Java Code Examples for org.springframework.security.oauth2.provider.AuthorizationRequest#setAuthorities()
The following examples show how to use
org.springframework.security.oauth2.provider.AuthorizationRequest#setAuthorities() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SAPOfflineTokenServicesCloud.java From cloud-security-xsuaa-integration with Apache License 2.0 | 5 votes |
|
static OAuth2Authentication getOAuth2Authentication(String clientId, Set<String> scopes) {
Authentication userAuthentication = null; // TODO no SAPUserDetails support. Using spring alternative?
final AuthorizationRequest authorizationRequest = new AuthorizationRequest(clientId, scopes);
authorizationRequest.setAuthorities(getAuthorities(scopes));
authorizationRequest.setApproved(true);
return new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication);
}
Example 2
| Source File: OAuth2AuthenticationConverter.java From cloud-security-xsuaa-integration with Apache License 2.0 | 5 votes |
|
@Override
public OAuth2Authentication convert(Jwt jwt) {
AuthenticationToken authenticationToken = (AuthenticationToken) super.convert(jwt);
String clientId = jwt.getClaimAsString(CLAIM_CLIENT_ID);
AuthorizationRequest authorizationRequest = new AuthorizationRequest(clientId,
authenticationToken.getAuthorities().stream().map(Objects::toString).collect(Collectors.toList()));
authorizationRequest.setApproved(true);
authorizationRequest.setAuthorities(authenticationToken.getAuthorities());
return new OAuth2Authentication(authorizationRequest.createOAuth2Request(), authenticationToken);
}
Example 3
| Source File: LoginController.java From microservices-event-sourcing with Apache License 2.0 | 5 votes |
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
httpSessionSecurityContextRepository.loadContext(holder);
try {
// 使用提供的证书认证用户
List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN");
Authentication auth = new UsernamePasswordAuthenticationToken(request.getParameter("username"), request.getParameter("password"), authorities);
SecurityContextHolder.getContext().setAuthentication(authenticationManager.authenticate(auth));
// 认证用户
if(!auth.isAuthenticated())
throw new CredentialException("用户不能够被认证");
} catch (Exception ex) {
// 用户不能够被认证,重定向回登录页
logger.info(ex);
return "login";
}
// 从会话得到默认保存的请求
DefaultSavedRequest defaultSavedRequest = (DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
// 为令牌请求生成认证参数Map
Map<String, String> authParams = getAuthParameters(defaultSavedRequest);
AuthorizationRequest authRequest = new DefaultOAuth2RequestFactory(clientDetailsService).createAuthorizationRequest(authParams);
authRequest.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN"));
model.addAttribute("authorizationRequest", authRequest);
httpSessionSecurityContextRepository.saveContext(SecurityContextHolder.getContext(), holder.getRequest(), holder.getResponse());
return "authorize";
}
Example 4
| Source File: LoginController.java From cloud-native-microservice-strangler-example with GNU General Public License v3.0 | 4 votes |
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
HttpRequestResponseHolder responseHolder = new HttpRequestResponseHolder(request, response);
sessionRepository.loadContext(responseHolder);
try {
// Authenticate the user with the supplied credentials
List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN");
Authentication auth =
new UsernamePasswordAuthenticationToken(request.getParameter("username"),
request.getParameter("password"), authorities);
SecurityContextHolder.getContext()
.setAuthentication(authenticationManager.authenticate(auth));
// Authenticate the user
if(!authenticationManager.authenticate(auth).isAuthenticated())
throw new CredentialException("User could not be authenticated");
} catch (Exception ex) {
// The user couldn't be authenticated, redirect back to login
ex.printStackTrace();
return "login";
}
// Get the default saved request from session
DefaultSavedRequest defaultSavedRequest = ((DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST"));
// Generate an authorization parameter map for the token request
Map<String, String> authParams = getAuthParameters(defaultSavedRequest);
// Create the authorization request and put it in the view model
AuthorizationRequest authRequest = new DefaultOAuth2RequestFactory(clients).createAuthorizationRequest(authParams);
authRequest.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN"));
sessionRepository.saveContext(SecurityContextHolder.getContext(), responseHolder.getRequest(), responseHolder.getResponse());
model.addAttribute("authorizationRequest", authRequest);
// Return the token authorization view
return "authorize";
}
Example 5
| Source File: LoginController.java From spring-cloud-event-sourcing-example with GNU General Public License v3.0 | 4 votes |
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
HttpRequestResponseHolder responseHolder = new HttpRequestResponseHolder(request, response);
sessionRepository.loadContext(responseHolder);
try {
// Authenticate the user with the supplied credentials
List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN");
Authentication auth =
new UsernamePasswordAuthenticationToken(request.getParameter("username"),
request.getParameter("password"), authorities);
SecurityContextHolder.getContext()
.setAuthentication(authenticationManager.authenticate(auth));
// Authenticate the user
if(!authenticationManager.authenticate(auth).isAuthenticated())
throw new CredentialException("User could not be authenticated");
} catch (Exception ex) {
// The user couldn't be authenticated, redirect back to login
ex.printStackTrace();
return "login";
}
// Get the default saved request from session
DefaultSavedRequest defaultSavedRequest = ((DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST"));
// Generate an authorization parameter map for the token request
Map<String, String> authParams = getAuthParameters(defaultSavedRequest);
// Create the authorization request and put it in the view model
AuthorizationRequest authRequest = new DefaultOAuth2RequestFactory(clients).createAuthorizationRequest(authParams);
authRequest.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN"));
sessionRepository.saveContext(SecurityContextHolder.getContext(), responseHolder.getRequest(), responseHolder.getResponse());
model.addAttribute("authorizationRequest", authRequest);
// Return the token authorization view
return "authorize";
}
