Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

• org.springframework.security.oauth2.provider.OAuth2Authentication
  A request for authorization by an OAuth 2 Client, normally received and processed by the AuthorizationEndpoint. This class is meant to be manipulated throughout the authorization process, and is therefore treated as ephemeral and not to be stored long term. For long term storage, use the read-only {@link OAuth2Request} class.HTTP request parameters are stored in the parameters map, and any processing the server makes throughout the lifecycle of a request are stored on individual properties. The original request parameters will remain available through the parameters map. For convenience, constants are defined in order to get at those original values. However, the parameters map is unmodifiable so that processing cannot drop the original values. This class is {@link Serializable} in order to support storage of theauthorization request as a {@link SessionAttributes} member while the enduser through the authorization process (which may span several page requests). @author Ryan Heaton @author Dave Syer @author Amanda Anganes

  public void testAutoapprovedAllScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("true")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }

  @Test
  public void testExpiredPreapprovedScopes() {
    store.addApprovals(Arrays.asList(new Approval("user", "client", "read", new Date(
        System.currentTimeMillis() - 10000), Approval.ApprovalStatus.APPROVED)));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertFalse(result.isApproved());
  }

    db = new GreenhouseTestDatabaseBuilder().member().connectedApp().testData(getClass()).getDatabase();
    tokenStore = new JdbcTokenStore(db);
      jdbcTemplate = new JdbcTemplate(db);
      controller = new SettingsController(tokenStore, jdbcTemplate);

      AuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest("a08318eb478a1ee31f69a55276f3af64", Arrays.asList("read", "write"));
    Authentication userAuthentication = new UsernamePasswordAuthenticationToken("1", "whateveryouwantittobe");
    tokenStore.storeAccessToken(new DefaultOAuth2AccessToken("authme"), new OAuth2Authentication(authorizationRequest, userAuthentication));
      assertEquals(1, tokenStore.findTokensByUserName("1").size());
    }

  private ClientDetailsService clientDetailsService;

  @RequestMapping("/oauth/confirm_access")
  public ModelAndView getAccessConfirmation(Map<String, Object> model) throws Exception {
    AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
    ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
    model.put("auth_request", clientAuth);
    model.put("client", client);
    return new ModelAndView("access_confirmation", model);
  }

    // then
    assertThat(permitted, is(false));
  }

  private ClientDetails clientWithId(String clientId) {
    ClientDetails client = mock(ClientDetails.class);
    given(client.getClientId()).willReturn(clientId);
    return client;
  }

    return client;
  }

  private ClientDetails clientWithIdAndScope(String clientId,
      Set<String> scope) {
    ClientDetails client = clientWithId(clientId);
    given(client.getScope()).willReturn(scope);
    return client;
  }

  @Override
  public AuthorizationRequest updateAfterApproval(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {

    String userId = userAuthentication.getName();
    String clientId = authorizationRequest.getClientId();
    ClientDetails client = clientDetailsService.loadClientByClientId(clientId);

    // This must be re-parsed here because SECOAUTH forces us to call things in a strange order
    if (Boolean.parseBoolean(authorizationRequest.getApprovalParameters().get("user_oauth_approval"))
        && authorizationRequest.getExtensions().get("csrf") != null
        && authorizationRequest.getExtensions().get("csrf").equals(authorizationRequest.getApprovalParameters().get("csrf"))) {

      authorizationRequest.setApproved(true);

      // process scopes from user input
      Set<String> allowedScopes = Sets.newHashSet();
      Map<String,String> approvalParams = authorizationRequest.getApprovalParameters();

      Set<String> keys = approvalParams.keySet();

      for (String key : keys) {
        if (key.startsWith("scope_")) {
          //This is a scope parameter from the approval page. The value sent back should
          //be the scope string. Check to make sure it is contained in the client's
          //registered allowed scopes.

          String scope = approvalParams.get(key);
          Set<String> approveSet = Sets.newHashSet(scope);

          //Make sure this scope is allowed for the given client
          if (systemScopes.scopesMatch(client.getScope(), approveSet)) {

            // If it's structured, assign the user-specified parameter
            SystemScope systemScope = systemScopes.getByValue(scope);
            if (systemScope != null && systemScope.isStructured()){
              String paramValue = approvalParams.get("scopeparam_" + scope);

        DBObject userAuthorization = (DBObject)source.get("userAuthentication");
        Object principal = getPrincipalObject(userAuthorization.get("principal"));
        Authentication userAuthentication = new UsernamePasswordAuthenticationToken(principal,
                userAuthorization.get("credentials"), getAuthorities((List) userAuthorization.get("authorities")));

        return new OAuth2Authentication(oAuth2Request,  userAuthentication );
    }

            writer.beginObject();
            writer.name("id").value(holder.getId());
            writer.name("ownerId").value(holder.getOwnerId());
            writer.name("authentication");
            writer.beginObject();
            OAuth2Authentication oa2Auth = holder.getAuthentication();
            writer.name("clientAuthorization");
            writeAuthorizationRequest(oa2Auth.getOAuth2Request(), writer);
            String userAuthentication = base64UrlEncodeObject(oa2Auth.getUserAuthentication());
            writer.name("userAuthentication").value(userAuthentication);
            writer.endObject();
            writer.endObject();
            logger.debug("Wrote authentication holder {}", holder.getId());
        }

                                        reader.skipValue();
                                        continue;
                                }
                            }
                            reader.endObject();
                            OAuth2Authentication auth = new OAuth2Authentication(clientAuthorization, userAuthentication);
                            ahe.setAuthentication(auth);
                        } else {
                            logger.debug("Found unexpected entry");
                            reader.skipValue();
                        }