Examples with BaseClientDetails org.springframework.security.oauth2.provider.client.BaseClientDetails used on opensource projects

Search in sources :

Example 36 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class OAuth2SecurityExpressionMethodsTests method testOauthClient.

@Test
public void testOauthClient() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "", "", "client_credentials", "ROLE_CLIENT"));
    Authentication userAuthentication = null;
    OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request(request.getRequestParameters(), request.getClientId(), request.getAuthorities(), request.isApproved(), request.getScope(), request.getResourceIds(), request.getRedirectUri(), request.getResponseTypes(), request.getExtensions());
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    assertTrue(new OAuth2SecurityExpressionMethods(oAuth2Authentication).clientHasAnyRole("ROLE_CLIENT"));
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Test(org.junit.Test)

Example 37 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class OAuth2WebSecurityExpressionHandlerTests method testScopesWithOr.

@Test
public void testScopesWithOr() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_USER"));
    request.setApproved(true);
    OAuth2Request clientAuthentication = request.createOAuth2Request();
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    FilterInvocation invocation = new FilterInvocation("/foo", "GET");
    EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write') or #oauth2.isUser()");
    assertTrue((Boolean) expression.getValue(context));
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) FilterInvocation(org.springframework.security.web.FilterInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 38 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class AuthorizationEndpointTests method init.

@Before
public void init() throws Exception {
    client = new BaseClientDetails();
    client.setRegisteredRedirectUri(Collections.singleton("http://anywhere.com"));
    client.setAuthorizedGrantTypes(Arrays.asList("authorization_code", "implicit"));
    endpoint.setClientDetailsService(new ClientDetailsService() {

        public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
            return client;
        }
    });
    endpoint.setTokenGranter(new TokenGranter() {

        public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) {
            return null;
        }
    });
    endpoint.setRedirectResolver(new DefaultRedirectResolver());
    endpoint.afterPropertiesSet();
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) TokenGranter(org.springframework.security.oauth2.provider.TokenGranter) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) TokenRequest(org.springframework.security.oauth2.provider.TokenRequest) ClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService) OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception) Before(org.junit.Before)

Example 39 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class OAuth2MethodSecurityExpressionHandlerTests method testScopesInsufficient.

@Test(expected = AccessDeniedException.class)
public void testScopesInsufficient() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "", "client_credentials", "ROLE_CLIENT"));
    OAuth2Request clientAuthentication = request.createOAuth2Request();
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass", AuthorityUtils.createAuthorityList("ROLE_USER"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(), "testOauthClient"));
    EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
    Expression expression = handler.getExpressionParser().parseExpression("#oauth2.hasAnyScope('write')");
    expression.getValue(context);
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) OAuth2Request(org.springframework.security.oauth2.provider.OAuth2Request) AuthorizationRequest(org.springframework.security.oauth2.provider.AuthorizationRequest) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) Expression(org.springframework.expression.Expression) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken) SimpleMethodInvocation(org.springframework.security.util.SimpleMethodInvocation) MethodInvocation(org.aopalliance.intercept.MethodInvocation) EvaluationContext(org.springframework.expression.EvaluationContext) Test(org.junit.Test)

Example 40 with BaseClientDetails

use of org.springframework.security.oauth2.provider.client.BaseClientDetails in project spring-security-oauth by spring-projects.

the class DefaultTokenServicesWithInMemoryTests method testNoRefreshTokenIfNotAuthorized.

@Test
public void testNoRefreshTokenIfNotAuthorized() throws Exception {
    // create access token
    getTokenServices().setAccessTokenValiditySeconds(1);
    getTokenServices().setClientDetailsService(new ClientDetailsService() {

        public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
            BaseClientDetails client = new BaseClientDetails();
            client.setAccessTokenValiditySeconds(1);
            client.setAuthorizedGrantTypes(Arrays.asList("authorization_code"));
            return client;
        }
    });
    OAuth2Authentication expectedAuthentication = new OAuth2Authentication(RequestTokenFactory.createOAuth2Request("id", false, Collections.singleton("read")), new TestAuthentication("test2", false));
    DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
    assertNull(token.getRefreshToken());
}
Also used : BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) BaseClientDetails(org.springframework.security.oauth2.provider.client.BaseClientDetails) ClientDetails(org.springframework.security.oauth2.provider.ClientDetails) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) ClientDetailsService(org.springframework.security.oauth2.provider.ClientDetailsService) OAuth2Exception(org.springframework.security.oauth2.common.exceptions.OAuth2Exception) DefaultOAuth2AccessToken(org.springframework.security.oauth2.common.DefaultOAuth2AccessToken) Test(org.junit.Test)

Aggregations

BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)42 Test (org.junit.Test)36 AuthorizationRequest (org.springframework.security.oauth2.provider.AuthorizationRequest)12 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)12 ClientDetails (org.springframework.security.oauth2.provider.ClientDetails)8 Authentication (org.springframework.security.core.Authentication)7 OAuth2Request (org.springframework.security.oauth2.provider.OAuth2Request)7 OAuth2Exception (org.springframework.security.oauth2.common.exceptions.OAuth2Exception)6 ClientDetailsService (org.springframework.security.oauth2.provider.ClientDetailsService)6 Before (org.junit.Before)5 Expression (org.springframework.expression.Expression)5 OAuth2AccessToken (org.springframework.security.oauth2.common.OAuth2AccessToken)5 ObjectMapper (org.codehaus.jackson.map.ObjectMapper)4 EvaluationContext (org.springframework.expression.EvaluationContext)4 UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)4 DefaultOAuth2AccessToken (org.springframework.security.oauth2.common.DefaultOAuth2AccessToken)4 MethodInvocation (org.aopalliance.intercept.MethodInvocation)3 TokenRequest (org.springframework.security.oauth2.provider.TokenRequest)3 SimpleMethodInvocation (org.springframework.security.util.SimpleMethodInvocation)3 Date (java.util.Date)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial