List of usage examples for org.springframework.security.oauth2.common OAuth2AccessToken getScope
Set<String> getScope();
From source file:org.cloudfoundry.identity.uaa.integration.ScimGroupEndpointsIntegrationTests.java
@Test public void testAccessTokenReflectsGroupMembershipForPasswordGrant() throws Exception { createTestClient(DELETE_ME, "secret", CFID); ScimUser user = createUser(DELETE_ME, "Passwo3d"); createGroup(CFID, new ScimGroupMember(user.getId())); OAuth2AccessToken token = getAccessTokenWithPassword(DELETE_ME, "secret", DELETE_ME, "Passwo3d"); assertTrue("Wrong token: " + token, token.getScope().contains(CFID)); deleteTestClient(DELETE_ME);/*from ww w . j av a 2s .c o m*/ deleteResource(userEndpoint, user.getId()); }
From source file:no.imr.common.security.jwt.DefaultAccessTokenConverter.java
public Map<String, ?> convertAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) { Map<String, Object> response = new HashMap<String, Object>(); OAuth2Request clientToken = authentication.getOAuth2Request(); if (!authentication.isClientOnly()) { response.putAll(userTokenConverter.convertUserAuthentication(authentication.getUserAuthentication())); } else {//www . ja va 2 s .c om if (clientToken.getAuthorities() != null && !clientToken.getAuthorities().isEmpty()) { response.put(UserAuthenticationConverter.AUTHORITIES, AuthorityUtils.authorityListToSet(clientToken.getAuthorities())); } } if (token.getScope() != null) { response.put(SCOPE, token.getScope()); } if (token.getAdditionalInformation().containsKey(JTI)) { response.put(JTI, token.getAdditionalInformation().get(JTI)); } if (token.getExpiration() != null) { response.put(EXP, token.getExpiration().getTime() / 1000); } if (includeGrantType && authentication.getOAuth2Request().getGrantType() != null) { response.put(GRANT_TYPE, authentication.getOAuth2Request().getGrantType()); } response.putAll(token.getAdditionalInformation()); response.put(CLIENT_ID, clientToken.getClientId()); if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) { response.put(AUD, clientToken.getResourceIds()); } return response; }
From source file:org.springframework.security.oauth2.common.OAuth2AccessTokenJackson2Serializer.java
@Override public void serialize(OAuth2AccessToken token, JsonGenerator jgen, SerializerProvider provider) throws IOException, JsonGenerationException { jgen.writeStartObject();//from w w w.j a v a2 s. c om jgen.writeStringField(OAuth2AccessToken.ACCESS_TOKEN, token.getValue()); jgen.writeStringField(OAuth2AccessToken.TOKEN_TYPE, token.getTokenType()); OAuth2RefreshToken refreshToken = token.getRefreshToken(); if (refreshToken != null) { jgen.writeStringField(OAuth2AccessToken.REFRESH_TOKEN, refreshToken.getValue()); } Date expiration = token.getExpiration(); if (expiration != null) { long now = System.currentTimeMillis(); jgen.writeNumberField(OAuth2AccessToken.EXPIRES_IN, (expiration.getTime() - now) / 1000); } Set<String> scope = token.getScope(); if (scope != null && !scope.isEmpty()) { StringBuffer scopes = new StringBuffer(); for (String s : scope) { Assert.hasLength(s, "Scopes cannot be null or empty. Got " + scope + ""); scopes.append(s); scopes.append(" "); } jgen.writeStringField(OAuth2AccessToken.SCOPE, scopes.substring(0, scopes.length() - 1)); } Map<String, Object> additionalInformation = token.getAdditionalInformation(); for (String key : additionalInformation.keySet()) { jgen.writeObjectField(key, additionalInformation.get(key)); } jgen.writeEndObject(); }
From source file:org.apigw.authserver.svc.impl.TokenServicesImplTest.java
@Test(expected = InvalidScopeException.class) @DirtiesContext/*from w w w .j ava 2s .c o m*/ public void testRefreshedTokenWithAnotherScope() throws Exception { services.setSupportRefreshToken(true); OAuth2Authentication expectedAuthentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, new HashSet<String>(Arrays.asList(READ_SCOPE))), new TestAuthentication(false)); OAuth2AccessToken accessToken = services.createAccessToken(expectedAuthentication); assertEquals("[" + READ_SCOPE + "]", accessToken.getScope().toString()); AuthorizationRequest request = createAuthorizationRequest(CLIENT, Collections.singleton(WRITE_SCOPE)); services.refreshAccessToken(accessToken.getRefreshToken().getValue(), request); }
