use of org.springframework.security.oauth2.provider.code.AuthorizationCodeServices in project spring-security-oauth by spring-projects.
the class AuthorizationCodeTokenGranterTests method testAuthorizationParametersPreserved.
@Test
public void testAuthorizationParametersPreserved() {
parameters.clear();
parameters.put("foo", "bar");
parameters.put(OAuth2Utils.CLIENT_ID, "foo");
parameters.put(OAuth2Utils.SCOPE, "scope");
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request(parameters, "foo", true, Collections.singleton("scope"));
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("marissa", "koala", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
String code = authorizationCodeServices.createAuthorizationCode(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
parameters.put("code", code);
TokenRequest tokenRequest = requestFactory.createTokenRequest(parameters, client);
AuthorizationCodeTokenGranter granter = new AuthorizationCodeTokenGranter(providerTokenServices, authorizationCodeServices, clientDetailsService, requestFactory);
OAuth2AccessToken token = granter.grant("authorization_code", tokenRequest);
OAuth2Request finalRequest = providerTokenServices.loadAuthentication(token.getValue()).getOAuth2Request();
assertEquals(code, finalRequest.getRequestParameters().get("code"));
assertEquals("bar", finalRequest.getRequestParameters().get("foo"));
}
use of org.springframework.security.oauth2.provider.code.AuthorizationCodeServices in project spring-security-oauth by spring-projects.
the class AuthorizationCodeTokenGranterTests method testAuthorizationRedirectMismatch.
@Test
public void testAuthorizationRedirectMismatch() {
Map<String, String> initialParameters = new HashMap<String, String>();
initialParameters.put(OAuth2Utils.REDIRECT_URI, "https://redirectMe");
//AuthorizationRequest initialRequest = createFromParameters(initialParameters);
// we fake a valid resolvedRedirectUri because without the client would never come this far
//initialRequest.setRedirectUri(initialParameters.get(REDIRECT_URI));
parameters.clear();
parameters.put(OAuth2Utils.REDIRECT_URI, "https://redirectMe");
parameters.put(OAuth2Utils.CLIENT_ID, "foo");
OAuth2Request storedOAuth2Request = RequestTokenFactory.createOAuth2Request(parameters, "foo", null, true, null, null, "https://redirectMe", null, null);
Authentication userAuthentication = new UsernamePasswordAuthenticationToken("marissa", "koala", AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
String code = authorizationCodeServices.createAuthorizationCode(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
Map<String, String> authorizationParameters = new HashMap<String, String>();
authorizationParameters.put("code", code);
//AuthorizationRequest oAuth2Request = createFromParameters(initialParameters);
//oAuth2Request.setRequestParameters(authorizationParameters);
TokenRequest tokenRequest = requestFactory.createTokenRequest(parameters, client);
tokenRequest.setRequestParameters(authorizationParameters);
AuthorizationCodeTokenGranter granter = new AuthorizationCodeTokenGranter(providerTokenServices, authorizationCodeServices, clientDetailsService, requestFactory);
try {
granter.getOAuth2Authentication(client, tokenRequest);
fail("RedirectMismatchException because of null redirect_uri in authorizationRequest");
} catch (RedirectMismatchException e) {
}
}
Aggregations