List of usage examples for org.springframework.security.oauth2.common OAuth2AccessToken getScope
Set<String> getScope();
From source file:org.springframework.security.oauth2.common.OAuth2AccessTokenJackson2DeserializerTests.java
private static void assertTokenEquals(OAuth2AccessToken expected, OAuth2AccessToken actual) { assertEquals(expected.getTokenType(), actual.getTokenType()); assertEquals(expected.getValue(), actual.getValue()); OAuth2RefreshToken expectedRefreshToken = expected.getRefreshToken(); if (expectedRefreshToken == null) { assertNull(actual.getRefreshToken()); } else {//w w w .jav a2 s . c o m assertEquals(expectedRefreshToken.getValue(), actual.getRefreshToken().getValue()); } assertEquals(expected.getScope(), actual.getScope()); Date expectedExpiration = expected.getExpiration(); if (expectedExpiration == null) { assertNull(actual.getExpiration()); } else { assertEquals(expectedExpiration.getTime(), actual.getExpiration().getTime()); } assertEquals(expected.getAdditionalInformation(), actual.getAdditionalInformation()); }
From source file:org.apigw.monitoring.svc.impl.MonitoredTokenServices.java
@Override @Transactional//from www .ja va 2 s . co m public boolean revokeToken(String tokenValue) { logger.debug("revokeToken - start"); String ssn = null; String clientId = null; try { OAuth2Authentication auth = tokenServices.loadAuthentication(tokenValue); OAuth2AccessToken accessToken = tokenServices.readAccessToken(tokenValue); Set<String> scope = accessToken.getScope(); User user = (User) auth.getUserAuthentication().getPrincipal(); if (user != null) { ssn = user.getUsername(); } clientId = auth.getAuthorizationRequest().getClientId(); boolean tokenRevoked = tokenServices.revokeToken(tokenValue); if (tokenRevoked) { monitorRevokeToken(clientId, scope, tokenValue, RequestState.SUCCESS, "Appen r inte lngre godknd fr anvndning", ssn); } else { monitorRevokeToken(clientId, scope, tokenValue, RequestState.SERVER_FAILURE, "Godknnande kunde ej tas bort", ssn); } logger.debug("revokeToken - end"); return tokenRevoked; } catch (ApigwMonitoringException e) { throw e; } catch (RuntimeException e) { monitorRevokeToken(clientId, null, tokenValue, RequestState.SERVER_FAILURE, e.getMessage(), ssn); throw e; } }
From source file:it.reply.orchestrator.service.security.UserInfoIntrospectingTokenService.java
@Override public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException { IndigoOAuth2Authentication auth = null; SignedJWT jwtToken = null;// w ww .java2 s . co m try { jwtToken = SignedJWT.parse(accessToken); } catch (Exception ex) { LOG.info("Invalid access token, access token <{}> is not a signed JWT", accessToken); return null; } try { // check if expired or not signed preValidate(jwtToken); OAuth2Authentication authentication = super.loadAuthentication(accessToken); OAuth2AccessToken token = super.readAccessToken(accessToken); if (authentication != null) { UserInfo userInfo = null; if (!authentication.isClientOnly() && token.getScope().contains("openid")) { userInfo = getUserInfo(authentication, jwtToken); } auth = new IndigoOAuth2Authentication(authentication, token, userInfo); } } catch (InvalidTokenException ex) { LOG.info("Invalid access token, {}", ex.getMessage()); return null; } catch (Exception ex) { // if there is an exception return a null authentication // (this will translate to an "invalid_token" response) LOG.info("Error validating access token", ex); return null; } return auth; }
From source file:org.apigw.monitoring.svc.impl.MonitoredTokenServices.java
@Override @Transactional/*from w ww . ja v a 2 s .co m*/ public OAuth2AccessToken createAccessToken(OAuth2Authentication authentication) throws AuthenticationException { logger.debug("createAccessToken - start"); String ssn = null; User user = (User) authentication.getPrincipal(); if (user != null) { ssn = user.getUsername(); } String clientId = authentication.getAuthorizationRequest().getClientId(); String code = authentication.getAuthorizationRequest().getAuthorizationParameters().get("code"); String tokenValue = null; Set<String> scope = new HashSet<>(); try { OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication); tokenValue = accessToken.getValue(); scope = accessToken.getScope(); monitorCreateAccessToken(clientId, scope, tokenValue, RequestState.SUCCESS, null, ssn, code); logger.debug("createAccessToken - end"); return accessToken; } catch (ApigwMonitoringException e) { throw e; } catch (RuntimeException e) { logger.error("error creating access token", e); monitorCreateAccessToken(clientId, scope, null, RequestState.SERVER_FAILURE, e.getMessage(), ssn, code); throw e; } }
From source file:org.apigw.monitoring.svc.impl.MonitoredTokenServices.java
@Override @Transactional//w w w . j a v a 2 s . com public OAuth2AccessToken createAccessToken(String citizenResidentIdentificationNumber, String clientId, Collection<String> scope) throws AuthenticationException { logger.debug("createAccessToken from trusted client - start"); String tokenValue = null; Set<String> scopeSet = new HashSet<>(); try { OAuth2AccessToken accessToken = tokenServices.createAccessToken(citizenResidentIdentificationNumber, clientId, scope); tokenValue = accessToken.getValue(); scopeSet = accessToken.getScope(); monitorCreateAccessToken(clientId, scopeSet, tokenValue, RequestState.SUCCESS, "TRUSTED", citizenResidentIdentificationNumber, "TRUSTED"); logger.debug("createAccessToken from trusted client - end"); return accessToken; } catch (ApigwMonitoringException e) { throw e; } catch (RuntimeException e) { logger.error("error creating access token from trusted client", e); monitorCreateAccessToken(clientId, scopeSet, tokenValue, RequestState.SERVER_FAILURE, e.getMessage(), citizenResidentIdentificationNumber, "TRUSTED"); throw e; } }
