Java Code Examples for org.springframework.security.oauth2.common.util.SerializationUtils

The following examples show how to use org.springframework.security.oauth2.common.util.SerializationUtils. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: cloud-service   Source File: RedisAuthorizationCodeServices.java    License: MIT License 6 votes vote down vote up
@Override
protected OAuth2Authentication remove(final String code) {
	OAuth2Authentication oAuth2Authentication = redisTemplate.execute(new RedisCallback<OAuth2Authentication>() {

		@Override
		public OAuth2Authentication doInRedis(RedisConnection connection) throws DataAccessException {
			byte[] keyByte = codeKey(code).getBytes();
			byte[] valueByte = connection.get(keyByte);

			if (valueByte != null) {
				connection.del(keyByte);
				return SerializationUtils.deserialize(valueByte);
			}

			return null;
		}
	});

	return oAuth2Authentication;
}
 
Example 2
Source Project: oauth-server   Source File: TokenServiceImpl.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void deleteOne(String tokenId) {
    //筛选token
    AccessTokenDO accessTokenDO = accessTokenMapper.selectByPrimaryKey(tokenId);
    //token不存在
    if (accessTokenDO == null) {
        throw new CommonException("error.delete.token.not.exist");
    }
    //提取sessionId
    DefaultOAuth2AccessToken deserialize = SerializationUtils.deserialize(accessTokenDO.getToken());
    //删除redis session
    redisTemplate.delete(SESSION_KEY_PREFIX + deserialize.getAdditionalInformation().get("sessionId"));
    //删除db accessToken/refreshToken
    accessTokenMapper.deleteByPrimaryKey(tokenId);
    refreshTokenMapper.deleteByPrimaryKey(accessTokenDO.getRefreshToken());
    LOGGER.info("delete token,tokenId:{},sessionId:{}",tokenId,deserialize.getAdditionalInformation().get("sessionId"));
}
 
Example 3
Source Project: spring-security-mongo   Source File: MongoTokenStoreTest.java    License: MIT License 6 votes vote down vote up
@Test
public void shouldStoreAccessToken() {
    //Given
    final OAuth2AccessToken auth2AccessToken = OAuth2AccessTokenBuilder.oAuth2AccessTokenBuilder().build();
    final byte[] token = SerializationUtils.serialize(auth2AccessToken);

    //And
    final OAuth2Authentication oAuth2Authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();

    //And
    given(mongoOAuth2AccessTokenRepository.findByTokenId(any(String.class)))
            .willReturn(MongoOAuth2AccessTokenBuilder.mongoOAuth2AccessTokenBuilder().token(token).build());

    //When
    mongoTokenStore.storeAccessToken(auth2AccessToken, oAuth2Authentication);

    //Then
    verify(mongoOAuth2AccessTokenRepository).deleteByTokenId(any(String.class));
    verify(mongoOAuth2AccessTokenRepository).save(any(MongoOAuth2AccessToken.class));
}
 
Example 4
Source Project: spring-security-mongo   Source File: MongoTokenStoreTest.java    License: MIT License 6 votes vote down vote up
@Test
public void shouldStoreRefreshToken() {
    //Given
    final OAuth2RefreshToken oAuth2RefreshToken = OAuth2RefreshTokenBuilder.oAuth2RefreshToken().build();

    //And
    final OAuth2Authentication oAuth2Authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();

    //And
    final ArgumentCaptor<MongoOAuth2RefreshToken> argumentCaptor = ArgumentCaptor.forClass(MongoOAuth2RefreshToken.class);

    //When
    mongoTokenStore.storeRefreshToken(oAuth2RefreshToken, oAuth2Authentication);

    //Then
    verify(mongoOAuth2RefreshTokenRepository).save(argumentCaptor.capture());
    final MongoOAuth2RefreshToken refreshToken = argumentCaptor.getValue();
    final byte[] expectedResult = SerializationUtils.serialize(oAuth2RefreshToken);
    assertThat(refreshToken.getToken()).isEqualTo(expectedResult);

