Examples of org.springframework.security.oauth2.common.DefaultOAuth2AccessToken

• org.springframework.security.oauth2.common.DefaultOAuth2AccessToken
  Basic access token for OAuth 2. @author Ryan Heaton @author Dave Syer @author Rob Winch

  @Test
  public void additionalInfoPreservedWhenTokenDecoded() {
    TokenEnhancer info = new TokenEnhancer() {
      @Override
      public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
        DefaultOAuth2AccessToken result = new DefaultOAuth2AccessToken(accessToken);
        result.getAdditionalInformation().put("foo", "bar");
        return result;
      }
    };
    enhancer.setTokenEnhancers(Arrays.<TokenEnhancer> asList(info , jwtTokenEnhancer));
    OAuth2AccessToken token = tokenServices.createAccessToken(authentication);

        Collections.singleton("resource"), null, null, null);
  }

  @Test
  public void extractAuthentication() {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
    OAuth2Authentication authentication = new OAuth2Authentication(request, userAuthentication);
    token.setScope(authentication.getOAuth2Request().getScope());
    Map<String, ?> map = converter.convertAccessToken(token, authentication);
    assertTrue(map.containsKey(AccessTokenConverter.AUD));
    assertTrue(map.containsKey(AccessTokenConverter.SCOPE));
    assertTrue(map.containsKey(AccessTokenConverter.AUTHORITIES));
    OAuth2Authentication extracted = converter.extractAuthentication(map);

    assertTrue(extracted.getOAuth2Request().getResourceIds().contains("resource"));
  }

  @Test
  public void extractAuthenticationFromClientToken() {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO");
    OAuth2Authentication authentication = new OAuth2Authentication(request, null);
    token.setScope(authentication.getOAuth2Request().getScope());
    Map<String, ?> map = converter.convertAccessToken(token, authentication);
    assertTrue(map.containsKey(AccessTokenConverter.AUD));
    assertTrue(map.containsKey(AccessTokenConverter.SCOPE));
    assertTrue(map.containsKey(AccessTokenConverter.AUTHORITIES));
    OAuth2Authentication extracted = converter.extractAuthentication(map);

    db.shutdown();
  }

  @Test
  public void testSaveAndRetrieveToken() throws Exception {
    OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
    Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    resource.setClientId("client");
    resource.setScope(Arrays.asList("foo", "bar"));
    tokenStore.saveAccessToken(resource, authentication, accessToken);

    assertEquals(accessToken, result);
  }

  @Test
  public void testSaveAndRemoveToken() throws Exception {
    OAuth2AccessToken accessToken = new DefaultOAuth2AccessToken("FOO");
    Authentication authentication = new UsernamePasswordAuthenticationToken("marissa", "koala");
    AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
    resource.setClientId("client");
    resource.setScope(Arrays.asList("foo", "bar"));
    tokenStore.saveAccessToken(resource, authentication, accessToken);

    Mockito.when(request.execute()).thenReturn(response);
  }

  @Test
  public void testNonBearerToken() throws Exception {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("12345");
    token.setTokenType("MINE");
    restTemplate.getOAuth2ClientContext().setAccessToken(token);
    ClientHttpRequest http = restTemplate.createRequest(URI.create("https://nowhere.com/api/crap"), HttpMethod.GET);
    String auth = http.getHeaders().getFirst("Authorization");
    assertTrue(auth.startsWith("MINE "));
  }

    assertTrue(auth.startsWith("MINE "));
  }

  @Test
  public void testCustomAuthenticator() throws Exception {
    DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("12345");
    token.setTokenType("MINE");
    restTemplate.setAuthenticator(new OAuth2RequestAuthenticator() {
      @Override
      public void authenticate(OAuth2ProtectedResourceDetails resource, OAuth2ClientContext clientContext, ClientHttpRequest req) {
        req.getHeaders().set("X-Authorization", clientContext.getAccessToken().getTokenType() + " " + "Nah-nah-na-nah-nah");
      }

  /**
   * tests appendQueryParameter
   */
  @Test
  public void testAppendQueryParameter() throws Exception {
    OAuth2AccessToken token = new DefaultOAuth2AccessToken("12345");
    URI appended = restTemplate.appendQueryParameter(URI.create("https://graph.facebook.com/search?type=checkin"),
        token);
    assertEquals("https://graph.facebook.com/search?type=checkin&bearer_token=12345", appended.toString());
  }

  /**
   * tests appendQueryParameter
   */
  @Test
  public void testAppendQueryParameterWithNoExistingParameters() throws Exception {
    OAuth2AccessToken token = new DefaultOAuth2AccessToken("12345");
    URI appended = restTemplate.appendQueryParameter(URI.create("https://graph.facebook.com/search"), token);
    assertEquals("https://graph.facebook.com/search?bearer_token=12345", appended.toString());
  }

  /**
   * tests encoding of access token value
   */
  @Test
  public void testDoubleEncodingOfParameterValue() throws Exception {
    OAuth2AccessToken token = new DefaultOAuth2AccessToken("1/qIxxx");
    URI appended = restTemplate.appendQueryParameter(URI.create("https://graph.facebook.com/search"), token);
    assertEquals("https://graph.facebook.com/search?bearer_token=1%2FqIxxx", appended.toString());
  }