From source file:com.onedrive.api.internal.InternalTokenServices.java
public void saveAccessToken(OAuth2ProtectedResourceDetails resource, Authentication authentication, OAuth2AccessToken accessToken) { if (reference.getAccessTokenListener() != null) { AccessToken internalAccessToken = new AccessToken(); internalAccessToken.setAccessToken(accessToken.getValue()); internalAccessToken.setExpiration(accessToken.getExpiration()); internalAccessToken.setRefreshToken(accessToken.getRefreshToken().getValue()); internalAccessToken.setScope(accessToken.getScope()); internalAccessToken.setTokenType(accessToken.getTokenType()); reference.getAccessTokenListener().onAccessTokenReceived(reference, internalAccessToken); }/*from w w w . j a v a2s . co m*/ }
From source file:org.cloudfoundry.identity.uaa.oauth.DefaultTokenConverter.java
@Override public Map<String, ?> convertAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) { Map<String, Object> response = new HashMap<String, Object>(); AuthorizationRequest clientToken = authentication.getAuthorizationRequest(); if (!authentication.isClientOnly()) { response.putAll(userTokenConverter.convertUserAuthentication(authentication.getUserAuthentication())); }//from w w w .jav a 2s . c o m response.put(OAuth2AccessToken.SCOPE, token.getScope()); if (token.getAdditionalInformation().containsKey(JwtTokenEnhancer.TOKEN_ID)) { response.put(JwtTokenEnhancer.TOKEN_ID, token.getAdditionalInformation().get(JwtTokenEnhancer.TOKEN_ID)); } if (token.getExpiration() != null) { response.put("exp", token.getExpiration().getTime() / 1000); } response.putAll(token.getAdditionalInformation()); response.put("client_id", clientToken.getClientId()); if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) { response.put("aud", clientToken.getResourceIds()); } return response; }
From source file:org.apigw.authserver.web.controller.RevocationController.java
@RequestMapping(method = RequestMethod.GET, params = { "clientId" })
public @ResponseBody String revoke(@RequestParam("clientId") String clientId) {
log.debug("revoke(clientId: {})", clientId);
Collection<OAuth2AccessToken> tokens = tokenServices.findTokensByClientId(clientId);
for (OAuth2AccessToken token : tokens) {
try {/*w w w. j av a 2 s . c o m*/
OAuth2Authentication auth = tokenServices.loadAuthentication(token.getValue());
tokenServices.revokeToken(token.getValue());
User user = (User) auth.getUserAuthentication().getPrincipal();
monitoringService.logRevokeAccessToken(System.currentTimeMillis(), token.getValue(), clientId,
token.getScope(), "SUCCESS", "Appen r inte lngre godknd fr anvndning",
user.getUsername());
} catch (AuthenticationException e) {
log.debug("Access token is already invalid (" + e.getMessage() + ")");
} catch (Throwable e) {
log.error("Error while trying to revoke access token", e);
}
}
return "Revoked all authorizations (" + tokens.size() + ") for client: " + clientId;
}
From source file:org.apigw.monitoring.svc.impl.MonitoredTokenServices.java
@Override @Transactional/*w w w . j a v a 2 s.c om*/ public OAuth2AccessToken createAccessToken(String legalGuardianResidentIdentificationNumber, String citizenResidentIdentificationNumber, String clientId, Collection<String> scope) throws AuthenticationException, LegalGuardianValidationException { logger.debug("createAccessToken from trusted client for legalGuardian - start"); String tokenValue = null; Set<String> scopeSet = new HashSet<>(); String user = legalGuardianResidentIdentificationNumber + "/" + citizenResidentIdentificationNumber; try { OAuth2AccessToken accessToken = tokenServices.createAccessToken( legalGuardianResidentIdentificationNumber, citizenResidentIdentificationNumber, clientId, scope); tokenValue = accessToken.getValue(); scopeSet = accessToken.getScope(); monitorCreateAccessToken(clientId, scopeSet, tokenValue, RequestState.SUCCESS, "TRUSTED", user, "TRUSTED"); logger.debug("createAccessToken from trusted client for legalGuardian - end"); return accessToken; } catch (ApigwMonitoringException e) { throw e; } catch (RuntimeException e) { logger.error("error creating access token from trusted client for legalGuardian", e); monitorCreateAccessToken(clientId, scopeSet, tokenValue, RequestState.SERVER_FAILURE, e.getMessage(), user, "TRUSTED"); throw e; } }
From source file:org.cloudfoundry.identity.uaa.integration.ScimGroupEndpointsIntegrationTests.java
@Test public void testAccessTokenReflectsGroupMembership() throws Exception { createTestClient(DELETE_ME, "secret", CFID); ScimUser user = createUser(DELETE_ME, "Passwo3d"); createGroup(CFID, new ScimGroupMember(user.getId())); OAuth2AccessToken token = getAccessToken(DELETE_ME, "secret", DELETE_ME, "Passwo3d"); assertTrue("Wrong token: " + token, token.getScope().contains(CFID)); deleteTestClient(DELETE_ME);// w w w. j av a2 s .c o m deleteResource(userEndpoint, user.getId()); }