List of usage examples for org.springframework.security.oauth2.common OAuth2AccessToken getAdditionalInformation
Map<String, Object> getAdditionalInformation();
From source file:com.ge.predix.uaa.token.lib.TestTokenUtil.java
private static Map<String, ?> createJWTAccessToken(final OAuth2AccessToken token, final String issuerId, final String userId, final String username, final String userEmail, final Collection<GrantedAuthority> clientScopes, final Set<String> requestedScopes, final String clientId, final Set<String> resourceIds, final String grantType, final String refreshToken, final String revocableHashSignature, final long issuedAtMillis, final String zoneId) { Map<String, Object> response = new LinkedHashMap<String, Object>(); response.put(JTI, token.getAdditionalInformation().get(JTI)); response.putAll(token.getAdditionalInformation()); response.put(SUB, userId);// w ww .java2s . c om if (null != clientScopes) { response.put(AUTHORITIES, AuthorityUtils.authorityListToSet(clientScopes)); } response.put(OAuth2AccessToken.SCOPE, requestedScopes); response.put(CLIENT_ID, clientId); response.put(CID, clientId); response.put(AZP, clientId); // openId Connect if (null != grantType) { response.put(GRANT_TYPE, grantType); } if (!"client_credentials".equals(grantType)) { response.put(USER_ID, userId); response.put(USER_NAME, username == null ? userId : username); if (null != userEmail) { response.put(EMAIL, userEmail); } } if (StringUtils.hasText(revocableHashSignature)) { response.put(Claims.REVOCATION_SIGNATURE, revocableHashSignature); } response.put(IAT, issuedAtMillis / 1000); if (token.getExpiration() != null) { response.put(EXP, token.getExpiration().getTime() / 1000); } if (issuerId != null) { response.put(ISS, issuerId); response.put(ZONE_ID, zoneId); } response.put(AUD, resourceIds); return response; }
From source file:org.springframework.security.oauth2.common.OAuth2AccessTokenJackson2DeserializerTests.java
private static void assertTokenEquals(OAuth2AccessToken expected, OAuth2AccessToken actual) { assertEquals(expected.getTokenType(), actual.getTokenType()); assertEquals(expected.getValue(), actual.getValue()); OAuth2RefreshToken expectedRefreshToken = expected.getRefreshToken(); if (expectedRefreshToken == null) { assertNull(actual.getRefreshToken()); } else {//from ww w . ja v a 2 s . c om assertEquals(expectedRefreshToken.getValue(), actual.getRefreshToken().getValue()); } assertEquals(expected.getScope(), actual.getScope()); Date expectedExpiration = expected.getExpiration(); if (expectedExpiration == null) { assertNull(actual.getExpiration()); } else { assertEquals(expectedExpiration.getTime(), actual.getExpiration().getTime()); } assertEquals(expected.getAdditionalInformation(), actual.getAdditionalInformation()); }
From source file:org.orcid.examples.jopmts.impl.OrcidServiceImpl.java
