Search in sources :

Example 1 with DelegatingOAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2RefreshTokenAuthenticationProviderTests method setUp.

@Before
public void setUp() {
    this.authorizationService = mock(OAuth2AuthorizationService.class);
    this.jwtEncoder = mock(JwtEncoder.class);
    when(this.jwtEncoder.encode(any(), any())).thenReturn(createJwt(Collections.singleton("scope1")));
    this.jwtCustomizer = mock(OAuth2TokenCustomizer.class);
    JwtGenerator jwtGenerator = new JwtGenerator(this.jwtEncoder);
    jwtGenerator.setJwtCustomizer(this.jwtCustomizer);
    this.accessTokenCustomizer = mock(OAuth2TokenCustomizer.class);
    OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
    accessTokenGenerator.setAccessTokenCustomizer(this.accessTokenCustomizer);
    OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
    OAuth2TokenGenerator<OAuth2Token> delegatingTokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator, refreshTokenGenerator);
    this.tokenGenerator = spy(new OAuth2TokenGenerator<OAuth2Token>() {

        @Override
        public OAuth2Token generate(OAuth2TokenContext context) {
            return delegatingTokenGenerator.generate(context);
        }
    });
    this.authenticationProvider = new OAuth2RefreshTokenAuthenticationProvider(this.authorizationService, this.tokenGenerator);
    ProviderSettings providerSettings = ProviderSettings.builder().issuer("https://provider.com").build();
    ProviderContextHolder.setProviderContext(new ProviderContext(providerSettings, null));
}
Also used : ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) Before(org.junit.Before)

Example 2 with DelegatingOAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2ClientCredentialsAuthenticationProviderTests method setUp.

@Before
public void setUp() {
    this.authorizationService = mock(OAuth2AuthorizationService.class);
    this.jwtEncoder = mock(JwtEncoder.class);
    this.jwtCustomizer = mock(OAuth2TokenCustomizer.class);
    JwtGenerator jwtGenerator = new JwtGenerator(this.jwtEncoder);
    jwtGenerator.setJwtCustomizer(this.jwtCustomizer);
    this.accessTokenCustomizer = mock(OAuth2TokenCustomizer.class);
    OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
    accessTokenGenerator.setAccessTokenCustomizer(this.accessTokenCustomizer);
    OAuth2TokenGenerator<OAuth2Token> delegatingTokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator);
    this.tokenGenerator = spy(new OAuth2TokenGenerator<OAuth2Token>() {

        @Override
        public OAuth2Token generate(OAuth2TokenContext context) {
            return delegatingTokenGenerator.generate(context);
        }
    });
    this.authenticationProvider = new OAuth2ClientCredentialsAuthenticationProvider(this.authorizationService, this.tokenGenerator);
    ProviderSettings providerSettings = ProviderSettings.builder().issuer("https://provider.com").build();
    ProviderContextHolder.setProviderContext(new ProviderContext(providerSettings, null));
}
Also used : ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) Before(org.junit.Before)

Example 3 with DelegatingOAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2ConfigurerUtils method getTokenGenerator.

@SuppressWarnings("unchecked")
static <B extends HttpSecurityBuilder<B>> OAuth2TokenGenerator<? extends OAuth2Token> getTokenGenerator(B builder) {
    OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator = builder.getSharedObject(OAuth2TokenGenerator.class);
    if (tokenGenerator == null) {
        tokenGenerator = getOptionalBean(builder, OAuth2TokenGenerator.class);
        if (tokenGenerator == null) {
            JwtGenerator jwtGenerator = getJwtGenerator(builder);
            OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
            OAuth2TokenCustomizer<OAuth2TokenClaimsContext> accessTokenCustomizer = getAccessTokenCustomizer(builder);
            if (accessTokenCustomizer != null) {
                accessTokenGenerator.setAccessTokenCustomizer(accessTokenCustomizer);
            }
            OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
            if (jwtGenerator != null) {
                tokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator, refreshTokenGenerator);
            } else {
                tokenGenerator = new DelegatingOAuth2TokenGenerator(accessTokenGenerator, refreshTokenGenerator);
            }
        }
        builder.setSharedObject(OAuth2TokenGenerator.class, tokenGenerator);
    }
    return tokenGenerator;
}
Also used : JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenClaimsContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenClaimsContext) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator)

Example 4 with DelegatingOAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class OAuth2AuthorizationCodeAuthenticationProviderTests method setUp.

