org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken Java Examples

The following examples show how to use org.springframework.security.oauth2.common.DefaultOAuth2RefreshToken. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CustomJwtTokenEnhancer.java    From fast-family-master with Apache License 2.0 6 votes vote down vote up
@Override
public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
    if (oAuth2AccessToken instanceof DefaultOAuth2AccessToken) {
        DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) oAuth2AccessToken;
        String clientId = oAuth2Authentication.getOAuth2Request().getClientId();
        Date expiration = oAuth2AccessToken.getExpiration();
        String createToken = createToken(clientId, expiration);
        token.setValue(createToken);
        OAuth2RefreshToken refreshToken = oAuth2AccessToken.getRefreshToken();
        if (refreshToken instanceof DefaultOAuth2AccessToken) {
            token.setRefreshToken(new DefaultOAuth2RefreshToken(createToken(clientId, expiration)));
        }
        Map<String, Object> additionalInformation = new HashMap<>();
        additionalInformation.put("client_id", oAuth2Authentication.getOAuth2Request().getClientId());
        token.setAdditionalInformation(additionalInformation);
        return token;
    }
    return oAuth2AccessToken;
}
 
Example #2
Source File: IHealthShim.java    From shimmer with Apache License 2.0 6 votes vote down vote up
@Override
protected ResponseExtractor<OAuth2AccessToken> getResponseExtractor() {

    return new ResponseExtractor<OAuth2AccessToken>() {

        @Override
        public OAuth2AccessToken extractData(ClientHttpResponse response) throws IOException {

            JsonNode node = new ObjectMapper().readTree(response.getBody());
            String token = Preconditions
                    .checkNotNull(node.path("AccessToken").textValue(), "Missing access token: %s", node);
            String refreshToken = Preconditions
                    .checkNotNull(node.path("RefreshToken").textValue(), "Missing refresh token: %s" + node);
            String userId =
                    Preconditions.checkNotNull(node.path("UserID").textValue(), "Missing UserID: %s", node);
            long expiresIn = node.path("Expires").longValue() * 1000;
            Preconditions.checkArgument(expiresIn > 0, "Missing Expires: %s", node);

            DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(token);
            accessToken.setExpiration(new Date(System.currentTimeMillis() + expiresIn));
            accessToken.setRefreshToken(new DefaultOAuth2RefreshToken(refreshToken));
            accessToken.setAdditionalInformation(ImmutableMap.<String, Object>of("UserID", userId));
            return accessToken;
        }
    };
}
 
Example #3
Source File: OAuth2TokenDAO.java    From entando-core with GNU Lesser General Public License v3.0 6 votes vote down vote up
protected OAuth2AccessToken getAccessToken(final String token, Connection conn) {
    OAuth2AccessTokenImpl accessToken = null;
    PreparedStatement stat = null;
    ResultSet res = null;
    try {
        stat = conn.prepareStatement(SELECT_TOKEN);
        stat.setString(1, token);
        res = stat.executeQuery();
        if (res.next()) {
            accessToken = new OAuth2AccessTokenImpl(token);
            accessToken.setRefreshToken(new DefaultOAuth2RefreshToken(res.getString("refreshtoken")));
            accessToken.setClientId(res.getString("clientid"));
            accessToken.setGrantType(res.getString("granttype"));
            accessToken.setLocalUser(res.getString("localuser"));
            Timestamp timestamp = res.getTimestamp("expiresin");
            Date expiration = new Date(timestamp.getTime());
            accessToken.setExpiration(expiration);
        }
    } catch (Throwable t) {
        logger.error("Error loading token {}", token, t);
        throw new RuntimeException("Error loading token " + token, t);
    } finally {
        closeDaoResources(res, stat);
    }
    return accessToken;
}
 
Example #4
Source File: OAuth2TokenDAOTest.java    From entando-core with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Test
public void readAuthenticationForRefreshToken() throws Exception {
    when(this.stat.executeQuery()).thenReturn(res);
    Mockito.when(res.next()).thenReturn(true).thenReturn(false);
    Mockito.when(res.getString("localuser")).thenReturn("username");
    Mockito.when(res.getString("clientid")).thenReturn("client_id");
    Mockito.when(res.getString("granttype")).thenReturn("password");
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value_X1");
    OAuth2Authentication auth = this.tokenDAO.readAuthenticationForRefreshToken(refreshToken);
    Assert.assertNotNull(auth);
    Assert.assertEquals("username", auth.getPrincipal());
    Assert.assertEquals("password", auth.getOAuth2Request().getGrantType());
    Mockito.verify(stat, Mockito.times(1)).setString(Mockito.anyInt(), Mockito.anyString());
    Mockito.verify(res, Mockito.times(3)).getString(Mockito.anyString());
    Mockito.verify(res, Mockito.times(0)).getTimestamp(Mockito.anyString());
    Mockito.verify(stat, Mockito.times(1)).close();
    Mockito.verify(res, Mockito.times(1)).close();
    Mockito.verify(conn, Mockito.times(1)).close();
}
 
