Examples of OAuth2RefreshTokenEntity

org.mitre.oauth2.model.OAuth2RefreshTokenEntity
@author jricher

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

    private void fixObjectReferences() {
        for (Long oldRefreshTokenId : refreshTokenToClientRefs.keySet()) {
            String clientRef = refreshTokenToClientRefs.get(oldRefreshTokenId);
            ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
            Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
            OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
            refreshToken.setClient(client);
            tokenRepository.saveRefreshToken(refreshToken);
        }
        refreshTokenToClientRefs.clear();
        for (Long oldRefreshTokenId : refreshTokenToAuthHolderRefs.keySet()) {
            Long oldAuthHolderId = refreshTokenToAuthHolderRefs.get(oldRefreshTokenId);
            Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
            AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
            Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
            OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
            refreshToken.setAuthenticationHolder(authHolder);
            tokenRepository.saveRefreshToken(refreshToken);
        }
        refreshTokenToAuthHolderRefs.clear();
        for (Long oldAccessTokenId : accessTokenToClientRefs.keySet()) {
            String clientRef = accessTokenToClientRefs.get(oldAccessTokenId);
            ClientDetailsEntity client = clientRepository.getClientByClientId(clientRef);
            Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
            OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
            accessToken.setClient(client);
            tokenRepository.saveAccessToken(accessToken);
        }
        accessTokenToClientRefs.clear();
        for (Long oldAccessTokenId : accessTokenToAuthHolderRefs.keySet()) {
            Long oldAuthHolderId = accessTokenToAuthHolderRefs.get(oldAccessTokenId);
            Long newAuthHolderId = authHolderOldToNewIdMap.get(oldAuthHolderId);
            AuthenticationHolderEntity authHolder = authHolderRepository.getById(newAuthHolderId);
            Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
            OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
            accessToken.setAuthenticationHolder(authHolder);
            tokenRepository.saveAccessToken(accessToken);
        }
        accessTokenToAuthHolderRefs.clear();
        for (Long oldAccessTokenId : accessTokenToRefreshTokenRefs.keySet()) {
            Long oldRefreshTokenId = accessTokenToRefreshTokenRefs.get(oldAccessTokenId);
            Long newRefreshTokenId = refreshTokenOldToNewIdMap.get(oldRefreshTokenId);
            OAuth2RefreshTokenEntity refreshToken = tokenRepository.getRefreshTokenById(newRefreshTokenId);
            Long newAccessTokenId = accessTokenOldToNewIdMap.get(oldAccessTokenId);
            OAuth2AccessTokenEntity accessToken = tokenRepository.getAccessTokenById(newAccessTokenId);
            accessToken.setRefreshToken(refreshToken);
            tokenRepository.saveAccessToken(accessToken);
        }

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

  }


  @Override
  @Transactional
  public void removeRefreshToken(OAuth2RefreshTokenEntity refreshToken) {
    OAuth2RefreshTokenEntity found = getRefreshTokenByValue(refreshToken.getValue());
    if (found != null) {
      manager.remove(found);
    } else {
      throw new IllegalArgumentException("Refresh token not found: " + refreshToken);
    }

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

      model.addAttribute("entity", entity);
      return JsonEntityView.VIEWNAME;
    }


        OAuth2AccessTokenEntity accessToken = null;
        OAuth2RefreshTokenEntity refreshToken = null;
    ClientDetailsEntity tokenClient;
    Set<String> scopes;
    UserInfo user;


    try {


      // check access tokens first (includes ID tokens)
      accessToken = tokenServices.readAccessToken(tokenValue);


      tokenClient = accessToken.getClient();
      scopes = accessToken.getScope();


            user = userInfoService.getByUsernameAndClientId(accessToken.getAuthenticationHolder().getAuthentication().getName(), tokenClient.getClientId());


    } catch (InvalidTokenException e) {
      logger.info("Verify failed; Invalid access token. Checking refresh token.");
      try {