public Document getOrcidDocument(String orcid) throws OrcidException { if (orcid == null) { OAuth2AccessToken accessToken = orcidRestTemplate.getAccessToken(); orcid = (String) accessToken.getAdditionalInformation().get("orcid"); }//from ww w . j ava2s .c o m String url = String.format(orcidInfoURL, orcid); return (Document) orcidRestTemplate.getForObject(url, DOMSource.class).getNode(); }
From source file:org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStoreITest.java
@Test public void readAccessTokenWhenJwtHasValidIssuerClaimThenVerificationSucceeds() throws Exception { String issuer = "http://localhost:8180/auth/realms/Demo"; this.setUpResponses(issuer); ProviderDiscoveryClient discoveryClient = new ProviderDiscoveryClient(this.server.url("").toString()); ProviderConfiguration providerConfiguration = discoveryClient.discover(); List<JwtClaimsSetVerifier> jwtClaimsSetVerifiers = new ArrayList<JwtClaimsSetVerifier>(); jwtClaimsSetVerifiers.add(new IssuerClaimVerifier(providerConfiguration.getIssuer())); JwkTokenStore jwkTokenStore = new JwkTokenStore(providerConfiguration.getJwkSetUri().toString(), new DelegatingJwtClaimsSetVerifier(jwtClaimsSetVerifiers)); // NOTE: The 'iss' claim in this JWT is http://localhost:8180/auth/realms/Demo String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJfQ2kzLVZmVl9OMFlBRzIyTlFPZ09VcEZCRERjRGVfckp4cHU1Sks3MDJvIn0.eyJqdGkiOiIzOWQxMmU1NC00MjliLTRkZjUtOTM2OS01YWVlOTFkNzAwZjgiLCJleHAiOjE0ODg5MDk1NzMsIm5iZiI6MCwiaWF0IjoxNDg4OTA5MjczLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgxODAvYXV0aC9yZWFsbXMvRGVtbyIsImF1ZCI6ImJvb3QtYXBwIiwic3ViIjoiNGM5NjE5NDQtN2VkZC00ZDZiLTg2MGUtYmJiZGNhODk0MDU4IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiYm9vdC1hcHAiLCJhdXRoX3RpbWUiOjE0ODg5MDkyNzMsInNlc3Npb25fc3RhdGUiOiJiMjdjMDZlNi02ODgwLTQxZTEtOTM2MS1jZmEzYzY2ZjYyNjAiLCJhY3IiOiIxIiwiY2xpZW50X3Nlc3Npb24iOiIyYjA5NTFiOC1iMjdkLTRlYWMtYjUxOC1kZTQ5OTA5OTY2ZDgiLCJhbGxvd2VkLW9yaWdpbnMiOltdLCJyZXNvdXJjZV9hY2Nlc3MiOnsiYm9vdC1hcGkiOnsicm9sZXMiOlsiYm9vdC1hcGktcm9sZSJdfSwiYm9vdC1hcHAiOnsicm9sZXMiOlsiYm9vdC1yb2xlIl19fSwibmFtZSI6IkFsaWNlICIsInByZWZlcnJlZF91c2VybmFtZSI6ImFsaWNlIiwiZ2l2ZW5fbmFtZSI6IkFsaWNlIiwiZmFtaWx5X25hbWUiOiIiLCJlbWFpbCI6ImFsaWNlQGV4YW1wbGUubmV0In0.NfF5rPMabu8gaigUHZnX3gIzNGAxKpmPP206U5keNtexNqsmQEFO4KT2i1JYLwvNVFnRWCa8FmYokAtzeHgLvHk2B8CZXqL6GSMGQ26wPS5RIFTak9HjfHMhodqSIdy4wZTKmEcum_uYTaCdrVRSfWU8l94xAY6OzwElZX5ulkucvgWQnpFs0HB7X54kB07OqpN8L3i1jeQoEV0iJchtxZiEOSipqMNO7cujMqB_6lf9i78URPuyExfeLzAWyDbMWSJBp3zUoS7HakwE_4oC3eVEYTxDtMRL2yl2_8R0C0g2Dc0Qb9aezFxo3-SDNuy9aicDmibEEOpIoetlrIYbNA"; OAuth2AccessToken accessToken = jwkTokenStore.readAccessToken(jwt); assertEquals(issuer, accessToken.getAdditionalInformation().get("iss")); }
From source file:org.springframework.security.oauth2.provider.token.store.jwk.JwkTokenStoreITest.java