Example #5
Source File: OAuth2TokenDAOTest.java    From entando-core with GNU Lesser General Public License v3.0 6 votes vote down vote up
@Test(expected = RuntimeException.class)
public void failReadAuthenticationForRefreshToken() throws Exception {
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value_X2");
    try {
        when(this.stat.executeQuery()).thenReturn(res);
        Mockito.when(res.next()).thenReturn(true).thenReturn(false);
        Mockito.when(res.getString("localuser")).thenReturn("username");
        Mockito.when(res.getString("clientid")).thenThrow(SQLException.class);
        Mockito.when(res.getString("granttype")).thenReturn("password");
        OAuth2Authentication auth = this.tokenDAO.readAuthenticationForRefreshToken(refreshToken);
        Assert.fail();
    } catch (RuntimeException e) {
        Mockito.verify(stat, Mockito.times(1)).setString(Mockito.anyInt(), Mockito.anyString());
        Mockito.verify(res, Mockito.times(2)).getString(Mockito.anyString());
        Mockito.verify(res, Mockito.times(0)).getTimestamp(Mockito.anyString());
        Mockito.verify(stat, Mockito.times(1)).close();
        Mockito.verify(res, Mockito.times(1)).close();
        Mockito.verify(conn, Mockito.times(1)).close();
        throw e;
    }
}
 
Example #6
Source File: OAuth2TokenDAOTest.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
private OAuth2AccessToken createMockAccessToken() {
    OAuth2AccessTokenImpl token = new OAuth2AccessTokenImpl("token");
    token.setValue("token");
    token.setClientId("client_id");
    token.setExpiration(new Date());
    token.setGrantType("password");
    token.setLocalUser("username");
    token.setRefreshToken(new DefaultOAuth2RefreshToken("refresh"));
    token.setTokenType("bearer");
    return token;
}
 
Example #7
Source File: OAuth2AuthenticationServiceTest.java    From tutorials with MIT License 5 votes vote down vote up
public static OAuth2AccessToken createAccessToken(String accessTokenValue, String refreshTokenValue) {
    DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(accessTokenValue);
    accessToken.setExpiration(new Date());          //token expires now
    DefaultOAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken(refreshTokenValue);
    accessToken.setRefreshToken(refreshToken);
    return accessToken;
}
 
Example #8
Source File: ApiOAuth2TokenManagerTest.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
private OAuth2AccessToken createMockAccessToken() {
    OAuth2AccessTokenImpl token = new OAuth2AccessTokenImpl("token");
    token.setValue("token");
    token.setClientId("client_id");
    token.setExpiration(new Date());
    token.setGrantType("password");
    token.setLocalUser("username");
    token.setRefreshToken(new DefaultOAuth2RefreshToken("refresh"));
    token.setTokenType("bearer");
    return token;
}
 
Example #9
Source File: ApiOAuth2TokenManagerTest.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Test
public void readAuthenticationForRefreshToken() throws Exception {
    when(tokenDAO.readAuthenticationForRefreshToken(Mockito.any(OAuth2RefreshToken.class))).thenReturn(Mockito.any(OAuth2Authentication.class));
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value");
    OAuth2Authentication auth = this.tokenManager.readAuthenticationForRefreshToken(refreshToken);
    Assert.assertNull(auth);
    Mockito.verify(tokenDAO, Mockito.times(1)).readAuthenticationForRefreshToken(refreshToken);
}
 
Example #10
Source File: YamiTokenServices.java    From mall4j with GNU Affero General Public License v3.0 5 votes vote down vote up
private OAuth2RefreshToken createRefreshToken(OAuth2Authentication authentication) {
    if (!isSupportRefreshToken(authentication.getOAuth2Request())) {
        return null;
    }
    int validitySeconds = getRefreshTokenValiditySeconds(authentication.getOAuth2Request());
    String value = UUID.randomUUID().toString();
    if (validitySeconds > 0) {
        return new DefaultExpiringOAuth2RefreshToken(value, new Date(System.currentTimeMillis()
                + (validitySeconds * 1000L)));
    }
    return new DefaultOAuth2RefreshToken(value);
}
 
Example #11
Source File: OAuth2TestUtils.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
public static OAuth2AccessToken getOAuth2Token(String username, String accessToken) {
    OAuth2AccessTokenImpl oAuth2Token = new OAuth2AccessTokenImpl(accessToken);
    oAuth2Token.setRefreshToken(new DefaultOAuth2RefreshToken("refresh_token"));
    oAuth2Token.setLocalUser(username);
    Calendar calendar = Calendar.getInstance(); // gets a calendar using the default time zone and locale.
    calendar.add(Calendar.SECOND, 3600);
    oAuth2Token.setExpiration(calendar.getTime());
    oAuth2Token.setGrantType("password");
    return oAuth2Token;
}
 
