Examples of OAuth2Request

• org.springframework.security.oauth2.provider.OAuth2Request
  Represents a stored authorization or token request. Used as part of the OAuth2Authentication object to store a request's authentication information. Does not expose public setters so that clients can not mutate state if they respect the declared type of the request. @author Amanda Anganes @author Dave Syer

Examples of org.springframework.security.oauth2.provider.OAuth2Request

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
      throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
    String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
        OAuth2Utils.REDIRECT_URI);

    if ((redirectUri != null || redirectUriApprovalParameter != null)
        && !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
      throw new RedirectMismatchException("Redirect URI mismatch.");
    }

    String pendingClientId = pendingOAuth2Request.getClientId();
    String clientId = tokenRequest.getClientId();
    if (clientId != null && !clientId.equals(pendingClientId)) {
      // just a sanity check.
      throw new InvalidClientException("Client ID mismatch");
    }

    // Secret is not required in the authorization request, so it won't be available
    // in the pendingAuthorizationRequest. We do want to check that a secret is provided
    // in the token request, but that happens elsewhere.

    Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
        .getRequestParameters());
    // Combine the parameters adding the new ones last so they override if there are any clashes
    combinedParameters.putAll(parameters);

    // Make a new stored request with the combined parameters
    OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);

    Authentication userAuth = storedAuth.getUserAuthentication();

    return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);

Examples of org.springframework.security.oauth2.provider.OAuth2Request

    if (!(authentication instanceof OAuth2Authentication)) {
      return result;
    }

    OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication;
    OAuth2Request clientAuthentication = oauth2Authentication.getOAuth2Request();
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuthentication.getClientId());
    Set<String> scopes = clientAuthentication.getScope();
    if (oauth2Authentication.isClientOnly() && clientAuthoritiesAreScopes) {
      scopes = AuthorityUtils.authorityListToSet(clientAuthentication.getAuthorities());
    }

    for (ConfigAttribute attribute : attributes) {
      if (this.supports(attribute)) {

Examples of org.springframework.security.oauth2.provider.OAuth2Request

      if (denyAccess.equals(attribute.getAttribute())) {
        return ACCESS_DENIED;
      }
    }

    OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();

    for (ConfigAttribute attribute : attributes) {
      if (this.supports(attribute)) {
        result = ACCESS_DENIED;

        Set<String> scopes = clientAuthentication.getScope();
        for (String scope : scopes) {
          if (attribute.getAttribute().toUpperCase().equals((scopePrefix + scope).toUpperCase())) {
            return ACCESS_GRANTED;
          }
        }

Examples of org.springframework.security.oauth2.provider.OAuth2Request

        if (clientAuth.isAuthenticated()) {
          // Ensure the OAuth2Authentication is authenticated
          authorizationRequest.setApproved(true);
        }

        OAuth2Request storedOAuth2Request = oAuth2RequestFactory.createOAuth2Request(authorizationRequest);

        SecurityContextHolder.getContext().setAuthentication(
            new OAuth2Authentication(storedOAuth2Request, authResult));

        onSuccessfulAuthentication(request, response, authResult);

Examples of org.springframework.security.oauth2.provider.OAuth2Request

    }
    if (userAuth == null || !userAuth.isAuthenticated()) {
      throw new InvalidGrantException("Could not authenticate user: " + username);
    }

    OAuth2Request storedOAuth2Request = getRequestFactory().createOAuth2Request(client, tokenRequest);
    return new OAuth2Authentication(storedOAuth2Request, userAuth);
  }

Examples of org.springframework.security.oauth2.provider.OAuth2Request

  public void store(OAuth2Request originalRequest, TokenRequest tokenRequest) {
    this.requestStore.put(tokenRequest, originalRequest);
  }

  public OAuth2Request remove(TokenRequest tokenRequest) {
    OAuth2Request request = this.requestStore.remove(tokenRequest);
    return request;
  }

Examples of org.springframework.security.oauth2.provider.OAuth2Request

    if (userAuth==null || !userAuth.isAuthenticated()) {
      throw new InsufficientAuthenticationException("There is no currently logged in user");
    }
    Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest.");

    OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request();

    return new OAuth2Authentication(requestForStorage, userAuth);

  }

Examples of org.springframework.security.oauth2.provider.OAuth2Request

    this.userTokenConverter = userTokenConverter;
  }

  public Map<String, ?> convertAccessToken(OAuth2AccessToken token, OAuth2Authentication authentication) {
    Map<String, Object> response = new HashMap<String, Object>();
    OAuth2Request clientToken = authentication.getOAuth2Request();

    if (!authentication.isClientOnly()) {
      response.putAll(userTokenConverter.convertUserAuthentication(authentication.getUserAuthentication()));
    } else {
      if (clientToken.getAuthorities()!=null && !clientToken.getAuthorities().isEmpty()) {
        response.put(UserAuthenticationConverter.AUTHORITIES, clientToken.getAuthorities());
      }
    }

    if (token.getScope()!=null) {
      response.put(SCOPE, token.getScope());
    }
    if (token.getAdditionalInformation().containsKey(JTI)) {
      response.put(JTI, token.getAdditionalInformation().get(JTI));
    }

    if (token.getExpiration() != null) {
      response.put(EXP, token.getExpiration().getTime() / 1000);
    }

    response.putAll(token.getAdditionalInformation());

    response.put(CLIENT_ID, clientToken.getClientId());
    if (clientToken.getResourceIds() != null && !clientToken.getResourceIds().isEmpty()) {
      response.put(AUD, clientToken.getResourceIds());
    }
    return response;
  }

Examples of org.springframework.security.oauth2.provider.OAuth2Request

    String clientId = (String) map.get(CLIENT_ID);
    parameters.put(CLIENT_ID, clientId);
    @SuppressWarnings("unchecked")
    Set<String> resourceIds = new LinkedHashSet<String>(map.containsKey(AUD) ? (Collection<String>) map.get(AUD)
        : Collections.<String>emptySet());
    OAuth2Request request = new OAuth2Request(parameters, clientId, null, true, scope, resourceIds, null, null,
        null);
    return new OAuth2Authentication(request, user);
  }

Examples of org.springframework.security.oauth2.provider.OAuth2Request

 */
public abstract class OAuth2ExpressionUtils {

  public static boolean clientHasAnyRole(Authentication authentication, String... roles) {
    if (authentication instanceof OAuth2Authentication) {
      OAuth2Request clientAuthentication = ((OAuth2Authentication) authentication).getOAuth2Request();
      Collection<? extends GrantedAuthority> clientAuthorities = clientAuthentication.getAuthorities();
      if (clientAuthorities != null) {
        Set<String> roleSet = AuthorityUtils.authorityListToSet(clientAuthorities);
        for (String role : roles) {
          if (roleSet.contains(role)) {
            return true;