Example usage for org.springframework.security.oauth2.provider.client BaseClientDetails getAdditionalInformation

List of usage examples for org.springframework.security.oauth2.provider.client BaseClientDetails getAdditionalInformation

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.oauth2.provider.client.*
  5. BaseClientDetails
  6. getAdditionalInformation

Introduction

In this page you can find the example usage for org.springframework.security.oauth2.provider.client BaseClientDetails getAdditionalInformation.

Prototype

@org.codehaus.jackson.annotate.JsonAnyGetter
    @com.fasterxml.jackson.annotation.JsonAnyGetter
    public Map<String, Object> getAdditionalInformation()

Source Link

Usage

From source file:org.cloudfoundry.identity.uaa.oauth.AccessController.java

@RequestMapping("/oauth/confirm_access")
public String confirm(Map<String, Object> model, final HttpServletRequest request, Principal principal,
        SessionStatus sessionStatus) throws Exception {

    if (!(principal instanceof Authentication)) {
        sessionStatus.setComplete();//from ww  w .  j a v  a2 s  . c  o  m
        throw new InsufficientAuthenticationException(
                "User must be authenticated with before authorizing access.");
    }

    AuthorizationRequest clientAuthRequest = (AuthorizationRequest) model.remove("authorizationRequest");
    if (clientAuthRequest == null) {
        model.put("error",
                "No authorization request is present, so we cannot confirm access (we don't know what you are asking for).");
        // response.sendError(HttpServletResponse.SC_BAD_REQUEST);
    } else {
        String clientId = clientAuthRequest.getClientId();
        BaseClientDetails client = (BaseClientDetails) clientDetailsService.loadClientByClientId(clientId);
        // TODO: Need to fix the copy constructor to copy additionalInfo
        BaseClientDetails modifiableClient = new BaseClientDetails(client);
        modifiableClient.setClientSecret(null);
        model.put("auth_request", clientAuthRequest);
        model.put("redirect_uri", getRedirectUri(modifiableClient, clientAuthRequest));

        Map<String, Object> additionalInfo = client.getAdditionalInformation();
        String clientDisplayName = (String) additionalInfo.get(ClientConstants.CLIENT_NAME);
        model.put("client_display_name", (clientDisplayName != null) ? clientDisplayName : clientId);

        // Find the auto approved scopes for this clients
        Set<String> autoApproved = client.getAutoApproveScopes();
        Set<String> autoApprovedScopes = new HashSet<>();
        if (autoApproved != null) {
            if (autoApproved.contains("true")) {
                autoApprovedScopes.addAll(client.getScope());
            } else {
                autoApprovedScopes.addAll(autoApproved);
            }
        }

        List<Approval> filteredApprovals = new ArrayList<Approval>();
        // Remove auto approved scopes
        List<Approval> approvals = approvalStore.getApprovals(Origin.getUserId((Authentication) principal),
                clientId);
        for (Approval approval : approvals) {
            if (!(autoApprovedScopes.contains(approval.getScope()))) {
                filteredApprovals.add(approval);
            }
        }

        ArrayList<String> approvedScopes = new ArrayList<String>();
        ArrayList<String> deniedScopes = new ArrayList<String>();

        for (Approval approval : filteredApprovals) {
            switch (approval.getStatus()) {
            case APPROVED:
                approvedScopes.add(approval.getScope());
                break;
            case DENIED:
                deniedScopes.add(approval.getScope());
                break;
            default:
                logger.error("Encountered an unknown scope. This is not supposed to happen");
                break;
            }
        }

        ArrayList<String> undecidedScopes = new ArrayList<String>();

        // Filter the scopes approved/denied from the ones requested
        for (String scope : clientAuthRequest.getScope()) {
            if (!approvedScopes.contains(scope) && !deniedScopes.contains(scope)
                    && !autoApprovedScopes.contains(scope)) {
                undecidedScopes.add(scope);
            }
        }

        List<Map<String, String>> approvedScopeDetails = getScopes(approvedScopes);
        model.put("approved_scopes", approvedScopeDetails);
        List<Map<String, String>> undecidedScopeDetails = getScopes(undecidedScopes);
        model.put("undecided_scopes", undecidedScopeDetails);
        List<Map<String, String>> deniedScopeDetails = getScopes(deniedScopes);
        model.put("denied_scopes", deniedScopeDetails);

        List<Map<String, String>> allScopes = new ArrayList<>();
        allScopes.addAll(approvedScopeDetails);
        allScopes.addAll(undecidedScopeDetails);
        allScopes.addAll(deniedScopeDetails);

        model.put("scopes", allScopes);

        model.put("message",
                "To confirm or deny access POST to the following locations with the parameters requested.");
        Map<String, Object> options = new HashMap<String, Object>() {
            {
                put("confirm", new HashMap<String, String>() {
                    {
                        put("location", getLocation(request, "oauth/authorize"));
                        put("path", getPath(request, "oauth/authorize"));
                        put("key", OAuth2Utils.USER_OAUTH_APPROVAL);
                        put("value", "true");
                    }

                });
                put("deny", new HashMap<String, String>() {
                    {
                        put("location", getLocation(request, "oauth/authorize"));
                        put("path", getPath(request, "oauth/authorize"));
                        put("key", OAuth2Utils.USER_OAUTH_APPROVAL);
                        put("value", "false");
                    }

                });
            }
        };
        model.put("options", options);
    }

    return "access_confirmation";

}