Example usage for org.springframework.security.oauth2.provider AuthorizationRequest AuthorizationRequest

List of usage examples for org.springframework.security.oauth2.provider AuthorizationRequest AuthorizationRequest

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.oauth2.provider.*
  5. AuthorizationRequest
  6. AuthorizationRequest

Introduction

In this page you can find the example usage for org.springframework.security.oauth2.provider AuthorizationRequest AuthorizationRequest.

Prototype

public AuthorizationRequest(String clientId, Collection<String> scopes)

Source Link

Document

Convenience constructor for unit tests, where client ID and scope are often the only needed fields.

Usage

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testCreateAccessTokenForAClientInAnotherIdentityZone() {
    String subdomain = "test-zone-subdomain";
    IdentityZone identityZone = getIdentityZone(subdomain);
    identityZone.setConfig(JsonUtils.readValue(
            "{\"tokenPolicy\":{\"accessTokenValidity\":3600,\"refreshTokenValidity\":7200}}",
            IdentityZoneConfiguration.class));
    IdentityZoneHolder.set(identityZone);
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, clientScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, CLIENT_CREDENTIALS);
    authorizationRequest.setRequestParameters(azParameters);

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            null);/*from  w w w  .j a  va 2 s  .c  o  m*/

    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);

    this.assertCommonClientAccessTokenProperties(accessToken);
    assertThat(accessToken, validFor(is(3600)));
    assertThat(accessToken, issuerUri(is("http://" + subdomain + ".localhost:8080/uaa/oauth/token")));
    assertThat(accessToken.getRefreshToken(), is(nullValue()));
    validateExternalAttributes(accessToken);

    Assert.assertEquals(1, publisher.getEventCount());

    this.assertCommonEventProperties(accessToken, CLIENT_ID, expectedJson);
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testCreateAccessTokenAuthcodeGrant() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, AUTHORIZATION_CODE);
    authorizationRequest.setRequestParameters(azParameters);
    Authentication userAuthentication = defaultUserAuthentication;

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            userAuthentication);// www  .ja  v a 2 s  .c  om
    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);

    validateAccessAndRefreshToken(accessToken);
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testCreateAccessTokenAuthcodeGrantSwitchedPrimaryKey() {
    String originalPrimaryKeyId = tokenPolicy.getActiveKeyId();
    try {//from   www  . jav  a2s .c  om
        tokenPolicy.setActiveKeyId("otherKey");

        AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
        authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
        Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
        azParameters.put(GRANT_TYPE, AUTHORIZATION_CODE);
        authorizationRequest.setRequestParameters(azParameters);
        Authentication userAuthentication = defaultUserAuthentication;

        OAuth2Authentication authentication = new OAuth2Authentication(
                authorizationRequest.createOAuth2Request(), userAuthentication);
        OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);

        validateAccessAndRefreshToken(accessToken);
    } finally {
        tokenPolicy.setActiveKeyId(originalPrimaryKeyId);
    }
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testCreateAccessTokenPasswordGrant() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, PASSWORD);
    authorizationRequest.setRequestParameters(azParameters);
    Authentication userAuthentication = defaultUserAuthentication;

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            userAuthentication);//from  w  w w .  j  a  va 2s . c  o  m
    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);

    validateAccessAndRefreshToken(accessToken);
    tokenServices.loadAuthentication(accessToken.getValue());

    //ensure that we can load without user_name claim
    tokenServices.setExcludedClaims(new HashSet(
            Arrays.asList(ClaimConstants.AUTHORITIES, ClaimConstants.USER_NAME, ClaimConstants.EMAIL)));
    accessToken = tokenServices.createAccessToken(authentication);
    assertNotNull(tokenServices.loadAuthentication(accessToken.getValue()).getUserAuthentication());

}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testClientSecret_Added_Token_Validation_Still_Works() {

    defaultClient.setClientSecret(SECRET);

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, PASSWORD);
    authorizationRequest.setRequestParameters(azParameters);
    Authentication userAuthentication = defaultUserAuthentication;

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            userAuthentication);/*from  ww  w  . j a  va  2s .  co  m*/
    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);
    //normal token validation
    tokenServices.loadAuthentication(accessToken.getValue());

    //add a 2nd secret
    defaultClient.setClientSecret(defaultClient.getClientSecret() + " newsecret");
    tokenServices.loadAuthentication(accessToken.getValue());

    //generate a token when we have two secrets
    OAuth2AccessToken accessToken2 = tokenServices.createAccessToken(authentication);