Example #12
Source File: OAuth2TokenDAO.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Override
public OAuth2RefreshToken readRefreshToken(String tokenValue) {
    FieldSearchFilter filter = new FieldSearchFilter("refreshtoken", tokenValue, true);
    FieldSearchFilter[] filters = {filter};
    List<String> accessTokens = super.searchId(filters);
    if (null != accessTokens && accessTokens.size() > 0) {
        return new DefaultOAuth2RefreshToken(tokenValue);
    }
    return null;
}
 
Example #13
Source File: ApiOAuth2TokenManager.java    From entando-core with GNU Lesser General Public License v3.0 5 votes vote down vote up
protected OAuth2AccessToken getAccessToken(String principal, String clientId, String grantType) {
    String tokenPrefix = principal + System.nanoTime();
    final String accessToken = DigestUtils.md5Hex(tokenPrefix + "_accessToken");
    final String refreshToken = DigestUtils.md5Hex(tokenPrefix + "_refreshToken");
    final OAuth2AccessTokenImpl oAuth2Token = new OAuth2AccessTokenImpl(accessToken);
    oAuth2Token.setRefreshToken(new DefaultOAuth2RefreshToken(refreshToken));
    oAuth2Token.setClientId(clientId);
    oAuth2Token.setGrantType(grantType);
    oAuth2Token.setLocalUser(principal);
    Calendar calendar = Calendar.getInstance(); // gets a calendar using the default time zone and locale.
    calendar.add(Calendar.SECOND, this.getAccessTokenValiditySeconds());
    oAuth2Token.setExpiration(calendar.getTime());
    return oAuth2Token;
}
 
Example #14
Source File: OAuth2AuthenticationServiceTest.java    From cubeai with Apache License 2.0 5 votes vote down vote up
public static OAuth2AccessToken createAccessToken(String accessTokenValue, String refreshTokenValue) {
    DefaultOAuth2AccessToken accessToken = new DefaultOAuth2AccessToken(accessTokenValue);
    accessToken.setExpiration(new Date());          //token expires now
    DefaultOAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken(refreshTokenValue);
    accessToken.setRefreshToken(refreshToken);
    return accessToken;
}
 
Example #15
Source File: ApiOAuth2TokenManagerTest.java    From entando-core with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Test
public void storeRefreshToken() throws Exception {
    this.tokenManager.storeRefreshToken(new DefaultOAuth2RefreshToken("value"), this.createMockAuthentication());
    Mockito.verifyZeroInteractions(tokenDAO);
}
 
Example #16
Source File: ApiOAuth2TokenManagerTest.java    From entando-core with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Test
public void removeRefreshToken() throws Exception {
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value_1");
    this.tokenManager.removeRefreshToken(refreshToken);
    Mockito.verify(tokenDAO, Mockito.times(1)).removeAccessTokenUsingRefreshToken("value_1");
}
 
Example #17
Source File: ApiOAuth2TokenManagerTest.java    From entando-core with GNU Lesser General Public License v3.0 4 votes vote down vote up
@Test
public void removeAccessTokenUsingRefreshToken() throws Exception {
    OAuth2RefreshToken refreshToken = new DefaultOAuth2RefreshToken("value_2");
    this.tokenManager.removeAccessTokenUsingRefreshToken(refreshToken);
    Mockito.verify(tokenDAO, Mockito.times(1)).removeAccessTokenUsingRefreshToken("value_2");
}
 
Example #18
Source File: AuthenticationProviderManagerTest.java    From entando-core with GNU Lesser General Public License v3.0 4 votes vote down vote up
private OAuth2AccessToken createMockToken() {
    OAuth2AccessTokenImpl token = new OAuth2AccessTokenImpl("access_token_x");
    token.setRefreshToken(new DefaultOAuth2RefreshToken("refresh_token_x"));
    return token;
}
 
Example #19
Source File: OAuth2RefreshTokenBuilder.java    From spring-security-mongo with MIT License 4 votes vote down vote up
public OAuth2RefreshToken build() {
    return new DefaultOAuth2RefreshToken(value);
}
 
Example #20
Source File: OAuth2ClientTokenSevices.java    From OAuth-2.0-Cookbook with MIT License 4 votes vote down vote up
@Override
public OAuth2AccessToken getAccessToken(OAuth2ProtectedResourceDetails resource, Authentication authentication) {
    ClientUser clientUser = getClientUser(authentication);

    String accessToken = clientUser.getAccessToken();
    Calendar expirationDate = clientUser.getAccessTokenValidity();

    if (accessToken == null) return null;


    DefaultOAuth2AccessToken oAuth2AccessToken = new DefaultOAuth2AccessToken(accessToken);
    oAuth2AccessToken.setExpiration(expirationDate.getTime());
    oAuth2AccessToken.setRefreshToken(new DefaultOAuth2RefreshToken(clientUser.getRefreshToken()));

    return oAuth2AccessToken;
}