List of usage examples for org.springframework.security.oauth2.provider.client BaseClientDetails BaseClientDetails
public BaseClientDetails()
From source file:com.ge.predix.uaa.token.lib.FastTokenServices.java
@Override public OAuth2Authentication loadAuthentication(final String accessToken) throws AuthenticationException { Map<String, Object> claims; try {/*from w w w . j a v a 2 s.co m*/ claims = getTokenClaims(accessToken); } catch (IllegalArgumentException e) { LOG.error("Malformed Access Token: " + accessToken); LOG.error(e); throw new InvalidTokenException("Malformed Access Token", e); } String iss = getIssuerFromClaims(claims); verifyIssuer(iss); // check if the singerProvider for that issuer has already in the cache SignatureVerifier verifier = this.tokenKeys.get(iss); if (null == verifier) { String tokenKey = getTokenKey(iss); verifier = getVerifier(tokenKey); this.tokenKeys.put(iss, verifier); } JwtHelper.decodeAndVerify(accessToken, verifier); verifyTimeWindow(claims); Assert.state(claims.containsKey("client_id"), "Client id must be present in response from auth server"); String remoteClientId = (String) claims.get("client_id"); Set<String> scope = new HashSet<>(); if (claims.containsKey("scope")) { @SuppressWarnings("unchecked") Collection<String> values = (Collection<String>) claims.get("scope"); scope.addAll(values); } AuthorizationRequest clientAuthentication = new AuthorizationRequest(remoteClientId, scope); if (claims.containsKey("resource_ids") || claims.containsKey("client_authorities")) { Set<String> resourceIds = new HashSet<>(); if (claims.containsKey("resource_ids")) { @SuppressWarnings("unchecked") Collection<String> values = (Collection<String>) claims.get("resource_ids"); resourceIds.addAll(values); } Set<GrantedAuthority> clientAuthorities = new HashSet<>(); if (claims.containsKey("client_authorities")) { @SuppressWarnings("unchecked") Collection<String> values = (Collection<String>) claims.get("client_authorities"); clientAuthorities.addAll(getAuthorities(values)); } BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId(remoteClientId); clientDetails.setResourceIds(resourceIds); clientDetails.setAuthorities(clientAuthorities); clientAuthentication.setResourceIdsAndAuthoritiesFromClientDetails(clientDetails); } Map<String, String> requestParameters = new HashMap<>(); if (isStoreClaims()) { for (Map.Entry<String, Object> entry : claims.entrySet()) { if (entry.getValue() != null && entry.getValue() instanceof String) { requestParameters.put(entry.getKey(), (String) entry.getValue()); } } } if (claims.containsKey(Claims.ADDITIONAL_AZ_ATTR)) { try { requestParameters.put(Claims.ADDITIONAL_AZ_ATTR, JsonUtils.writeValueAsString(claims.get(Claims.ADDITIONAL_AZ_ATTR))); } catch (JsonUtils.JsonUtilException e) { throw new IllegalStateException("Cannot convert access token to JSON", e); } } clientAuthentication.setRequestParameters(Collections.unmodifiableMap(requestParameters)); Authentication userAuthentication = getUserAuthentication(claims, scope); clientAuthentication.setApproved(true); return new OAuth2Authentication(clientAuthentication.createOAuth2Request(), userAuthentication); }
From source file:com.ge.predix.test.utils.UaaTestUtil.java
private void createClientWithAuthorities(final String clientId, final String clientSecret, final Collection<? extends GrantedAuthority> authorities) { BaseClientDetails client = new BaseClientDetails(); client.setAuthorities(authorities);/* www . java2 s. c o m*/ client.setAuthorizedGrantTypes(Arrays.asList(new String[] { "client_credentials" })); client.setClientId(clientId); client.setClientSecret(clientSecret); client.setResourceIds(Arrays.asList(new String[] { "uaa.none" })); createOrUpdateClient(client); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test public void testAddClientWithNoDetails() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("addedClientIdWithNoDetails"); fixture.addClientDetails(clientDetails); DBObject map = collection.findOne(new BasicDBObject("clientId", "addedClientIdWithNoDetails")); assertEquals("addedClientIdWithNoDetails", map.get("clientId")); assertFalse(map.containsField("clientSecret")); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test(expected = ClientAlreadyExistsException.class) public void testInsertDuplicateClient() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("duplicateClientIdWithNoDetails"); fixture.addClientDetails(clientDetails); fixture.addClientDetails(clientDetails); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test public void testUpdateClientSecret() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("newClientIdWithNoDetails"); fixture.setPasswordEncoder(new PasswordEncoder() { public boolean matches(CharSequence rawPassword, String encodedPassword) { return true; }//from w w w . j a v a2 s . co m public String encode(CharSequence rawPassword) { return "BAR"; } }); fixture.addClientDetails(clientDetails); fixture.updateClientSecret(clientDetails.getClientId(), "foo"); DBObject map = collection.findOne(new BasicDBObject("clientId", "newClientIdWithNoDetails")); assertEquals("newClientIdWithNoDetails", map.get("clientId")); assertTrue(map.containsField("clientSecret")); assertEquals("BAR", map.get("clientSecret")); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test public void testUpdateClientRedirectURI() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("newClientIdWithNoDetails"); fixture.addClientDetails(clientDetails); String[] redirectURI = { "http://localhost:8080", "http://localhost:9090" }; clientDetails.setRegisteredRedirectUri(new HashSet<String>(Arrays.asList(redirectURI))); fixture.updateClientDetails(clientDetails); DBObject map = collection.findOne(new BasicDBObject("clientId", "newClientIdWithNoDetails")); assertEquals("newClientIdWithNoDetails", map.get("clientId")); assertTrue(map.containsField("registeredRedirectUris")); assertEquals(new HashSet<String>(Arrays.asList("http://localhost:8080", "http://localhost:9090")), map.get("registeredRedirectUris")); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test(expected = NoSuchClientException.class) public void testUpdateNonExistentClient() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("nosuchClientIdWithNoDetails"); fixture.updateClientDetails(clientDetails); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test public void testRemoveClient() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("deletedClientIdWithNoDetails"); fixture.addClientDetails(clientDetails); fixture.removeClientDetails(clientDetails.getClientId()); long count = collection.count(new BasicDBObject("clientId", "deletedClientIdWithNoDetails")); assertEquals(0, count);/*from ww w .j ava2s . c o m*/ }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test(expected = NoSuchClientException.class) public void testRemoveNonExistentClient() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("nosuchClientIdWithNoDetails"); fixture.removeClientDetails(clientDetails.getClientId()); }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsServiceTests.java
@Test public void testFindClients() { BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId("aclient"); fixture.addClientDetails(clientDetails); int count = fixture.listClientDetails().size(); assertEquals(1, count);//from w ww . ja v a 2 s . co m }