Search in sources :

Example 6 with AccessTokenConverter

use of org.springframework.security.oauth2.provider.token.AccessTokenConverter in project new-cloud by xie-summer.

the class ResourceServerConfiguration method tokenServices.

@Bean
@Primary
public DefaultTokenServices tokenServices() {
    final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
    defaultTokenServices.setTokenStore(tokenStore());
    defaultTokenServices.setTokenEnhancer(accessTokenConverter());
    return defaultTokenServices;
}
Also used : DefaultTokenServices(org.springframework.security.oauth2.provider.token.DefaultTokenServices) Primary(org.springframework.context.annotation.Primary) Bean(org.springframework.context.annotation.Bean)

Example 7 with AccessTokenConverter

use of org.springframework.security.oauth2.provider.token.AccessTokenConverter in project paascloud-master by paascloud.

the class PcAuthorizationServerConfig method configure.

/**
 * Configure.
 *
 * @param endpoints the endpoints
 *
 * @throws Exception the exception
 */
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints.tokenStore(tokenStore).authenticationManager(authenticationManager).userDetailsService(userDetailsService);
    if (jwtAccessTokenConverter != null && jwtTokenEnhancer != null) {
        TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
        List<TokenEnhancer> enhancers = new ArrayList<>();
        enhancers.add(jwtTokenEnhancer);
        enhancers.add(jwtAccessTokenConverter);
        enhancerChain.setTokenEnhancers(enhancers);
        endpoints.tokenEnhancer(enhancerChain).accessTokenConverter(jwtAccessTokenConverter);
    }
}
Also used : TokenEnhancer(org.springframework.security.oauth2.provider.token.TokenEnhancer) TokenEnhancerChain(org.springframework.security.oauth2.provider.token.TokenEnhancerChain) ArrayList(java.util.ArrayList)

Example 8 with AccessTokenConverter

use of org.springframework.security.oauth2.provider.token.AccessTokenConverter in project spring-security-oauth by spring-projects.

the class JwkTokenStoreTests method readAuthenticationUsingCustomAccessTokenConverterThenAuthenticationDetailsContainsClaims.

// gh-1015
@Test
public void readAuthenticationUsingCustomAccessTokenConverterThenAuthenticationDetailsContainsClaims() throws Exception {
    AccessTokenConverter customAccessTokenConverter = mock(AccessTokenConverter.class);
    when(customAccessTokenConverter.extractAuthentication(anyMapOf(String.class, String.class))).thenAnswer(new Answer<OAuth2Authentication>() {

        @Override
        public OAuth2Authentication answer(InvocationOnMock invocation) throws Throwable {
            Map<String, String> claims = (Map<String, String>) invocation.getArguments()[0];
            OAuth2Authentication authentication = new OAuth2Authentication(mock(OAuth2Request.class), null);
            authentication.setDetails(claims);
            return authentication;
        }
    });
    JwkVerifyingJwtAccessTokenConverter jwtVerifyingAccessTokenConverter = new JwkVerifyingJwtAccessTokenConverter(mock(JwkDefinitionSource.class));
    jwtVerifyingAccessTokenConverter = spy(jwtVerifyingAccessTokenConverter);
    jwtVerifyingAccessTokenConverter.setAccessTokenConverter(customAccessTokenConverter);
    Map<String, String> claims = new LinkedHashMap<String, String>();
    claims.put("claim1", "value1");
    claims.put("claim2", "value2");
    claims.put("claim3", "value3");
    doReturn(claims).when(jwtVerifyingAccessTokenConverter).decode((anyString()));
    JwkTokenStore spy = spy(this.jwkTokenStore);
    JwtTokenStore delegate = new JwtTokenStore(jwtVerifyingAccessTokenConverter);
    Field field = ReflectionUtils.findField(spy.getClass(), "delegate");
    field.setAccessible(true);
    ReflectionUtils.setField(field, spy, delegate);
    OAuth2Authentication authentication = spy.readAuthentication(anyString());
    assertEquals(claims, authentication.getDetails());
}
Also used : JwtTokenStore(org.springframework.security.oauth2.provider.token.store.JwtTokenStore) Matchers.anyString(org.mockito.Matchers.anyString) LinkedHashMap(java.util.LinkedHashMap) AccessTokenConverter(org.springframework.security.oauth2.provider.token.AccessTokenConverter) Field(java.lang.reflect.Field) InvocationOnMock(org.mockito.invocation.InvocationOnMock) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) Test(org.junit.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Example 9 with AccessTokenConverter

use of org.springframework.security.oauth2.provider.token.AccessTokenConverter in project spring-security-oauth by spring-projects.

the class CheckTokenEndpointTest method setUp.

