use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class BaseClientDetailsTests method testJsonDeserializeWithArraysAsStrings.
@Test
public void testJsonDeserializeWithArraysAsStrings() throws Exception {
// Collection values can be deserialized from space or comma-separated lists
String value = "{\"foo\":\"bar\",\"client_id\":\"foo\",\"scope\":\"bar foo\",\"authorized_grant_types\":\"authorization_code\",\"authorities\":\"ROLE_USER,ROLE_ADMIN\"}";
BaseClientDetails details = new ObjectMapper().readValue(value, BaseClientDetails.class);
BaseClientDetails expected = new BaseClientDetails("foo", "", "foo,bar", "authorization_code", "ROLE_USER,ROLE_ADMIN");
expected.setAdditionalInformation(Collections.singletonMap("foo", (Object) "bar"));
assertEquals(expected, details);
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class DefaultTokenServicesWithInMemoryTests method testDifferentRefreshTokenMaintainsState.
@Test
public void testDifferentRefreshTokenMaintainsState() throws Exception {
// create access token
getTokenServices().setAccessTokenValiditySeconds(1);
getTokenServices().setClientDetailsService(new ClientDetailsService() {
public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
BaseClientDetails client = new BaseClientDetails();
client.setAccessTokenValiditySeconds(1);
client.setAuthorizedGrantTypes(Arrays.asList("authorization_code", "refresh_token"));
return client;
}
});
OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
DefaultOAuth2AccessToken firstAccessToken = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
OAuth2RefreshToken expectedExpiringRefreshToken = firstAccessToken.getRefreshToken();
// Make it expire (and rely on mutable state in volatile token store)
firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
// create another access token
OAuth2AccessToken secondAccessToken = getTokenServices().createAccessToken(expectedAuthentication);
assertFalse("The new access token should be different", firstAccessToken.getValue().equals(secondAccessToken.getValue()));
assertEquals("The new access token should have the same refresh token", expectedExpiringRefreshToken.getValue(), secondAccessToken.getRefreshToken().getValue());
// refresh access token with refresh token
TokenRequest tokenRequest = new TokenRequest(Collections.singletonMap("client_id", "id"), "id", Collections.singleton("read"), null);
getTokenServices().refreshAccessToken(expectedExpiringRefreshToken.getValue(), tokenRequest);
assertEquals(1, getAccessTokenCount());
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project dhis2-core by dhis2.
the class DefaultClientDetailsService method clientDetails.
private ClientDetails clientDetails(OAuth2Client client) {
if (client == null) {
return null;
}
BaseClientDetails clientDetails = new BaseClientDetails();
clientDetails.setClientId(client.getCid());
clientDetails.setClientSecret(client.getSecret());
clientDetails.setAuthorizedGrantTypes(new HashSet<>(client.getGrantTypes()));
clientDetails.setScope(SCOPES);
clientDetails.setRegisteredRedirectUri(new HashSet<>(client.getRedirectUris()));
return clientDetails;
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class ResourceServerConfigurationTests method init.
@Before
public void init() {
token = new DefaultOAuth2AccessToken("FOO");
ClientDetails client = new BaseClientDetails("client", null, "read", "client_credentials", "ROLE_CLIENT");
authentication = new OAuth2Authentication(new TokenRequest(null, "client", null, "client_credentials").createOAuth2Request(client), null);
tokenStore.clear();
}
use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.
the class ApprovalStoreUserApprovalHandlerTests method testAutoapprovedAllScopes.
@Test
public void testAutoapprovedAllScopes() {
handler.setClientDetailsService(clientDetailsService);
BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("true")));
clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
assertTrue(result.isApproved());
}
Aggregations