Examples of AuthorizationRequest

• com.nimbusds.oauth2.sdk.AuthorizationRequest
  r.example.com/authorize? response_type=code &client_id=s6BhdRkqt3 &state=xyz &redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb

  Related specifications:

  • OAuth 2.0 (RFC 6749), sections 4.1.1 and 4.2.1.
• org.springframework.security.oauth2.provider.AuthorizationRequest
  A request for authorization by an OAuth 2 Client, normally received and processed by the AuthorizationEndpoint. This class is meant to be manipulated throughout the authorization process, and is therefore treated as ephemeral and not to be stored long term. For long term storage, use the read-only {@link OAuth2Request} class.HTTP request parameters are stored in the parameters map, and any processing the server makes throughout the lifecycle of a request are stored on individual properties. The original request parameters will remain available through the parameters map. For convenience, constants are defined in order to get at those original values. However, the parameters map is unmodifiable so that processing cannot drop the original values. This class is {@link Serializable} in order to support storage of theauthorization request as a {@link SessionAttributes} member while the enduser through the authorization process (which may span several page requests). @author Ryan Heaton @author Dave Syer @author Amanda Anganes
• org.surfnet.oaaas.model.AuthorizationRequest
  .ietf.org/html/draft-ietf-oauth-v2#section-4.1.1" >AuthorizationRequest.

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

  private OAuth2WebSecurityExpressionHandler handler = new OAuth2WebSecurityExpressionHandler();

  @Test
  public void testScopesWithOr() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "",
        "client_credentials", "ROLE_USER"));
    request.setApproved(true);
    OAuth2Request clientAuthentication = request.createOAuth2Request();
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("user", "pass",
        AuthorityUtils.createAuthorityList("ROLE_USER"));
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    FilterInvocation invocation = new FilterInvocation("/foo", "GET");
    EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

  private BaseClientDetails client;

  @Before
  public void init() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest();
    authorizationRequest.setClientId("client");
    authorizationRequest.setScope(Arrays.asList("read", "write"));
    authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication);
    InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();
    client = new BaseClientDetails("client", "source", "read,write", "authorization_code,client_credentials",
        "read");
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    voter.setClientDetailsService(clientDetailsService);

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    assertTrue((Boolean) expression.getValue(context));
  }

  @Test
  public void testOauthClient() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "", "",
        "client_credentials", "ROLE_CLIENT"));

    OAuth2Request clientAuthentication = RequestTokenFactory
        .createOAuth2Request(request.getRequestParameters(), request.getClientId(), request.getAuthorities(),
            request.isApproved(), request.getScope(), request.getResourceIds(), request.getRedirectUri(),
            request.getResponseTypes(), request.getExtensions());

    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    FilterInvocation invocation = new FilterInvocation("/foo", "GET");
    Expression expression = handler.getExpressionParser()

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    params.put("scope", "foo");
  }

  @Test(expected=InvalidScopeException.class)
  public void testNotPermittedForEmpty() {
    AuthorizationRequest request = factory.createAuthorizationRequest(params);
    request.setScope(Collections.<String>emptySet());
    validator.validateScope(request, client);;
  }

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    validator.validateScope(request, client);;
  }

  @Test(expected=InvalidScopeException.class)
  public void testNotPermittedForAuthorization() {
    AuthorizationRequest request = factory.createAuthorizationRequest(params );
    request.setScope(Collections.singleton("foo"));
    validator.validateScope(request, client);
  }

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    validator.validateScope(request, client);
  }

  @Test(expected=InvalidScopeException.class)
  public void testNotPermittedForScope() {
    AuthorizationRequest request = factory.createAuthorizationRequest(params );
    TokenRequest tokenRequest = factory.createTokenRequest(request, "authorization_code");
    tokenRequest.setScope(Collections.singleton("foo"));
    validator.validateScope(tokenRequest, client);;
  }

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    assertTrue((Boolean) expression.getValue(handler.createEvaluationContext(oAuth2Authentication, invocation)));
  }

  @Test(expected = AccessDeniedException.class)
  public void testInsufficientScope() throws Exception {
    AuthorizationRequest request = new AuthorizationRequest("foo", Collections.singleton("read"));
    request.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "bar", "",
        "client_credentials", "ROLE_USER"));
    OAuth2Request clientAuthentication = request.createOAuth2Request();
    Authentication userAuthentication = null;
    OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
    OAuth2SecurityExpressionMethods root = new OAuth2SecurityExpressionMethods(oAuth2Authentication);
    boolean hasAnyScope = root.hasAnyScope("foo");
    root.throwOnError(hasAnyScope);

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    SecurityContextHolder.clearContext();
  }

  @Test
  public void testCreateAuthorizationRequest() {
    AuthorizationRequest request = factory.createAuthorizationRequest(Collections.singletonMap("client_id", "foo"));
    assertEquals("foo", request.getClientId());
  }

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

    assertEquals("foo", request.getClientId());
  }

  @Test
  public void testCreateAuthorizationRequestWithDefaultScopes() {
    AuthorizationRequest request = factory.createAuthorizationRequest(Collections.singletonMap("client_id", "foo"));
    assertEquals("[bar]", request.getScope().toString());
  }

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

  }

  @Test
  public void testCreateAuthorizationRequestWithUserRoles() {
    factory.setCheckUserScopes(true);
    AuthorizationRequest request = factory.createAuthorizationRequest(Collections.singletonMap("client_id", "foo"));
    assertEquals("foo", request.getClientId());
    assertEquals("[bar]", request.getScope().toString());
  }