    //remove the 1st secret
    defaultClient.setClientSecret("newsecret");
    try {
        tokenServices.loadAuthentication(accessToken.getValue());
        fail("Token should fail to validate on the revocation signature");
    } catch (InvalidTokenException e) {
        assertTrue(e.getMessage().contains("revocable signature mismatch"));
    }
    tokenServices.loadAuthentication(accessToken2.getValue());

    OAuth2AccessToken accessToken3 = tokenServices.createAccessToken(authentication);
    tokenServices.loadAuthentication(accessToken3.getValue());
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

protected TokenRequest getRefreshTokenRequest(Map<String, String> requestParameters) {
    AuthorizationRequest refreshAuthorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    refreshAuthorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    refreshAuthorizationRequest.setRequestParameters(requestParameters);
    Map<String, String> refreshAzParameters = new HashMap<>(refreshAuthorizationRequest.getRequestParameters());
    refreshAzParameters.put(GRANT_TYPE, REFRESH_TOKEN);
    refreshAuthorizationRequest.setRequestParameters(refreshAzParameters);
    return requestFactory.createTokenRequest(refreshAuthorizationRequest, "refresh_token");
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void createAccessToken_usingRefreshGrant_inOtherZone() throws Exception {
    String subdomain = "test-zone-subdomain";
    IdentityZone identityZone = getIdentityZone(subdomain);
    identityZone.setConfig(JsonUtils.readValue(
            "{\"tokenPolicy\":{\"accessTokenValidity\":3600,\"refreshTokenValidity\":9600}}",
            IdentityZoneConfiguration.class));
    IdentityZoneHolder.set(identityZone);

    OAuth2AccessToken accessToken = getOAuth2AccessToken();

    AuthorizationRequest refreshAuthorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    refreshAuthorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> refreshAzParameters = new HashMap<>(refreshAuthorizationRequest.getRequestParameters());
    refreshAzParameters.put(GRANT_TYPE, REFRESH_TOKEN);
    refreshAuthorizationRequest.setRequestParameters(refreshAzParameters);

    OAuth2AccessToken refreshedAccessToken = tokenServices.refreshAccessToken(
            accessToken.getRefreshToken().getValue(),
            requestFactory.createTokenRequest(refreshAuthorizationRequest, "refresh_token"));
    assertEquals(refreshedAccessToken.getRefreshToken().getValue(), accessToken.getRefreshToken().getValue());

    this.assertCommonUserAccessTokenProperties(refreshedAccessToken);
    assertThat(refreshedAccessToken,//from  w w w  .  ja v  a2  s  .  c  om
            issuerUri(is("http://test-zone-subdomain.localhost:8080/uaa/oauth/token")));
    assertThat(refreshedAccessToken, scope(is(requestedAuthScopes)));
    assertThat(refreshedAccessToken, validFor(is(3600)));
    validateExternalAttributes(accessToken);
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

private OAuth2AccessToken getOAuth2AccessToken() {
    expiresAt.add(Calendar.MILLISECOND, 300000);
    updatedAt.add(Calendar.MILLISECOND, -1000);

    approvalStore.addApproval(new Approval().setUserId(userId).setClientId(CLIENT_ID).setScope(readScope.get(0))
            .setExpiresAt(expiresAt.getTime()).setStatus(ApprovalStatus.APPROVED)
            .setLastUpdatedAt(updatedAt.getTime()));
    approvalStore.addApproval(new Approval().setUserId(userId).setClientId(CLIENT_ID)
            .setScope(writeScope.get(0)).setExpiresAt(expiresAt.getTime()).setStatus(ApprovalStatus.APPROVED)
            .setLastUpdatedAt(updatedAt.getTime()));
    approvalStore.addApproval(new Approval().setUserId(userId).setClientId(CLIENT_ID).setScope(OPENID)
            .setExpiresAt(expiresAt.getTime()).setStatus(ApprovalStatus.APPROVED)
            .setLastUpdatedAt(updatedAt.getTime()));

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, AUTHORIZATION_CODE);
    authorizationRequest.setRequestParameters(azParameters);
    Authentication userAuthentication = defaultUserAuthentication;

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            userAuthentication);/*from  w  w  w . j  a v a  2 s  .c om*/
    return tokenServices.createAccessToken(authentication);
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testCreateAccessTokenRefreshGrantAllScopesAutoApproved() throws InterruptedException {
    BaseClientDetails clientDetails = cloneClient(defaultClient);
    clientDetails.setAutoApproveScopes(singleton("true"));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap(CLIENT_ID, clientDetails));

    // NO APPROVALS REQUIRED

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, AUTHORIZATION_CODE);
    authorizationRequest.setRequestParameters(azParameters);
    Authentication userAuthentication = defaultUserAuthentication;