}
 
Example 5
Source Project: spring-security-mongo   Source File: MongoTokenStoreTest.java    License: MIT License 6 votes vote down vote up
@Test
public void shouldReadRefreshToken() {
    //Given
    final String tokenValue = string().next();
    final OAuth2RefreshToken oAuth2RefreshToken = OAuth2RefreshTokenBuilder.oAuth2RefreshToken().build();
    final byte[] oAuth2RefreshTokenSer = SerializationUtils.serialize(oAuth2RefreshToken);

    //And
    given(mongoOAuth2RefreshTokenRepository.findByTokenId(any(String.class)))
            .willReturn(MongoOAuth2RefreshTokenBuilder.mongoOAuth2RefreshTokenBuilder().token(oAuth2RefreshTokenSer).build());

    //When
    final OAuth2RefreshToken result = mongoTokenStore.readRefreshToken(tokenValue);

    //Then
    assertThat(result.getValue()).isEqualTo(oAuth2RefreshToken.getValue());
}
 
Example 6
Source Project: spring-security-mongo   Source File: MongoTokenStoreTest.java    License: MIT License 6 votes vote down vote up
@Test
public void shouldReadAuthenticationForRefreshToken() {
    //Given
    final OAuth2RefreshToken oAuth2RefreshToken = OAuth2RefreshTokenBuilder.oAuth2RefreshToken().build();

    //And
    final OAuth2Authentication authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();
    final byte[] authenticationSer = SerializationUtils.serialize(authentication);

    //And
    given(mongoOAuth2RefreshTokenRepository.findByTokenId(any(String.class)))
            .willReturn(MongoOAuth2RefreshTokenBuilder.mongoOAuth2RefreshTokenBuilder()
                    .authentication(authenticationSer)
                    .build());
    //When
    final OAuth2Authentication oAuth2Authentication = mongoTokenStore.readAuthenticationForRefreshToken(oAuth2RefreshToken);

    //Then
    assertThat(oAuth2Authentication.getPrincipal()).isEqualTo(authentication.getPrincipal());
    assertThat(oAuth2Authentication.getCredentials()).isEqualTo(authentication.getCredentials());
}
 
Example 7
@Override
public OAuth2AccessToken getAccessToken(
        OAuth2ProtectedResourceDetails resource,
        Authentication authentication) {

    String username = authentication.getPrincipal().toString();
    String shimKey = authentication.getDetails().toString();

    AccessParameters accessParameters = accessParametersRepo.findByUsernameAndShimKey(
            username, shimKey, new Sort(Sort.Direction.DESC, "dateCreated"));

    if (accessParameters == null || accessParameters.getSerializedToken() == null) {
        return null; //No token was found!
    }

    return SerializationUtils.deserialize(accessParameters.getSerializedToken());
}
 
Example 8
@Override
public void saveAccessToken(
        OAuth2ProtectedResourceDetails resource,
        Authentication authentication, OAuth2AccessToken accessToken) {

    String username = authentication.getPrincipal().toString();
    String shimKey = authentication.getDetails().toString();

    AccessParameters accessParameters =
            accessParametersRepo.findByUsernameAndShimKey(
                    username,
                    shimKey,
                    new Sort(Sort.Direction.DESC, "dateCreated"));

    if (accessParameters == null) {
        accessParameters = new AccessParameters();
        accessParameters.setUsername(username);
        accessParameters.setShimKey(shimKey);
    }

    accessParameters.setSerializedToken(SerializationUtils.serialize(accessToken));

    accessParametersRepo.save(accessParameters);
}
 
Example 9
Source Project: cloud-service   Source File: RedisAuthorizationCodeServices.java    License: MIT License 5 votes vote down vote up
/**
 * 存储code到redis,并设置过期时间,10分钟<br>
 * value为OAuth2Authentication序列化后的字节<br>
 * 因为OAuth2Authentication没有无参构造函数<br>
 * redisTemplate.opsForValue().set(key, value, timeout, unit);
 * 这种方式直接存储的话,redisTemplate.opsForValue().get(key)的时候有些问题,
 * 所以这里采用最底层的方式存储,get的时候也用最底层的方式获取
 */
@Override
protected void store(String code, OAuth2Authentication authentication) {
	redisTemplate.execute(new RedisCallback<Long>() {