@Test(expected = InvalidTokenException.class) public void readAccessTokenWhenJwtHasInvalidIssuerClaimThenVerificationFails() throws Exception { String issuer = "http://localhost:8180/auth/realms/Demo-2"; this.setUpResponses(issuer); ProviderDiscoveryClient discoveryClient = new ProviderDiscoveryClient(this.server.url("").toString()); ProviderConfiguration providerConfiguration = discoveryClient.discover(); List<JwtClaimsSetVerifier> jwtClaimsSetVerifiers = new ArrayList<JwtClaimsSetVerifier>(); jwtClaimsSetVerifiers.add(new IssuerClaimVerifier(providerConfiguration.getIssuer())); JwkTokenStore jwkTokenStore = new JwkTokenStore(providerConfiguration.getJwkSetUri().toString(), new DelegatingJwtClaimsSetVerifier(jwtClaimsSetVerifiers)); // NOTE: The 'iss' claim in this JWT is http://localhost:8180/auth/realms/Demo String jwt = "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJfQ2kzLVZmVl9OMFlBRzIyTlFPZ09VcEZCRERjRGVfckp4cHU1Sks3MDJvIn0.eyJqdGkiOiIzOWQxMmU1NC00MjliLTRkZjUtOTM2OS01YWVlOTFkNzAwZjgiLCJleHAiOjE0ODg5MDk1NzMsIm5iZiI6MCwiaWF0IjoxNDg4OTA5MjczLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgxODAvYXV0aC9yZWFsbXMvRGVtbyIsImF1ZCI6ImJvb3QtYXBwIiwic3ViIjoiNGM5NjE5NDQtN2VkZC00ZDZiLTg2MGUtYmJiZGNhODk0MDU4IiwidHlwIjoiQmVhcmVyIiwiYXpwIjoiYm9vdC1hcHAiLCJhdXRoX3RpbWUiOjE0ODg5MDkyNzMsInNlc3Npb25fc3RhdGUiOiJiMjdjMDZlNi02ODgwLTQxZTEtOTM2MS1jZmEzYzY2ZjYyNjAiLCJhY3IiOiIxIiwiY2xpZW50X3Nlc3Npb24iOiIyYjA5NTFiOC1iMjdkLTRlYWMtYjUxOC1kZTQ5OTA5OTY2ZDgiLCJhbGxvd2VkLW9yaWdpbnMiOltdLCJyZXNvdXJjZV9hY2Nlc3MiOnsiYm9vdC1hcGkiOnsicm9sZXMiOlsiYm9vdC1hcGktcm9sZSJdfSwiYm9vdC1hcHAiOnsicm9sZXMiOlsiYm9vdC1yb2xlIl19fSwibmFtZSI6IkFsaWNlICIsInByZWZlcnJlZF91c2VybmFtZSI6ImFsaWNlIiwiZ2l2ZW5fbmFtZSI6IkFsaWNlIiwiZmFtaWx5X25hbWUiOiIiLCJlbWFpbCI6ImFsaWNlQGV4YW1wbGUubmV0In0.NfF5rPMabu8gaigUHZnX3gIzNGAxKpmPP206U5keNtexNqsmQEFO4KT2i1JYLwvNVFnRWCa8FmYokAtzeHgLvHk2B8CZXqL6GSMGQ26wPS5RIFTak9HjfHMhodqSIdy4wZTKmEcum_uYTaCdrVRSfWU8l94xAY6OzwElZX5ulkucvgWQnpFs0HB7X54kB07OqpN8L3i1jeQoEV0iJchtxZiEOSipqMNO7cujMqB_6lf9i78URPuyExfeLzAWyDbMWSJBp3zUoS7HakwE_4oC3eVEYTxDtMRL2yl2_8R0C0g2Dc0Qb9aezFxo3-SDNuy9aicDmibEEOpIoetlrIYbNA"; OAuth2AccessToken accessToken = jwkTokenStore.readAccessToken(jwt); assertEquals(issuer, accessToken.getAdditionalInformation().get("iss")); }
From source file:com.orcid.api.common.server.delegator.impl.OrcidClientCredentialEndPointDelegatorImpl.java
protected Response getResponse(OAuth2AccessToken accessToken) { if (accessToken != null && accessToken.getAdditionalInformation() != null) { if (accessToken.getAdditionalInformation().containsKey(OrcidOauth2Constants.TOKEN_VERSION)) accessToken.getAdditionalInformation().remove(OrcidOauth2Constants.TOKEN_VERSION); if (accessToken.getAdditionalInformation().containsKey(OrcidOauth2Constants.PERSISTENT)) accessToken.getAdditionalInformation().remove(OrcidOauth2Constants.PERSISTENT); if (accessToken.getAdditionalInformation().containsKey(OrcidOauth2Constants.DATE_CREATED)) accessToken.getAdditionalInformation().remove(OrcidOauth2Constants.DATE_CREATED); }/*from ww w. j a v a 2 s . c o m*/ return Response.ok(accessToken).header("Cache-Control", "no-store").header("Pragma", "no-cache").build(); }
