List of usage examples for org.springframework.security.oauth2.provider ClientDetailsService loadClientByClientId
ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException;
From source file:nl.surfnet.coin.api.service.JanusClientDetailsServiceTest.java
/** * Test to see if the cache works. Especially the fact that we store items in * the same cache with the same key for different return Objects: * ClientDetails and ConsumerDetails/*from www . j av a2s. c o m*/ * */ @Test public void testCache() throws IOException { AnnotationConfigApplicationContext ctx = new AnnotationConfigApplicationContext(this.getClass()); ClientDetailsService clientDetailsService = (ClientDetailsService) ctx.getBean("janusClientDetailsService"); Janus janus = (Janus) ctx.getBean("janus"); when(janus.getEntityIdsByMetaData(Metadata.OAUTH_CONSUMERKEY, "consumerkey")) .thenReturn(Collections.singletonList("sp-entity-id")); when(janus.getMetadataByEntityId("sp-entity-id")).thenReturn(getMetadata()); ClientDetails clientDetails = clientDetailsService.loadClientByClientId("consumerkey"); assertEquals("secret", clientDetails.getClientSecret()); // when we do this a second time the cache should kick in when(janus.getEntityIdsByMetaData(Metadata.OAUTH_CONSUMERKEY, "consumerkey")) .thenThrow(new RuntimeException("Cache did not kick in")); clientDetailsService.loadClientByClientId("consumerkey"); /* * now do the same for the loading of ConsumerDetails (and yes, this lengthy * test including the reset is necessary) to make sure we don't hit the * cache for loading the ConsumerDetails as we store both in the same cache * with potentially the same key (e.g. the consumerkey) resulting in * java.lang.ClassCastException: * nl.surfnet.coin.api.oauth.ExtendedBaseClientDetails cannot be cast to * org.springframework.security.oauth.provider.ConsumerDetails without a * custom key generator */ reset(janus); when(janus.getEntityIdsByMetaData(Metadata.OAUTH_CONSUMERKEY, "consumerkey")) .thenReturn(Collections.singletonList("sp-entity-id")); when(janus.getMetadataByEntityId("sp-entity-id")).thenReturn(getMetadata()); ConsumerDetailsService consumerDetailsService = (ConsumerDetailsService) clientDetailsService; ConsumerDetails consumerDetails = consumerDetailsService.loadConsumerByConsumerKey("consumerkey"); assertEquals("secret", ((SharedConsumerSecret) consumerDetails.getSignatureSecret()).getConsumerSecret()); when(janus.getEntityIdsByMetaData(Metadata.OAUTH_CONSUMERKEY, "consumerkey")) .thenThrow(new RuntimeException("Cache did not kick in")); consumerDetailsService.loadConsumerByConsumerKey("consumerkey"); }
From source file:org.cloudfoundry.identity.uaa.util.TokenValidation.java
public TokenValidation checkClient(ClientDetailsService clientDetailsService) { if (!decoded || !claims.containsKey(CID)) { addError("Token bears no client ID."); return this; }//ww w . jav a 2s . c o m if (claims.containsKey(CLIENT_ID) && !equals(claims.get(CID), claims.get(CLIENT_ID))) { addError("Token bears conflicting client ID claims."); return this; } String clientId; try { clientId = (String) claims.get(CID); } catch (ClassCastException ex) { addError("Token bears an invalid or unparseable CID claim.", ex); return this; } try { ClientDetails client = clientDetailsService.loadClientByClientId(clientId); Collection<String> clientScopes; if (null == claims.get(USER_ID)) { // for client credentials tokens, we want to validate the client scopes clientScopes = Optional.ofNullable(client.getAuthorities()) .map(a -> a.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList())) .orElse(Collections.emptyList()); } else { clientScopes = client.getScope(); } checkScopesWithin(clientScopes); } catch (NoSuchClientException ex) { addError("The token refers to a non-existent client: " + clientId, ex); } catch (InvalidTokenException ex) { validationErrors.add(ex); } return this; }