		@Override
		public Long doInRedis(RedisConnection connection) throws DataAccessException {
			connection.set(codeKey(code).getBytes(), SerializationUtils.serialize(authentication),
					Expiration.from(10, TimeUnit.MINUTES), SetOption.UPSERT);
			return 1L;
		}
	});
}
 
Example 10
Source Project: spring-security-mongo   Source File: MongoClientTokenServices.java    License: MIT License 5 votes vote down vote up
@Override
public void saveAccessToken(final OAuth2ProtectedResourceDetails resource,
                            final Authentication authentication,
                            final OAuth2AccessToken accessToken) {
    removeAccessToken(resource, authentication);
    final MongoOAuth2ClientToken mongoOAuth2ClientToken = new MongoOAuth2ClientToken(UUID.randomUUID().toString(),
            accessToken.getValue(),
            SerializationUtils.serialize(accessToken),
            clientKeyGenerator.extractKey(resource, authentication),
            authentication.getName(),
            resource.getClientId());

    mongoOAuth2ClientTokenRepository.save(mongoOAuth2ClientToken);
}
 
Example 11
Source Project: spring-security-mongo   Source File: MongoTokenStoreTest.java    License: MIT License 5 votes vote down vote up
@Test
public void shouldGetAccessToken() {
    //Given
    final OAuth2Authentication oAuth2Authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();

    //And
    final String value = string().next();
    doReturn(value).doReturn(value).when(authenticationKeyGenerator).extractKey(any());

    //And
    final OAuth2AccessToken oAuth2AccessToken = OAuth2AccessTokenBuilder.oAuth2AccessTokenBuilder().build();

    final byte[] oAuth2AccessTokenSer = SerializationUtils.serialize(oAuth2AccessToken);
    given(mongoOAuth2AccessTokenRepository.findByAuthenticationId(value))
            .willReturn(MongoOAuth2AccessTokenBuilder.mongoOAuth2AccessTokenBuilder()
                    .token(oAuth2AccessTokenSer)
                    .build());

    //And
    given(mongoOAuth2AccessTokenRepository.findByTokenId(any()))
            .willReturn(MongoOAuth2AccessTokenBuilder.mongoOAuth2AccessTokenBuilder().build());

    //When
    mongoTokenStore.getAccessToken(oAuth2Authentication);

    //Then
    verify(mongoOAuth2AccessTokenRepository, never()).deleteByTokenId(any(String.class));
    verify(mongoOAuth2AccessTokenRepository, never()).save(any(MongoOAuth2AccessToken.class));
}
 
Example 12
Source Project: shimmer   Source File: OAuth2Shim.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public AuthorizationRequestParameters getAuthorizationRequestParameters(
        String username,
        Map<String, String> additionalParameters)
        throws ShimException {

    OAuth2RestOperations restTemplate = restTemplate();

    try {
        // TODO replace with restTemplate.getAccessToken();
        trigger(restTemplate, getTriggerDataRequest());

        // if no exception has been thrown, assume that the current authorization is valid
        return AuthorizationRequestParameters.authorized();
    }
    catch (UserRedirectRequiredException e) {
        // if an exception was thrown it means a redirect is required
        AccessTokenRequest accessTokenRequest = restTemplate.getOAuth2ClientContext().getAccessTokenRequest();

        String stateKey = accessTokenRequest.getStateKey();