        // check refresh tokens next
        refreshToken = tokenServices.getRefreshToken(tokenValue);


        tokenClient = refreshToken.getClient();
        scopes = refreshToken.getAuthenticationHolder().getAuthentication().getOAuth2Request().getScope();


        user = userInfoService.getByUsernameAndClientId(refreshToken.getAuthenticationHolder().getAuthentication().getName(), tokenClient.getClientId());


      } catch (InvalidTokenException e2) {
        logger.error("Verify failed; Invalid access/refresh token", e2);
        Map<String,Boolean> entity = ImmutableMap.of("active", Boolean.FALSE);
        model.addAttribute("entity", entity);

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

  }


  @RequestMapping(value = "/refresh/{id}", method = RequestMethod.GET, produces = "application/json")
  public String getRefreshTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) {


    OAuth2RefreshTokenEntity token = tokenService.getRefreshTokenById(id);


    if (token == null) {
      logger.error("refresh token not found: " + id);
      m.put("code", HttpStatus.NOT_FOUND);
      m.put("errorMessage", "The requested token with id " + id + " could not be found.");
      return JsonErrorView.VIEWNAME;
    } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
      logger.error("refresh token " + id + " does not belong to principal " + p.getName());
      m.put("code", HttpStatus.FORBIDDEN);
      m.put("errorMessage", "You do not have permission to view this token");
      return JsonErrorView.VIEWNAME;
    } else {

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

  }


  @RequestMapping(value = "/refresh/{id}", method = RequestMethod.DELETE, produces = "application/json")
  public String deleteRefreshTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) {


    OAuth2RefreshTokenEntity token = tokenService.getRefreshTokenById(id);


    if (token == null) {
      logger.error("refresh token not found: " + id);
      m.put("code", HttpStatus.NOT_FOUND);
      m.put("errorMessage", "The requested token with id " + id + " could not be found.");
      return JsonErrorView.VIEWNAME;
    } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) {
      logger.error("refresh token " + id + " does not belong to principal " + p.getName());
      m.put("code", HttpStatus.FORBIDDEN);
      m.put("errorMessage", "You do not have permission to view this token");
      return JsonErrorView.VIEWNAME;
    } else {

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

    } catch (InvalidTokenException e) {


      // access token wasn't found, check the refresh token


      try {
        OAuth2RefreshTokenEntity refreshToken = tokenServices.getRefreshToken(tokenValue);
        if (authRequest != null) {
          // client acting on its own, make sure it owns the token
          if (!refreshToken.getClient().getClientId().equals(authRequest.getClientId())) {
            // trying to revoke a token we don't own, throw a 403
            model.addAttribute("code", HttpStatus.FORBIDDEN);
            return HttpCodeView.VIEWNAME;
          }
        }

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity


    @Test
    public void shouldAssembleExpectedResultForRefreshToken() {


        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(new Date(123),
                authentication("name", request("clientId", scopes("foo",  "bar"))));


        UserInfo userInfo = userInfo("sub");


        // when

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity


    @Test
    public void shouldAssembleExpectedResultForRefreshTokenWithoutUserInfo() {


        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(new Date(123),
                authentication("name", request("clientId", scopes("foo",  "bar"))));


        // when
        Map<String, Object> result = assembler.assembleFrom(refreshToken, null);

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity


    @Test
    public void shouldAssembleExpectedResultForRefreshTokenWithoutExpiry() {


        // given
        OAuth2RefreshTokenEntity refreshToken = refreshToken(null,
                authentication("name", request("clientId", scopes("foo",  "bar"))));


        UserInfo userInfo = userInfo("sub");


        // when

View Full Code Here

Examples of org.mitre.oauth2.model.OAuth2RefreshTokenEntity

        given(accessToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return accessToken;
    }


    private OAuth2RefreshTokenEntity refreshToken(Date exp, OAuth2Authentication authentication) {
        OAuth2RefreshTokenEntity refreshToken = mock(OAuth2RefreshTokenEntity.class, RETURNS_DEEP_STUBS);
        given(refreshToken.getExpiration()).willReturn(exp);
        given(refreshToken.getAuthenticationHolder().getAuthentication()).willReturn(authentication);
        return refreshToken;
    }

View Full Code Here

0 1 2

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.