From source file:org.apigw.authserver.svc.impl.TokenServicesImplTest.java
@Test @DirtiesContext/*from w w w . ja va 2s . c o m*/ public void testUnlimitedTokenExpiry() throws Exception { services.setAccessTokenValiditySeconds(0); OAuth2Authentication expectedAuthentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, Collections.singleton(READ_SCOPE)), new TestAuthentication(false)); OAuth2AccessToken accessToken = services.createAccessToken(expectedAuthentication); assertEquals("[" + READ_SCOPE + "]", accessToken.getScope().toString()); assertEquals(0, accessToken.getExpiresIn()); assertEquals(null, accessToken.getExpiration()); }
From source file:org.apigw.authserver.svc.impl.TokenServicesImplTest.java
@Test(expected = InvalidScopeException.class) @DirtiesContext// w w w . j a va2s. c o m public void testRefreshedTokenOnExistingClientAndScope() throws Exception { services.setSupportRefreshToken(true); OAuth2Authentication firstAuthentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, new HashSet<String>(Arrays.asList(READ_SCOPE))), new TestAuthentication(false)); OAuth2AccessToken firstAccessToken = services.createAccessToken(firstAuthentication); assertEquals("[" + READ_SCOPE + "]", firstAccessToken.getScope().toString()); OAuth2Authentication secondAuthentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, new HashSet<String>(Arrays.asList(READ_SCOPE, WRITE_SCOPE))), new TestAuthentication(false)); OAuth2AccessToken secondAccessToken = services.createAccessToken(secondAuthentication); assertEquals("[" + READ_SCOPE + ", " + WRITE_SCOPE + "]", secondAccessToken.getScope().toString()); assertEquals(2, authorizationGrantRepository.count()); for (AuthorizationGrant auth : authorizationGrantRepository.findAll()) { System.out.println(auth.getAuthenticationKey()); } AuthorizationRequest request = createAuthorizationRequest(CLIENT, Collections.singleton(READ_SCOPE)); services.refreshAccessToken(secondAccessToken.getRefreshToken().getValue(), request); }
From source file:org.apigw.authserver.svc.impl.TokenServicesImplTest.java
@Test @DirtiesContext/* www.j av a2 s. c o m*/ public void testRefreshedTokenWithNarrowedScope() throws Exception { services.setSupportRefreshToken(true); OAuth2Authentication expectedAuthentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, new HashSet<String>(Arrays.asList(READ_SCOPE, WRITE_SCOPE))), new TestAuthentication(false)); OAuth2AccessToken accessToken = services.createAccessToken(expectedAuthentication); assertEquals("[" + READ_SCOPE + ", " + WRITE_SCOPE + "]", accessToken.getScope().toString()); AuthorizationRequest request = createAuthorizationRequest(CLIENT, Collections.singleton(READ_SCOPE)); OAuth2AccessToken refreshedAccessToken = services .refreshAccessToken(accessToken.getRefreshToken().getValue(), request); assertEquals("[" + READ_SCOPE + "]", refreshedAccessToken.getScope().toString()); }
From source file:org.apigw.authserver.svc.impl.TokenServicesImplTest.java
@Test @DirtiesContext/*from w w w.j a v a 2 s . c o m*/ @Ignore public void testConcurrentTokenUpdate() throws InterruptedException { // ExpiringOAuth2RefreshToken expectedExpiringRefreshToken = new ExpiringOAuth2RefreshToken("testToken", new Date( // System.currentTimeMillis() + 100000)); final OAuth2Authentication authentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, Collections.singleton(READ_SCOPE)), new TestAuthentication(false)); final OAuth2AccessToken[] accessTokens = new OAuth2AccessToken[10]; for (int i = 0; i < 10; i++) { accessTokens[i] = services.createAccessToken(authentication); } int numberOfConcurrent = 