        /**
         * Build an authorization request from the exception
         * parameters. We also serialize spring's accessTokenRequest.
         */
        AuthorizationRequestParameters authRequestParams = new AuthorizationRequestParameters();
        authRequestParams.setRedirectUri(e.getRedirectUri());
        authRequestParams.setStateKey(e.getStateKey());
        authRequestParams.setAuthorizationUrl(getAuthorizationUrl(e, additionalParameters));
        authRequestParams.setSerializedRequest(SerializationUtils.serialize(accessTokenRequest));
        authRequestParams.setStateKey(stateKey);
        authRequestParams.setRequestParams(additionalParameters);

        return authorizationRequestParametersRepo.save(authRequestParams);
    }
}
 
Example 13
Source Project: oauth-server   Source File: AccessTokenDO.java    License: Apache License 2.0 4 votes vote down vote up
public void setValue(OAuth2AccessToken value) {
    this.value = value;
    this.token = SerializationUtils.serialize(value);
}
 
Example 14
Source Project: oauth-server   Source File: AccessTokenDO.java    License: Apache License 2.0 4 votes vote down vote up
public void setToken(byte[] token) {
    this.token = token;
    this.value = SerializationUtils.deserialize(token);
}
 
Example 15
Source Project: oauth-server   Source File: AccessTokenDO.java    License: Apache License 2.0 4 votes vote down vote up
public void setAuth2Authentication(OAuth2Authentication oauth2Authentication) {
    this.auth2Authentication = oauth2Authentication;
    this.authentication = SerializationUtils.serialize(oauth2Authentication);
}
 
Example 16
Source Project: konker-platform   Source File: AuthorizationCode.java    License: Apache License 2.0 4 votes vote down vote up
public OAuth2Authentication authentication() {
    return SerializationUtils.deserialize(authenticationBytes);
}
 
Example 17
Source Project: konker-platform   Source File: AccessToken.java    License: Apache License 2.0 4 votes vote down vote up
@Tolerate
public OAuth2AccessToken token() {
    return SerializationUtils.deserialize(token);
}
 
Example 18
Source Project: konker-platform   Source File: AccessToken.java    License: Apache License 2.0 4 votes vote down vote up
@Tolerate
public OAuth2Authentication authentication() {
    return SerializationUtils.deserialize(authentication);
}
 
Example 19
Source Project: konker-platform   Source File: RefreshToken.java    License: Apache License 2.0 4 votes vote down vote up
public OAuth2RefreshToken token() {
    return SerializationUtils.deserialize(token);
}
 
Example 20
Source Project: konker-platform   Source File: RefreshToken.java    License: Apache License 2.0 4 votes vote down vote up
public OAuth2Authentication authentication() {
    return SerializationUtils.deserialize(authentication);
}
 
Example 21
Source Project: spring-security-mongo   Source File: MongoClientTokenServices.java    License: MIT License 4 votes vote down vote up
@Override
public OAuth2AccessToken getAccessToken(final OAuth2ProtectedResourceDetails resource,
                                        final Authentication authentication) {
    final MongoOAuth2ClientToken mongoOAuth2ClientToken = mongoOAuth2ClientTokenRepository.findByAuthenticationId(clientKeyGenerator.extractKey(resource, authentication));
    return SerializationUtils.deserialize(mongoOAuth2ClientToken.getToken());
}
 
Example 22
Source Project: spring-security-mongo   Source File: MongoTokenStore.java    License: MIT License 4 votes vote down vote up
private Collection<OAuth2AccessToken> transformToOAuth2AccessTokens(final List<MongoOAuth2AccessToken> oAuth2AccessTokens) {
    return oAuth2AccessTokens.stream()
            .filter(Objects::nonNull)
            .map(token -> SerializationUtils.<OAuth2AccessToken>deserialize(token.getToken()))
            .collect(Collectors.toList());
}