Examples of OAuth2AccessTokenEntity

org.mitre.oauth2.model.OAuth2AccessTokenEntity
@author jricher

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

  }


  @RequestMapping(value = "/access/{id}", method = RequestMethod.DELETE, produces = "application/json")
  public String deleteAccessTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) {


    OAuth2AccessTokenEntity token = tokenService.getAccessTokenById(id);


    if (token == null) {
      logger.error("getToken failed; token not found: " + id);
      m.put("code", HttpStatus.NOT_FOUND);
      m.put("errorMessage", "The requested token with id " + id + " could not be found.");
      return JsonErrorView.VIEWNAME;
    } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
      logger.error("getToken failed; token does not belong to principal " + p.getName());
      m.put("code", HttpStatus.FORBIDDEN);
      m.put("errorMessage", "You do not have permission to view this token");
      return JsonErrorView.VIEWNAME;
    } else {

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

  public String getRegistrationTokenByClientId(@PathVariable("clientId") String clientId, ModelMap m, Principal p) {
    
    ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
    
    if (client != null) {
      OAuth2AccessTokenEntity token = tokenService.getRegistrationAccessTokenForClient(client);
      if (token != null) {
        m.put("entity", token);
        return TokenApiView.VIEWNAME;
      } else {
        m.put("code", HttpStatus.NOT_FOUND);

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

  @RequestMapping(value = "/registration/{clientId}", method = RequestMethod.PUT, produces = "application/json")
  public String rotateRegistrationTokenByClientId(@PathVariable("clientId") String clientId, ModelMap m, Principal p) {
    ClientDetailsEntity client = clientService.loadClientByClientId(clientId);
    
    if (client != null) {
      OAuth2AccessTokenEntity token = oidcTokenService.rotateRegistrationAccessTokenForClient(client);
      token = tokenService.saveAccessToken(token);
      
      if (token != null) {
        m.put("entity", token);
        return TokenApiView.VIEWNAME;

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

    }


    try {
      // check and handle access tokens first


      OAuth2AccessTokenEntity accessToken = tokenServices.readAccessToken(tokenValue);
      if (authRequest != null) {
        // client acting on its own, make sure it owns the token
        if (!accessToken.getClient().getClientId().equals(authRequest.getClientId())) {
          // trying to revoke a token we don't own, throw a 403
          model.addAttribute("code", HttpStatus.FORBIDDEN);
          return HttpCodeView.VIEWNAME;
        }
      }

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

    Integer accessTokenValiditySeconds = 3600;


    Mockito.when(client.getAccessTokenValiditySeconds()).thenReturn(accessTokenValiditySeconds);


    long start = System.currentTimeMillis();
    OAuth2AccessTokenEntity token = service.refreshAccessToken(refreshTokenValue, tokenRequest);
    long end = System.currentTimeMillis();


    // Accounting for some delta for time skew on either side.
    Date lowerBoundAccessTokens = new Date(start + (accessTokenValiditySeconds * 1000L) - DELTA);
    Date upperBoundAccessTokens = new Date(end + (accessTokenValiditySeconds * 1000L) + DELTA);


    assertTrue(token.getExpiration().after(lowerBoundAccessTokens) && token.getExpiration().before(upperBoundAccessTokens));
  }

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity


    @Test
    public void shouldAssembleExpectedResultForAccessToken() {


        // given
        OAuth2AccessTokenEntity accessToken = accessToken(new Date(123), scopes("foo", "bar"), "Bearer",
                authentication("name", request("clientId")));


        UserInfo userInfo = userInfo("sub");


        // when

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity


    @Test
    public void shouldAssembleExpectedResultForAccessTokenWithoutUserInfo() {


        // given
        OAuth2AccessTokenEntity accessToken = accessToken(new Date(123), scopes("foo", "bar"), "Bearer",
                authentication("name", request("clientId")));


        // when
        Map<String, Object> result = assembler.assembleFrom(accessToken, null);

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity


    @Test
    public void shouldAssembleExpectedResultForAccessTokenWithoutExpiry() {


        // given
        OAuth2AccessTokenEntity accessToken = accessToken(null, scopes("foo", "bar"), "Bearer",
                authentication("name", request("clientId")));


        UserInfo userInfo = userInfo("sub");


        // when

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

        given(userInfo.getSub()).willReturn(sub);
        return userInfo;
    }


    private OAuth2AccessTokenEntity accessToken(Date exp, Set<String> scopes, String tokenType, OAuth2Authentication authentication) {
        OAuth2AccessTokenEntity accessToken = mock(OAuth2AccessTokenEntity.class, RETURNS_DEEP_STUBS);
        given(accessToken.getExpiration()).willReturn(exp);
        given(accessToken.getScope()).willReturn(scopes);
        given(accessToken.getTokenType()).willReturn(tokenType);
        given(accessToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return accessToken;
    }

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2AccessTokenEntity

   */
  @Override
  protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) throws AuthenticationException, InvalidTokenException {
    // read and load up the existing token
    String incomingTokenValue = tokenRequest.getRequestParameters().get("token");
    OAuth2AccessTokenEntity incomingToken = tokenServices.readAccessToken(incomingTokenValue);


    // check for scoping in the request, can't up-scope with a chained request
    Set<String> approvedScopes = incomingToken.getScope();
    Set<String> requestedScopes = tokenRequest.getScope();


    if (requestedScopes == null) {
      requestedScopes = new HashSet<String>();
    }


    // do a check on the requested scopes -- if they exactly match the client scopes, they were probably shadowed by the token granter
    if (client.getScope().equals(requestedScopes)) {
      requestedScopes = new HashSet<String>();
    }


    // if our scopes are a valid subset of what's allowed, we can continue
    if (approvedScopes.containsAll(requestedScopes)) {


      if (requestedScopes.isEmpty()) {
        // if there are no scopes, inherit the original scopes from the token
        tokenRequest.setScope(approvedScopes);
      } else {
        // if scopes were asked for, give only the subset of scopes requested
        // this allows safe downscoping
        tokenRequest.setScope(Sets.intersection(requestedScopes, approvedScopes));
      }


      // NOTE: don't revoke the existing access token


      // create a new access token
      OAuth2Authentication authentication = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), incomingToken.getAuthenticationHolder().getAuthentication().getUserAuthentication());


      return authentication;


    } else {
      throw new InvalidScopeException("Invalid scope requested in chained request", approvedScopes);

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.