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            userAuthentication);/*from w ww  .jav  a2s  .c o  m*/
    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);

    this.assertCommonUserAccessTokenProperties(accessToken);
    assertThat(accessToken, issuerUri(is(ISSUER_URI)));
    assertThat(accessToken, scope(is(requestedAuthScopes)));
    assertThat(accessToken, validFor(is(60 * 60 * 12)));

    OAuth2RefreshToken refreshToken = accessToken.getRefreshToken();
    this.assertCommonUserRefreshTokenProperties(refreshToken);
    assertThat(refreshToken, OAuth2RefreshTokenMatchers.issuerUri(is(ISSUER_URI)));
    assertThat(refreshToken, OAuth2RefreshTokenMatchers.validFor(is(60 * 60 * 24 * 30)));

    this.assertCommonEventProperties(accessToken, userId, buildJsonString(requestedAuthScopes));

    AuthorizationRequest refreshAuthorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    refreshAuthorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> refreshAzParameters = new HashMap<>(refreshAuthorizationRequest.getRequestParameters());
    refreshAzParameters.put(GRANT_TYPE, REFRESH_TOKEN);
    refreshAuthorizationRequest.setRequestParameters(refreshAzParameters);

    OAuth2AccessToken refreshedAccessToken = tokenServices.refreshAccessToken(
            accessToken.getRefreshToken().getValue(),
            requestFactory.createTokenRequest(refreshAuthorizationRequest, "refresh_token"));

    assertEquals(refreshedAccessToken.getRefreshToken().getValue(), accessToken.getRefreshToken().getValue());

    this.assertCommonUserAccessTokenProperties(refreshedAccessToken);
    assertThat(refreshedAccessToken, issuerUri(is(ISSUER_URI)));
    assertThat(refreshedAccessToken, scope(is(requestedAuthScopes)));
    assertThat(refreshedAccessToken, validFor(is(60 * 60 * 12)));
    assertThat(accessToken.getRefreshToken(), is(not(nullValue())));
}

From source file:org.cloudfoundry.identity.uaa.oauth.UaaTokenServicesTests.java

@Test
public void testCreateAccessTokenRefreshGrantSomeScopesAutoApprovedDowngradedRequest()
        throws InterruptedException {
    BaseClientDetails clientDetails = cloneClient(defaultClient);
    clientDetails.setAutoApproveScopes(singleton("true"));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap(CLIENT_ID, clientDetails));

    // NO APPROVALS REQUIRED

    AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, requestedAuthScopes);
    authorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters());
    azParameters.put(GRANT_TYPE, AUTHORIZATION_CODE);
    authorizationRequest.setRequestParameters(azParameters);
    Authentication userAuthentication = defaultUserAuthentication;

    OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(),
            userAuthentication);/*from  ww  w .  ja  v a 2  s  . c  o  m*/

    OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication);

    this.assertCommonUserAccessTokenProperties(accessToken);
    assertThat(accessToken, issuerUri(is(ISSUER_URI)));
    assertThat(accessToken, scope(is(requestedAuthScopes)));
    assertThat(accessToken, validFor(is(60 * 60 * 12)));

    OAuth2RefreshToken refreshToken = accessToken.getRefreshToken();
    this.assertCommonUserRefreshTokenProperties(refreshToken);
    assertThat(refreshToken, OAuth2RefreshTokenMatchers.issuerUri(is(ISSUER_URI)));
    assertThat(refreshToken, OAuth2RefreshTokenMatchers.validFor(is(60 * 60 * 24 * 30)));

    this.assertCommonEventProperties(accessToken, userId, buildJsonString(requestedAuthScopes));

    AuthorizationRequest refreshAuthorizationRequest = new AuthorizationRequest(CLIENT_ID, readScope);
    refreshAuthorizationRequest.setResourceIds(new HashSet<>(resourceIds));
    Map<String, String> refreshAzParameters = new HashMap<>(refreshAuthorizationRequest.getRequestParameters());
    refreshAzParameters.put(GRANT_TYPE, REFRESH_TOKEN);
    refreshAuthorizationRequest.setRequestParameters(refreshAzParameters);

    OAuth2AccessToken refreshedAccessToken = tokenServices.refreshAccessToken(
            accessToken.getRefreshToken().getValue(),
            requestFactory.createTokenRequest(refreshAuthorizationRequest, "refresh_token"));

    assertEquals(refreshedAccessToken.getRefreshToken().getValue(), accessToken.getRefreshToken().getValue());

    this.assertCommonUserAccessTokenProperties(refreshedAccessToken);
    assertThat(refreshedAccessToken, issuerUri(is(ISSUER_URI)));
    assertThat(refreshedAccessToken, validFor(is(60 * 60 * 12)));
    assertThat(accessToken.getRefreshToken(), is(not(nullValue())));
}