From source file:org.cloudfoundry.identity.uaa.oauth.TokenAdminEndpoints.java
private String getTokenValue(Collection<OAuth2AccessToken> tokens, String hash) { for (OAuth2AccessToken token : tokens) { try {//from w ww .ja v a 2s. c o m if (token.getAdditionalInformation().containsKey(JwtTokenEnhancer.TOKEN_ID) && hash.equals(token.getAdditionalInformation().get(JwtTokenEnhancer.TOKEN_ID)) || encoder.matches(token.getValue(), hash)) { return token.getValue(); } } catch (Exception e) { // it doesn't match } } return null; }
From source file:org.cloudfoundry.identity.uaa.oauth.JwtTokenEnhancerTests.java
@Test public void testEnhanceAccessToken() { OAuth2Authentication authentication = new OAuth2Authentication(new DefaultAuthorizationRequest("foo", null), userAuthentication);/*from w ww. j av a 2 s . c o m*/ OAuth2AccessToken token = tokenEnhancer.enhance(new DefaultOAuth2AccessToken("FOO"), authentication); assertNotNull(token.getValue()); assertEquals("FOO", token.getAdditionalInformation().get(JwtTokenEnhancer.TOKEN_ID)); String claims = JwtHelper.decode(token.getValue()).getClaims(); assertTrue("Wrong claims: " + claims, claims.contains("\"" + UserInfo.USER_ID + "\"")); assertTrue("Wrong claims: " + claims, claims.contains("\"" + JwtTokenEnhancer.TOKEN_ID + "\"")); }
From source file:com.haulmont.restapi.idp.IdpAuthLifecycleManager.java
protected String getIdpSessionId(OAuth2AccessToken accessToken) { Map<String, Object> details = accessToken.getAdditionalInformation(); if (details == null) { // OAuth2AccessToken does not contain details return null; }/* ww w . jav a2 s. c o m*/ return (String) details.get(IDP_SESSION_ID_TOKEN_ATTRIBUTE); }
From source file:com.ar.dev.tierra.api.config.security.CustomLogoutSuccessHandler.java
@Override public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { String token = request.getHeader(HEADER_AUTHORIZATION); if (token != null && token.startsWith(BEARER_AUTHENTICATION)) { OAuth2AccessToken oAuth2AccessToken = tokenStore.readAccessToken(token.split(" ")[1]); if (oAuth2AccessToken != null) { Calendar cal = Calendar.getInstance(); Date date = cal.getTime(); Map<String, Object> map = oAuth2AccessToken.getAdditionalInformation(); OAuth2Authentication auth = tokenStore.readAuthentication(oAuth2AccessToken); User user = (User) auth.getPrincipal(); Usuarios u = usuariosDAO.findUsuarioByUsername(user.getUsername()); u.setUltimaConexion(date);//from www .j a va2 s . c o m usuariosDAO.updateUsuario(u); tokenStore.removeAccessToken(oAuth2AccessToken); response.setStatus(HttpServletResponse.SC_OK); } else { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } } }