List of usage examples for org.springframework.security.oauth2.provider.client BaseClientDetails BaseClientDetails
public BaseClientDetails(String clientId, String resourceIds, String scopes, String grantTypes,
String authorities, String redirectUris)
From source file:it.smartcommunitylab.aac.model.ClientDetailsRowMapper.java
public ClientDetails mapRow(ResultSet rs, int rowNum) throws SQLException { BaseClientDetails details = new BaseClientDetails(rs.getString("client_id"), rs.getString("resource_ids"), rs.getString("scope"), rs.getString("authorized_grant_types"), rs.getString("authorities"), rs.getString("web_server_redirect_uri")); details.setClientSecret(rs.getString("client_secret")); if (rs.getObject("access_token_validity") != null) { details.setAccessTokenValiditySeconds(rs.getInt("access_token_validity")); }/*from w w w . j av a 2 s . c o m*/ if (rs.getObject("refresh_token_validity") != null) { details.setRefreshTokenValiditySeconds(rs.getInt("refresh_token_validity")); } String json = rs.getString("additional_information"); if (json != null) { try { @SuppressWarnings("unchecked") Map<String, Object> additionalInformation = mapper.readValue(json, Map.class); details.setAdditionalInformation(additionalInformation); } catch (Exception e) { logger.warn("Could not decode JSON for additional information: " + details, e); } } else { details.setAdditionalInformation(new HashMap<String, Object>()); } // merge developer roles into authorities it.smartcommunitylab.aac.model.User developer = userRepository.findOne(rs.getLong("developerId")); if (developer != null) { List<GrantedAuthority> list = new LinkedList<GrantedAuthority>(); if (details.getAuthorities() != null) list.addAll(details.getAuthorities()); list.addAll(developer.getRoles().stream().filter(r -> !StringUtils.isEmpty(r.getContext())) .collect(Collectors.toList())); details.setAuthorities(list); } return details; }
From source file:org.cloudfoundry.identity.uaa.servicebroker.service.UaaServiceInstanceService.java
@Override public ServiceInstance createServiceInstance(ServiceDefinition service, String serviceInstanceId, String planId, String organizationGuid, String spaceGuid) throws ServiceInstanceExistsException, ServiceBrokerException { // TODO: Return new ServiceInstanceExistsException if service instance exists BaseClientDetails clientDetails = new BaseClientDetails(serviceInstanceId, "", "", "authorization_code,refresh_token", "", ""); clientDetails.setClientSecret(serviceInstanceId + "secret"); clientDetails = uaaRestTemplate.postForObject("http://localhost:8081/uaa/oauth/clients", clientDetails, BaseClientDetails.class); // TODO: Store ServiceInstance in repository return new ServiceInstance(serviceInstanceId, service.getId(), planId, organizationGuid, spaceGuid, ""); }
From source file:com.vivastream.security.oauth2.provider.DynamoDBClientDetailsService.java
protected ClientDetails createClientDetails(String clientId, String resourceIds, String scopes, String grantTypes, String authorities, String redirectUris, String clientSecret, Map<String, AttributeValue> attributeValues) { BaseClientDetails cd = new BaseClientDetails(clientId, resourceIds, scopes, grantTypes, authorities, redirectUris);//from w w w . jav a 2 s . com cd.setClientSecret(clientSecret); return cd; }
From source file:com.cedac.security.oauth2.provider.client.MongoClientDetailsService.java
@SuppressWarnings("unchecked") private ClientDetails toClientDetails(DBObject dbo) { final String clientId = (String) dbo.get(clientIdFieldName); final String resourceIds = collectionToCommaDelimitedString((Collection) dbo.get(resourceIdsFieldName)); final String scopes = collectionToCommaDelimitedString((Collection) dbo.get(scopeFieldName)); final String grantTypes = collectionToCommaDelimitedString( (Collection) dbo.get(authorizedGrantTypesFieldName)); final String authorities = collectionToCommaDelimitedString((Collection) dbo.get(authoritiesFieldName)); final String redirectUris = collectionToCommaDelimitedString( (Collection) dbo.get(registeredRedirectUrisFieldName)); BaseClientDetails clientDetails = new BaseClientDetails(clientId, resourceIds, scopes, grantTypes, authorities, redirectUris);// w ww. j a va 2s. c o m clientDetails.setClientSecret((String) dbo.get(clientSecretFieldName)); clientDetails.setAccessTokenValiditySeconds((Integer) dbo.get(accessTokenValidityFieldName)); clientDetails.setRefreshTokenValiditySeconds((Integer) dbo.get(refreshTokenValidityFieldName)); Object autoApprove = dbo.get(autoApproveFieldName); if (autoApprove != null) { if (autoApprove instanceof String) { clientDetails.setAutoApproveScopes(Collections.singleton((String) autoApprove)); } else { clientDetails.setAutoApproveScopes((Collection<String>) dbo.get(autoApproveFieldName)); } } DBObject additionalInfo = (DBObject) dbo.get(additionalInformationFieldName); if (additionalInfo != null) { for (String key : additionalInfo.keySet()) { clientDetails.addAdditionalInformation(key, additionalInfo.get(key)); } } return clientDetails; }
From source file:org.cloudfoundry.identity.uaa.client.ClientAdminBootstrap.java
private void addNewClients() throws Exception { for (Map.Entry<String, Map<String, Object>> entry : clients.entrySet()) { String clientId = entry.getKey(); Map<String, Object> map = entry.getValue(); BaseClientDetails client = new BaseClientDetails(clientId, (String) map.get("resource-ids"), (String) map.get("scope"), (String) map.get("authorized-grant-types"), (String) map.get("authorities"), getRedirectUris(map)); client.setClientSecret((String) map.get("secret")); Integer validity = (Integer) map.get("access-token-validity"); Boolean override = (Boolean) map.get("override"); if (override == null) { override = defaultOverride;// w ww . j a v a 2 s . co m } Map<String, Object> info = new HashMap<String, Object>(map); if (validity != null) { client.setAccessTokenValiditySeconds(validity); } validity = (Integer) map.get("refresh-token-validity"); if (validity != null) { client.setRefreshTokenValiditySeconds(validity); } // UAA does not use the resource ids in client registrations client.setResourceIds(Collections.singleton("none")); if (client.getScope().isEmpty()) { client.setScope(Collections.singleton("uaa.none")); } if (client.getAuthorities().isEmpty()) { client.setAuthorities(Collections.singleton(UaaAuthority.UAA_NONE)); } if (client.getAuthorizedGrantTypes().contains("authorization_code")) { client.getAuthorizedGrantTypes().add("refresh_token"); } for (String key : Arrays.asList("resource-ids", "scope", "authorized-grant-types", "authorities", "redirect-uri", "secret", "id", "override", "access-token-validity", "refresh-token-validity", "show-on-homepage", "app-launch-url", "app-icon")) { info.remove(key); } client.setAdditionalInformation(info); try { clientRegistrationService.addClientDetails(client); } catch (ClientAlreadyExistsException e) { if (override == null || override) { logger.debug("Overriding client details for " + clientId); clientRegistrationService.updateClientDetails(client); if (StringUtils.hasText(client.getClientSecret()) && didPasswordChange(clientId, client.getClientSecret())) { clientRegistrationService.updateClientSecret(clientId, client.getClientSecret()); } } else { // ignore it logger.debug(e.getMessage()); } } ClientMetadata clientMetadata = buildClientMetadata(map, clientId); clientMetadataProvisioning.update(clientMetadata); } }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginIT.java
protected BaseClientDetails createClientAndSpecifyProvider(String clientId, IdentityProvider provider, String redirectUri) throws Exception { RestTemplate identityClient = IntegrationTestUtils.getClientCredentialsTempate(IntegrationTestUtils .getClientCredentialsResource(baseUrl, new String[0], "identity", "identitysecret")); RestTemplate adminClient = IntegrationTestUtils.getClientCredentialsTempate( IntegrationTestUtils.getClientCredentialsResource(baseUrl, new String[0], "admin", "adminsecret")); String email = new RandomValueStringGenerator().generate() + "@samltesting.org"; ScimUser user = IntegrationTestUtils.createUser(adminClient, baseUrl, email, "firstname", "lastname", email, true);/* w w w. ja v a 2s . com*/ IntegrationTestUtils.makeZoneAdmin(identityClient, baseUrl, user.getId(), Origin.UAA); String zoneAdminToken = IntegrationTestUtils.getAuthorizationCodeToken(serverRunning, UaaTestAccounts.standard(serverRunning), "identity", "identitysecret", email, "secr3T"); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "openid", "authorization_code", "uaa.resource", redirectUri); clientDetails.setClientSecret("secret"); List<String> idps = Arrays.asList(provider.getOriginKey()); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, idps); clientDetails.addAdditionalInformation(ClientConstants.AUTO_APPROVE, true); IntegrationTestUtils.createClient(zoneAdminToken, baseUrl, clientDetails); return clientDetails; }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginIT.java
@Test public void testSamlLoginClientIDPAuthorizationAutomaticRedirectInZone1() throws Exception { //ensure we are able to resolve DNS for hostname testzone1.localhost assumeTrue("Expected testzone1/2.localhost to resolve to 127.0.0.1", doesSupportZoneDNS()); String zoneId = "testzone1"; //identity client token RestTemplate identityClient = IntegrationTestUtils .getClientCredentialsTempate(IntegrationTestUtils.getClientCredentialsResource(baseUrl, new String[] { "zones.write", "zones.read", "scim.zones" }, "identity", "identitysecret")); //admin client token - to create users RestTemplate adminClient = IntegrationTestUtils.getClientCredentialsTempate( IntegrationTestUtils.getClientCredentialsResource(baseUrl, new String[0], "admin", "adminsecret")); //create the zone IntegrationTestUtils.createZoneOrUpdateSubdomain(identityClient, baseUrl, zoneId, zoneId); //create a zone admin user String email = new RandomValueStringGenerator().generate() + "@samltesting.org"; ScimUser user = IntegrationTestUtils.createUser(adminClient, baseUrl, email, "firstname", "lastname", email, true);/*from w w w . ja va 2s. c om*/ IntegrationTestUtils.makeZoneAdmin(identityClient, baseUrl, user.getId(), zoneId); //get the zone admin token String zoneAdminToken = IntegrationTestUtils.getAuthorizationCodeToken(serverRunning, UaaTestAccounts.standard(serverRunning), "identity", "identitysecret", email, "secr3T"); IdentityProviderDefinition identityProviderDefinition = createTestZone1IDP("simplesamlphp"); IdentityProvider provider = new IdentityProvider(); provider.setIdentityZoneId(zoneId); provider.setType(Origin.SAML); provider.setActive(true); provider.setConfig(JsonUtils.writeValueAsString(identityProviderDefinition)); provider.setOriginKey(identityProviderDefinition.getIdpEntityAlias()); provider.setName("simplesamlphp for testzone1"); provider = IntegrationTestUtils.createOrUpdateProvider(zoneAdminToken, baseUrl, provider); assertEquals(provider.getOriginKey(), provider.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias()); List<String> idps = Arrays.asList(provider.getOriginKey()); String clientId = UUID.randomUUID().toString(); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "openid", "authorization_code", "uaa.none", baseUrl); clientDetails.setClientSecret("secret"); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, idps); clientDetails.addAdditionalInformation(ClientConstants.AUTO_APPROVE, true); clientDetails = IntegrationTestUtils.createClientAsZoneAdmin(zoneAdminToken, baseUrl, zoneId, clientDetails); String zoneUrl = baseUrl.replace("localhost", "testzone1.localhost"); webDriver.get(zoneUrl + "/logout.do"); String authUrl = zoneUrl + "/oauth/authorize?client_id=" + clientId + "&redirect_uri=" + URLEncoder.encode(zoneUrl) + "&response_type=code&state=8tp0tR"; webDriver.get(authUrl); //we should now be in the Simple SAML PHP site webDriver.findElement(By.xpath("//h2[contains(text(), 'Enter your username and password')]")); webDriver.findElement(By.name("username")).clear(); webDriver.findElement(By.name("username")).sendKeys(testAccounts.getUserName()); webDriver.findElement(By.name("password")).sendKeys("koala"); webDriver.findElement(By.xpath("//input[@value='Login']")).click(); assertThat(webDriver.findElement(By.cssSelector("h1")).getText(), Matchers.containsString("Where to?")); webDriver.get(baseUrl + "/logout.do"); webDriver.get(zoneUrl + "/logout.do"); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginIT.java
@Test public void testLoginPageShowsIDPsForAuthcodeClient() throws Exception { IdentityProvider provider = createIdentityProvider("simplesamlphp"); IdentityProvider provider2 = createIdentityProvider("simplesamlphp2"); List<String> idps = Arrays.asList( provider.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias(), provider2.getConfigValue(IdentityProviderDefinition.class).getIdpEntityAlias()); String adminAccessToken = testClient.getOAuthAccessToken("admin", "adminsecret", "client_credentials", "clients.read clients.write clients.secret"); String clientId = UUID.randomUUID().toString(); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "openid", "authorization_code", "uaa.none", "http://localhost:8080/login"); clientDetails.setClientSecret("secret"); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, idps); testClient.createClient(adminAccessToken, clientDetails); webDriver.get(baseUrl + "/oauth/authorize?client_id=" + clientId + "&redirect_uri=http%3A%2F%2Flocalhost%3A8888%2Flogin&response_type=code&state=8tp0tR"); webDriver.findElement(By.xpath(/*from ww w . j a v a 2 s . c om*/ "//a[text()='" + provider.getConfigValue(IdentityProviderDefinition.class).getLinkText() + "']")); webDriver.findElement(By.xpath( "//a[text()='" + provider2.getConfigValue(IdentityProviderDefinition.class).getLinkText() + "']")); }
From source file:org.cloudfoundry.identity.uaa.integration.feature.SamlLoginIT.java
@Test public void testLoginSamlOnlyProviderNoUsernamePassword() throws Exception { IdentityProvider provider = createIdentityProvider("simplesamlphp"); IdentityProvider provider2 = createIdentityProvider("simplesamlphp2"); List<String> idps = Arrays.asList(provider.getOriginKey(), provider2.getOriginKey()); webDriver.get(baseUrl + "/logout.do"); String adminAccessToken = testClient.getOAuthAccessToken("admin", "adminsecret", "client_credentials", "clients.read clients.write clients.secret"); String clientId = UUID.randomUUID().toString(); BaseClientDetails clientDetails = new BaseClientDetails(clientId, null, "openid", "authorization_code", "uaa.none", "http://localhost:8080/uaa/login"); clientDetails.setClientSecret("secret"); clientDetails.addAdditionalInformation(ClientConstants.ALLOWED_PROVIDERS, idps); testClient.createClient(adminAccessToken, clientDetails); webDriver.get(baseUrl + "/oauth/authorize?client_id=" + clientId + "&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fuaa%3Alogin&response_type=code&state=8tp0tR"); try {//from ww w . j a v a 2s .c om webDriver.findElement(By.name("username")); fail("Element username should not be present"); } catch (NoSuchElementException x) { } try { webDriver.findElement(By.name("password")); fail("Element username should not be present"); } catch (NoSuchElementException x) { } webDriver.get(baseUrl + "/logout.do"); }