Examples with BearerTokenError org.springframework.security.oauth2.server.resource.BearerTokenError used on opensource projects

Search in sources :

Example 1 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class BearerTokenServerAuthenticationEntryPoint method createParameters.

private Map<String, String> createParameters(AuthenticationException authException) {
    Map<String, String> parameters = new LinkedHashMap<>();
    if (this.realmName != null) {
        parameters.put("realm", this.realmName);
    }
    if (authException instanceof OAuth2AuthenticationException) {
        OAuth2Error error = ((OAuth2AuthenticationException) authException).getError();
        parameters.put("error", error.getErrorCode());
        if (StringUtils.hasText(error.getDescription())) {
            parameters.put("error_description", error.getDescription());
        }
        if (StringUtils.hasText(error.getUri())) {
            parameters.put("error_uri", error.getUri());
        }
        if (error instanceof BearerTokenError) {
            BearerTokenError bearerTokenError = (BearerTokenError) error;
            if (StringUtils.hasText(bearerTokenError.getScope())) {
                parameters.put("scope", bearerTokenError.getScope());
            }
        }
    }
    return parameters;
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) LinkedHashMap(java.util.LinkedHashMap)

Example 2 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class BearerTokenServerAuthenticationEntryPointTests method commenceWhenBearerTokenThenErrorInformation.

@Test
public void commenceWhenBearerTokenThenErrorInformation() {
    OAuth2Error oauthError = new BearerTokenError(OAuth2ErrorCodes.INVALID_REQUEST, HttpStatus.BAD_REQUEST, "Oops", "https://example.com");
    OAuth2AuthenticationException exception = new OAuth2AuthenticationException(oauthError);
    this.entryPoint.commence(this.exchange, exception).block();
    assertThat(getResponse().getHeaders().getFirst(HttpHeaders.WWW_AUTHENTICATE)).isEqualTo("Bearer error=\"invalid_request\", error_description=\"Oops\", error_uri=\"https://example.com\"");
    assertThat(getResponse().getStatusCode()).isEqualTo(HttpStatus.BAD_REQUEST);
}
Also used : OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error) BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException) Test(org.junit.jupiter.api.Test)

Example 3 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class ServerBearerTokenAuthenticationConverter method resolveFromAuthorizationHeader.

private String resolveFromAuthorizationHeader(HttpHeaders headers) {
    String authorization = headers.getFirst(this.bearerTokenHeaderName);
    if (!StringUtils.startsWithIgnoreCase(authorization, "bearer")) {
        return null;
    }
    Matcher matcher = authorizationPattern.matcher(authorization);
    if (!matcher.matches()) {
        BearerTokenError error = invalidTokenError();
        throw new OAuth2AuthenticationException(error);
    }
    return matcher.group("token");
}
Also used : Matcher(java.util.regex.Matcher) BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)

Example 4 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class ServerBearerTokenAuthenticationConverter method token.

private String token(ServerHttpRequest request) {
    String authorizationHeaderToken = resolveFromAuthorizationHeader(request.getHeaders());
    String parameterToken = resolveAccessTokenFromRequest(request);
    if (authorizationHeaderToken != null) {
        if (parameterToken != null) {
            BearerTokenError error = BearerTokenErrors.invalidRequest("Found multiple bearer tokens in the request");
            throw new OAuth2AuthenticationException(error);
        }
        return authorizationHeaderToken;
    }
    if (parameterToken != null && isParameterTokenSupportedForRequest(request)) {
        return parameterToken;
    }
    return null;
}
Also used : BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)

Example 5 with BearerTokenError

use of org.springframework.security.oauth2.server.resource.BearerTokenError in project spring-security by spring-projects.

the class ServerBearerTokenAuthenticationConverter method resolveAccessTokenFromRequest.

private static String resolveAccessTokenFromRequest(ServerHttpRequest request) {
    List<String> parameterTokens = request.getQueryParams().get("access_token");
    if (CollectionUtils.isEmpty(parameterTokens)) {
        return null;
    }
    if (parameterTokens.size() == 1) {
        return parameterTokens.get(0);
    }
    BearerTokenError error = BearerTokenErrors.invalidRequest("Found multiple bearer tokens in the request");
    throw new OAuth2AuthenticationException(error);
}
Also used : BearerTokenError(org.springframework.security.oauth2.server.resource.BearerTokenError) OAuth2AuthenticationException(org.springframework.security.oauth2.core.OAuth2AuthenticationException)

Aggregations

BearerTokenError (org.springframework.security.oauth2.server.resource.BearerTokenError)24 OAuth2AuthenticationException (org.springframework.security.oauth2.core.OAuth2AuthenticationException)20 Test (org.junit.jupiter.api.Test)14 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)7 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)7 OAuth2Error (org.springframework.security.oauth2.core.OAuth2Error)6 LinkedHashMap (java.util.LinkedHashMap)3 MockServerHttpRequest (org.springframework.mock.http.server.reactive.MockServerHttpRequest)3 Matcher (java.util.regex.Matcher)2 HttpStatus (org.springframework.http.HttpStatus)2 BearerTokenAuthenticationToken (org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken)2 BearerTokenError (com.nimbusds.oauth2.sdk.token.BearerTokenError)1 ExceptionHandler (org.springframework.web.bind.annotation.ExceptionHandler)1 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial