDetails expected = new BaseClientDetails("foo", "", "foo,bar", "authorization_code", "ROLE_USER,ROLE_ADMIN");
    expected.setAdditionalInformation(Collections.singletonMap("foo", (Object) "bar"));
    assertEquals(expected, details);
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ObjectMapper(org.codehaus.jackson.map.ObjectMapper) Test(org.junit.Test)

Example 17 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testDifferentRefreshTokenMaintainsState.

@Test
public void testDifferentRefreshTokenMaintainsState() throws Exception {
    // create access token
    getTokenServices().setAccessTokenValiditySeconds(1);
    getTokenServices().setClientDetailsService(new ClientDetailsService() {

        public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
            BaseClientDetails client = new BaseClientDetails();
            client.setAccessTokenValiditySeconds(1);
            client.setAuthorizedGrantTypes(Arrays.asList("authorization_code", "refresh_token"));
            return client;
        }
    });
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    OAuth2RefreshToken expectedExpiringRefreshToken = firstAccessToken.getRefreshToken();
    // Make it expire (and rely on mutable state in volatile token store)
    firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
    // create another access token
    OAuth2AccessToken secondAccessToken = getTokenServices().createAccessToken(expectedAuthentication);
    assertFalse("The new access token should be different", firstAccessToken.getValue().equals(secondAccessToken.getValue()));
    assertEquals("The new access token should have the same refresh token", expectedExpiringRefreshToken.getValue(), secondAccessToken.getRefreshToken().getValue());
    // refresh access token with refresh token
    TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
    getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
    assertEquals(1, getAccessTokenCount());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) ExpiringOAuth2RefreshToken(org.springframework.security.oauth2.common.ExpiringOAuth2RefreshToken) OAuth2RefreshToken(org.springframework.security.oauth2.common.OAuth2RefreshToken) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) ClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService) OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Date(java.util.Date) Test(org.junit.Test)

Example 18 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project dhis2-core by dhis2.

the class DefaultClientDetailsService method clientDetails.

private ClientDetails clientDetails(OAuth2Client client) {
    if (client == null) {
        return null;
    }
    BaseClientDetails clientDetails = new BaseClientDetails();
    clientDetails.setClientId(client.getCid());
    clientDetails.setClientSecret(client.getSecret());
    clientDetails.setAuthorizedGrantTypes(new HashSet<>(client.getGrantTypes()));
    clientDetails.setScope(SCOPES);
    clientDetails.setRegisteredRedirectUri(new HashSet<>(client.getRedirectUris()));
    return clientDetails;
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails)

Example 19 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class ResourceServerConfigurationTests method init.

@Before
public void init() {
    token = new DefaultOAuth2AccessToken("FOO");
    ClientDetails client = new BaseClientDetails("client", null, "read", "client_credentials", "ROLE_CLIENT");
    authentication = new OAuth2Authentication(new TokenRequest(null, "client", null, "client_credentials").createOAuth2Request(client), null);
    tokenStore.clear();
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Before(org.junit.Before)

Example 20 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class ApprovalStoreUserApprovalHandlerTests method testAutoapprovedAllScopes.

@Test
public void testAutoapprovedAllScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("true")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) Test(org.junit.Test)

Aggregations

BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)42 Test (org.junit.Test)36 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)12 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)12 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)8 Authentication (org.springframework.security.core.Authentication)7 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)7 OAuth2Exception (org.springframework.security.oauth2.common.exceptions.OAuth2Exception)6 ClientDetailsService (org.springframework.security.oauth2.provider.ClientDetailsService)6 Before (org.junit.Before)5 Expression (org.springframework.expression.Expression)5 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)5 ObjectMapper (org.codehaus.jackson.map.ObjectMapper)4 EvaluationContext (org.springframework.expression.EvaluationContext)4 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)4 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 MethodInvocation (org.aopalliance.intercept.MethodInvocation)3 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)3 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)3 Date (java.util.Date)2