@Before
public void setUp() {
    this.authorizationService = mock(OAuth2AuthorizationService.class);
    this.jwtEncoder = mock(JwtEncoder.class);
    this.jwtCustomizer = mock(OAuth2TokenCustomizer.class);
    JwtGenerator jwtGenerator = new JwtGenerator(this.jwtEncoder);
    jwtGenerator.setJwtCustomizer(this.jwtCustomizer);
    this.accessTokenCustomizer = mock(OAuth2TokenCustomizer.class);
    OAuth2AccessTokenGenerator accessTokenGenerator = new OAuth2AccessTokenGenerator();
    accessTokenGenerator.setAccessTokenCustomizer(this.accessTokenCustomizer);
    OAuth2RefreshTokenGenerator refreshTokenGenerator = new OAuth2RefreshTokenGenerator();
    OAuth2TokenGenerator<OAuth2Token> delegatingTokenGenerator = new DelegatingOAuth2TokenGenerator(jwtGenerator, accessTokenGenerator, refreshTokenGenerator);
    this.tokenGenerator = spy(new OAuth2TokenGenerator<OAuth2Token>() {

        @Override
        public OAuth2Token generate(OAuth2TokenContext context) {
            return delegatingTokenGenerator.generate(context);
        }
    });
    this.authenticationProvider = new OAuth2AuthorizationCodeAuthenticationProvider(this.authorizationService, this.tokenGenerator);
    ProviderSettings providerSettings = ProviderSettings.builder().issuer("https://provider.com").build();
    ProviderContextHolder.setProviderContext(new ProviderContext(providerSettings, null));
}
Also used : ProviderContext(org.springframework.security.oauth2.server.authorization.context.ProviderContext) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) JwtGenerator(org.springframework.security.oauth2.server.authorization.JwtGenerator) OAuth2RefreshTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator) DelegatingOAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator) OAuth2TokenContext(org.springframework.security.oauth2.server.authorization.OAuth2TokenContext) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) OAuth2AccessTokenGenerator(org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator) Before(org.junit.Before)

Example 5 with DelegatingOAuth2TokenGenerator

use of org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator in project spring-authorization-server by spring-projects.

the class DelegatingOAuth2TokenGeneratorTests method generateWhenTokenGeneratorSupportedThenReturnToken.

@Test
@SuppressWarnings("unchecked")
public void generateWhenTokenGeneratorSupportedThenReturnToken() {
    OAuth2TokenGenerator<OAuth2Token> tokenGenerator1 = mock(OAuth2TokenGenerator.class);
    OAuth2TokenGenerator<OAuth2Token> tokenGenerator2 = mock(OAuth2TokenGenerator.class);
    OAuth2TokenGenerator<OAuth2Token> tokenGenerator3 = mock(OAuth2TokenGenerator.class);
    OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, "access-token", Instant.now(), Instant.now().plusSeconds(300));
    when(tokenGenerator3.generate(any())).thenReturn(accessToken);
    DelegatingOAuth2TokenGenerator delegatingTokenGenerator = new DelegatingOAuth2TokenGenerator(tokenGenerator1, tokenGenerator2, tokenGenerator3);
    OAuth2Token token = delegatingTokenGenerator.generate(DefaultOAuth2TokenContext.builder().build());
    assertThat(token).isEqualTo(accessToken);
}
Also used : OAuth2AccessToken(org.springframework.security.oauth2.core.OAuth2AccessToken) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) Test(org.junit.Test)

Aggregations

OAuth2Token (org.springframework.security.oauth2.core.OAuth2Token)5 DelegatingOAuth2TokenGenerator (org.springframework.security.oauth2.server.authorization.DelegatingOAuth2TokenGenerator)4 JwtGenerator (org.springframework.security.oauth2.server.authorization.JwtGenerator)4 OAuth2AccessTokenGenerator (org.springframework.security.oauth2.server.authorization.OAuth2AccessTokenGenerator)4 OAuth2TokenGenerator (org.springframework.security.oauth2.server.authorization.OAuth2TokenGenerator)4 Before (org.junit.Before)3 JwtEncoder (org.springframework.security.oauth2.jwt.JwtEncoder)3 OAuth2AuthorizationService (org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)3 OAuth2RefreshTokenGenerator (org.springframework.security.oauth2.server.authorization.OAuth2RefreshTokenGenerator)3 OAuth2TokenContext (org.springframework.security.oauth2.server.authorization.OAuth2TokenContext)3 OAuth2TokenCustomizer (org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer)3 ProviderSettings (org.springframework.security.oauth2.server.authorization.config.ProviderSettings)3 ProviderContext (org.springframework.security.oauth2.server.authorization.context.ProviderContext)3 Test (org.junit.Test)2 OAuth2AccessToken (org.springframework.security.oauth2.core.OAuth2AccessToken)1 OAuth2TokenClaimsContext (org.springframework.security.oauth2.server.authorization.OAuth2TokenClaimsContext)1