Example usage for org.springframework.security.oauth2.client.token.grant.code AuthorizationCodeResourceDetails getScope

List of usage examples for org.springframework.security.oauth2.client.token.grant.code AuthorizationCodeResourceDetails getScope

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.oauth2.client.token.grant.code.*
  5. AuthorizationCodeResourceDetails
  6. getScope

Introduction

In this page you can find the example usage for org.springframework.security.oauth2.client.token.grant.code AuthorizationCodeResourceDetails getScope.

Prototype

public List<String> getScope()

Source Link

Usage

From source file:com.zhm.config.MyAuthorizationCodeAccessTokenProvider.java

protected UserApprovalRequiredException getUserApprovalSignal(AuthorizationCodeResourceDetails resource,
        AccessTokenRequest request) {//from  w w w.  ja v a  2s  .  c o  m
    String message = String.format("Do you approve the client '%s' to access your resources with scope=%s",
            resource.getClientId(), resource.getScope());
    return new UserApprovalRequiredException(resource.getUserAuthorizationUri(),
            Collections.singletonMap(OAuth2Utils.USER_OAUTH_APPROVAL, message), resource.getClientId(),
            resource.getScope());
}

From source file:com.emergya.spring.security.oauth.google.GoogleAuthorizationCodeAccessTokenProvider.java

/**
 * Gets the content for the UserApprovalRequire exeption.
 *
 * @param resource the resource details objet
 * @param request the access toke request
 * @return the exception to be thrown//from   w  w  w.j a va 2 s . c  om
 */
protected final UserApprovalRequiredException getUserApprovalSignal(AuthorizationCodeResourceDetails resource,
        AccessTokenRequest request) {
    String message = String.format("Do you approve the client '%s' to access your resources with scope=%s",
            resource.getClientId(), resource.getScope());
    return new UserApprovalRequiredException(resource.getUserAuthorizationUri(),
            Collections.singletonMap(OAuth2Utils.USER_OAUTH_APPROVAL, message), resource.getClientId(),
            resource.getScope());
}

From source file:com.zhm.config.MyAuthorizationCodeAccessTokenProvider.java

private MultiValueMap<String, String> getParametersForAuthorizeRequest(
        AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {

    MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
    form.set("response_type", "code");
    form.set("client_id", resource.getClientId());

    if (request.get("scope") != null) {
        form.set("scope", request.getFirst("scope"));
    } else {//ww w.j  a v  a2 s.  co m
        form.set("scope", OAuth2Utils.formatParameterList(resource.getScope()));
    }

    // Extracting the redirect URI from a saved request should ignore the current URI, so it's not simply a call to
    // resource.getRedirectUri()
    String redirectUri = resource.getPreEstablishedRedirectUri();

    Object preservedState = request.getPreservedState();
    if (redirectUri == null && preservedState != null) {
        // no pre-established redirect uri: use the preserved state
        // TODO: treat redirect URI as a special kind of state (this is a historical mini hack)
        redirectUri = String.valueOf(preservedState);
    } else {
        redirectUri = request.getCurrentUri();
    }

    String stateKey = request.getStateKey();
    if (stateKey != null) {
        form.set("state", stateKey);
        if (preservedState == null) {
            throw new InvalidRequestException(
                    "Possible CSRF detected - state parameter was present but no state could be found");
        }
    }

    if (redirectUri != null) {
        form.set("redirect_uri", redirectUri);
    }

    return form;

}

From source file:com.zhm.config.MyAuthorizationCodeAccessTokenProvider.java

private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource,
        AccessTokenRequest request) {// w w w.ja va2 s . c  om

    // we don't have an authorization code yet. So first get that.
    TreeMap<String, String> requestParameters = new TreeMap<String, String>();
    requestParameters.put("response_type", "code"); // oauth2 spec, section 3
    requestParameters.put("client_id", resource.getClientId());
    // Client secret is not required in the initial authorization request

    String redirectUri = resource.getRedirectUri(request);
    if (redirectUri != null) {
        requestParameters.put("redirect_uri", redirectUri);
    }

    if (resource.isScoped()) {

        StringBuilder builder = new StringBuilder();
        List<String> scope = resource.getScope();

        if (scope != null) {
            Iterator<String> scopeIt = scope.iterator();
            while (scopeIt.hasNext()) {
                builder.append(scopeIt.next());
                if (scopeIt.hasNext()) {
                    builder.append(' ');
                }
            }
        }

        requestParameters.put("scope", builder.toString());
    }

    UserRedirectRequiredException redirectException = new UserRedirectRequiredException(
            resource.getUserAuthorizationUri(), requestParameters);

    String stateKey = stateKeyGenerator.generateKey(resource);
    redirectException.setStateKey(stateKey);
    request.setStateKey(stateKey);
    redirectException.setStateToPreserve(redirectUri);
    request.setPreservedState(redirectUri);

    return redirectException;

}