Java tutorial
/** * Copyright 2014 Michael Brush * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.bcknds.demo.oauth2.util; import java.util.Arrays; import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; import org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordResourceDetails; import org.springframework.security.oauth2.common.AuthenticationScheme; import com.bcknds.demo.oauth2.BaseTest; /** * Provides the configuration for the clients * * @author Michael Brush */ public final class AuthenticationUtil { /** * Gets an OAuth2RestTemplate with the client configuration setup and ready to use. * * @return */ public static OAuth2RestTemplate getClientCredentials() { ClientCredentialsResourceDetails clientCredentials = new ClientCredentialsResourceDetails(); clientCredentials.setClientId(BaseTest.CLIENT_CREDENTIALS_CLIENTID); clientCredentials.setClientSecret(BaseTest.CLIENT_CREDENTIALS_SECRET); clientCredentials.setScope(BaseTest.CLIENT_CREDENTIALS_SCOPE); clientCredentials.setId(BaseTest.CLIENT_CREDENTIALS_RESOURCEID); clientCredentials.setAccessTokenUri(BaseTest.ACCESS_TOKEN_URI); return new OAuth2RestTemplate(clientCredentials); } /** * Gets an OAuth2RestTemplate with the client configuration setup and ready to use. * This one has a bad Client Id for failure testing. * * @return */ public static OAuth2RestTemplate getClientCredentialsWithBadClientId() { ClientCredentialsResourceDetails clientCredentials = new ClientCredentialsResourceDetails(); clientCredentials.setClientId("badId"); clientCredentials.setClientSecret(BaseTest.CLIENT_CREDENTIALS_SECRET); clientCredentials.setScope(BaseTest.CLIENT_CREDENTIALS_SCOPE); clientCredentials.setId(BaseTest.CLIENT_CREDENTIALS_RESOURCEID); clientCredentials.setAccessTokenUri(BaseTest.ACCESS_TOKEN_URI); return new OAuth2RestTemplate(clientCredentials); } /** * Gets an OAuth2RestTemplate with the client configuration setup and ready to use. * This one has a bad secret for failure testing. * * @return */ public static OAuth2RestTemplate getClientCredentialsWithBadSecret() { ClientCredentialsResourceDetails clientCredentials = new ClientCredentialsResourceDetails(); clientCredentials.setClientId(BaseTest.CLIENT_CREDENTIALS_CLIENTID); clientCredentials.setClientSecret("badSecret"); clientCredentials.setScope(BaseTest.CLIENT_CREDENTIALS_SCOPE); clientCredentials.setId(BaseTest.CLIENT_CREDENTIALS_RESOURCEID); clientCredentials.setAccessTokenUri(BaseTest.ACCESS_TOKEN_URI); return new OAuth2RestTemplate(clientCredentials); } /** * Gets an OAuth2RestTemplate with the client configuration setup and ready to use. * This one has a bad scope for failure testing. * * @return */ public static OAuth2RestTemplate getClientCredentialsWithBadScope() { ClientCredentialsResourceDetails clientCredentials = new ClientCredentialsResourceDetails(); clientCredentials.setClientId(BaseTest.CLIENT_CREDENTIALS_CLIENTID); clientCredentials.setClientSecret(BaseTest.CLIENT_CREDENTIALS_SECRET); clientCredentials.setScope(Arrays.asList("badScope")); clientCredentials.setId(BaseTest.CLIENT_CREDENTIALS_RESOURCEID); clientCredentials.setAccessTokenUri(BaseTest.ACCESS_TOKEN_URI); return new OAuth2RestTemplate(clientCredentials); } /** * Gets an OAuth2RestTemplate with the password configuration setup and ready to use. * * @return */ public static OAuth2RestTemplate getPasswordCredentials(final String username, final String password) { SSLCertificateValidation.disable(); ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails(); resource.setClientAuthenticationScheme(AuthenticationScheme.header); resource.setClientId(BaseTest.PASSWORD_CLIENTID); resource.setScope(BaseTest.PASSWORD_SCOPE); resource.setId(BaseTest.PASSWORD_RESOURCEID); resource.setUsername(username); resource.setPassword(password); resource.setClientSecret(BaseTest.PASSWORD_SECRET); resource.setAccessTokenUri(BaseTest.ACCESS_TOKEN_URI); return new OAuth2RestTemplate(resource); } }