@Before
public void setUp() {
    ResourceServerTokenServices resourceServerTokenServices = mock(ResourceServerTokenServices.class);
    OAuth2AccessToken accessToken = mock(OAuth2AccessToken.class);
    OAuth2Authentication authentication = mock(OAuth2Authentication.class);
    when(resourceServerTokenServices.readAccessToken(anyString())).thenReturn(accessToken);
    when(accessToken.isExpired()).thenReturn(false);
    when(accessToken.getValue()).thenReturn("access-token-1234");
    when(resourceServerTokenServices.loadAuthentication(accessToken.getValue())).thenReturn(authentication);
    this.checkTokenEndpoint = new CheckTokenEndpoint(resourceServerTokenServices);
    AccessTokenConverter accessTokenConverter = mock(AccessTokenConverter.class);
    when(accessTokenConverter.convertAccessToken(accessToken, authentication)).thenReturn(new HashMap());
    this.checkTokenEndpoint.setAccessTokenConverter(accessTokenConverter);
}
Also used : AccessTokenConverter(org.springframework.security.oauth2.provider.token.AccessTokenConverter) HashMap(java.util.HashMap) OAuth2AccessToken(org.springframework.security.oauth2.common.OAuth2AccessToken) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) ResourceServerTokenServices(org.springframework.security.oauth2.provider.token.ResourceServerTokenServices) Before(org.junit.Before)

Example 10 with AccessTokenConverter

use of org.springframework.security.oauth2.provider.token.AccessTokenConverter in project spring-security-oauth by spring-projects.

the class JwkTokenStoreTest method readAuthenticationUsingCustomAccessTokenConverterThenAuthenticationDetailsContainsClaims.

// gh-1015
@Test
public void readAuthenticationUsingCustomAccessTokenConverterThenAuthenticationDetailsContainsClaims() throws Exception {
    AccessTokenConverter customAccessTokenConverter = mock(AccessTokenConverter.class);
    when(customAccessTokenConverter.extractAuthentication(anyMapOf(String.class, String.class))).thenAnswer(new Answer<OAuth2Authentication>() {

        @Override
        public OAuth2Authentication answer(InvocationOnMock invocation) throws Throwable {
            Map<String, String> claims = (Map<String, String>) invocation.getArguments()[0];
            OAuth2Authentication authentication = new OAuth2Authentication(mock(OAuth2Request.class), null);
            authentication.setDetails(claims);
            return authentication;
        }
    });
    JwkVerifyingJwtAccessTokenConverter jwtVerifyingAccessTokenConverter = new JwkVerifyingJwtAccessTokenConverter(mock(JwkDefinitionSource.class));
    jwtVerifyingAccessTokenConverter = spy(jwtVerifyingAccessTokenConverter);
    jwtVerifyingAccessTokenConverter.setAccessTokenConverter(customAccessTokenConverter);
    Map<String, String> claims = new LinkedHashMap<String, String>();
    claims.put("claim1", "value1");
    claims.put("claim2", "value2");
    claims.put("claim3", "value3");
    doReturn(claims).when(jwtVerifyingAccessTokenConverter).decode((anyString()));
    JwkTokenStore spy = spy(this.jwkTokenStore);
    JwtTokenStore delegate = new JwtTokenStore(jwtVerifyingAccessTokenConverter);
    Field field = ReflectionUtils.findField(spy.getClass(), "delegate");
    field.setAccessible(true);
    ReflectionUtils.setField(field, spy, delegate);
    OAuth2Authentication authentication = spy.readAuthentication(anyString());
    assertEquals(claims, authentication.getDetails());
}
Also used : JwtTokenStore(org.springframework.security.oauth2.provider.token.store.JwtTokenStore) Matchers.anyString(org.mockito.Matchers.anyString) LinkedHashMap(java.util.LinkedHashMap) AccessTokenConverter(org.springframework.security.oauth2.provider.token.AccessTokenConverter) Field(java.lang.reflect.Field) InvocationOnMock(org.mockito.invocation.InvocationOnMock) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map) Test(org.junit.Test) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest)

Aggregations

Bean (org.springframework.context.annotation.Bean)8 OAuth2Authentication (org.springframework.security.oauth2.provider.OAuth2Authentication)5 Test (org.junit.Test)4 Matchers.anyString (org.mockito.Matchers.anyString)3 AccessTokenConverter (org.springframework.security.oauth2.provider.token.AccessTokenConverter)3 DefaultAccessTokenConverter (org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter)3 TokenEnhancerChain (org.springframework.security.oauth2.provider.token.TokenEnhancerChain)3 JwtAccessTokenConverter (org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter)3 Field (java.lang.reflect.Field)2 HashMap (java.util.HashMap)2 LinkedHashMap (java.util.LinkedHashMap)2 Map (java.util.Map)2 InvocationOnMock (org.mockito.invocation.InvocationOnMock)2 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)2 Primary (org.springframework.context.annotation.Primary)2 Resource (org.springframework.core.io.Resource)2 JwtTokenStore (org.springframework.security.oauth2.provider.token.store.JwtTokenStore)2 CustomerAccessTokenConverter (com.framework.auth.config.support.CustomerAccessTokenConverter)1 IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1