1000; List<Thread> executors = new ArrayList<Thread>(); for (int i = 0; i < numberOfConcurrent; i++) { Thread concurrentUpdater = new Thread() { // private OAuth2Authentication innerAuthentication = authentication; // private TransactionalAuthServerTokenServicesDelegatorImpl innerServices = services; @Override public void run() { System.out.println("To run createAccessToken"); try { if (Math.random() > 0.8) { services.createAccessToken(authentication); } else { OAuth2AccessToken tk = accessTokens[(int) Math.floor(Math.random() * 10)]; AuthorizationRequest request = createAuthorizationRequest(CLIENT, tk.getScope()); services.refreshAccessToken(tk.getValue(), request); } } catch (Exception e) { e.printStackTrace(); // Thread.currentThread().interrupt(); // Assert.fail("Got exception: " + e.getMessage()); throw new RuntimeException("failed"); } System.out.println("Ran createAccessToken"); } }; executors.add(concurrentUpdater); } for (Thread executor : executors) { executor.start(); } for (Thread executor : executors) { executor.join(); } Assert.assertEquals(1, authorizationGrantRepository.count()); }
From source file:org.apigw.authserver.svc.impl.TokenServicesImplTest.java
@Test @DirtiesContext/* w w w . j a v a2s . c o m*/ public void testRefreshedTokenHasScopes() throws Exception { services.setSupportRefreshToken(true); OAuth2Authentication expectedAuthentication = new OAuth2Authentication( createAuthorizationRequest(CLIENT, Collections.singleton(READ_SCOPE)), new TestAuthentication(false)); OAuth2AccessToken accessToken = services.createAccessToken(expectedAuthentication); AuthorizationRequest request = createAuthorizationRequest(CLIENT, Collections.<String>emptySet()); OAuth2AccessToken refreshedAccessToken = services .refreshAccessToken(accessToken.getRefreshToken().getValue(), request); assertFalse(accessToken.getValue().equals(refreshedAccessToken.getValue())); assertEquals("[" + READ_SCOPE + "]", refreshedAccessToken.getScope().toString()); }
From source file:org.apigw.authserver.web.controller.CertifiedClientsController.java
private CertifiedClientDetails retrieveUserDetailsForCertifiedClient(String clientID, Map<String, Collection<OAuth2AccessToken>> accessTokens) { SimpleDateFormat formatter = getTimestampFormatter(); Date now = new Date(); CertifiedClientDetails certifiedClientDetails = new CertifiedClientDetails(); for (Map.Entry<String, Collection<OAuth2AccessToken>> entry : accessTokens.entrySet()) { //Find all users that match this client for (OAuth2AccessToken token : entry.getValue()) { if (token.getExpiration() == null || token.getExpiration().before(now)) { continue; }/*w w w.j a v a 2 s. c om*/ String tokenValue = token.getValue(); String userClientID = consumerTokenServices.getClientId(tokenValue); if (userClientID.equalsIgnoreCase(clientID)) { UserDetail userDetails = new UserDetail(); userDetails.setResidentId(entry.getKey()); if (token.getExpiration() != null) { userDetails.setExpires(formatter.format(token.getExpiration())); } String scopes = getScopesString(token.getScope()); userDetails.setScopes(scopes); Map<String, Object> addInfo = token.getAdditionalInformation(); userDetails.setGrantId(addInfo.get("authorization_grant_id").toString()); if (addInfo != null && addInfo.get("issue_date") != null && addInfo.get("issue_date") instanceof Date) { userDetails.setIssued(formatter.format(addInfo.get("issue_date"))); } if (certifiedClientDetails.getClientId() != null) { certifiedClientDetails.getUserDetails().add(userDetails); } else { CertifiedClient client = (CertifiedClient) clientDetailsService .loadClientByClientId(userClientID); certifiedClientDetails.setClientId(clientID); certifiedClientDetails.setClientName(client.getName()); certifiedClientDetails.setOrganization(client.getOrganization()); certifiedClientDetails.setDescription(client.getDescription()); certifiedClientDetails.getUserDetails().add(userDetails); } } } } return certifiedClientDetails; }