Package org.springframework.security.oauth.examples.sparklr.mvc

Source Code of org.springframework.security.oauth.examples.sparklr.mvc.AdminController

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package org.springframework.security.oauth.examples.sparklr.mvc;

import java.security.Principal;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;

import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.oauth.examples.sparklr.oauth.SparklrUserApprovalHandler;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;

/**
* Controller for resetting the token store for testing purposes.
*
* @author Dave Syer
*/
@Controller
public class AdminController {

  private ConsumerTokenServices tokenServices;

  private TokenStore tokenStore;

  private SparklrUserApprovalHandler userApprovalHandler;

  @RequestMapping("/oauth/cache_approvals")
  @ResponseStatus(HttpStatus.NO_CONTENT)
  public void startCaching() throws Exception {
    userApprovalHandler.setUseApprovalStore(true);
  }

  @RequestMapping("/oauth/uncache_approvals")
  @ResponseStatus(HttpStatus.NO_CONTENT)
  public void stopCaching() throws Exception {
    userApprovalHandler.setUseApprovalStore(false);
  }

  @RequestMapping("/oauth/clients/{client}/users/{user}/tokens")
  @ResponseBody
  public Collection<OAuth2AccessToken> listTokensForUser(@PathVariable String client, @PathVariable String user,
      Principal principal) throws Exception {
    checkResourceOwner(user, principal);
    return enhance(tokenStore.findTokensByClientIdAndUserName(client, user));
  }

  @RequestMapping(value = "/oauth/users/{user}/tokens/{token}", method = RequestMethod.DELETE)
  public ResponseEntity<Void> revokeToken(@PathVariable String user, @PathVariable String token, Principal principal)
      throws Exception {
    checkResourceOwner(user, principal);
    if (tokenServices.revokeToken(token)) {
      return new ResponseEntity<Void>(HttpStatus.NO_CONTENT);
    }
    else {
      return new ResponseEntity<Void>(HttpStatus.NOT_FOUND);
    }
  }

  @RequestMapping("/oauth/clients/{client}/tokens")
  @ResponseBody
  public Collection<OAuth2AccessToken> listTokensForClient(@PathVariable String client) throws Exception {
    return enhance(tokenStore.findTokensByClientId(client));
  }

  private Collection<OAuth2AccessToken> enhance(Collection<OAuth2AccessToken> tokens) {
    Collection<OAuth2AccessToken> result = new ArrayList<OAuth2AccessToken>();
    for (OAuth2AccessToken prototype : tokens) {
      DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(prototype);
      OAuth2Authentication authentication = tokenStore.readAuthentication(token);
      if (authentication == null) {
        continue;
      }
      String clientId = authentication.getOAuth2Request().getClientId();
      if (clientId != null) {
        Map<String, Object> map = new HashMap<String, Object>(token.getAdditionalInformation());
        map.put("client_id", clientId);
        token.setAdditionalInformation(map);
        result.add(token);
      }
    }
    return result;
  }

  private void checkResourceOwner(String user, Principal principal) {
    if (principal instanceof OAuth2Authentication) {
      OAuth2Authentication authentication = (OAuth2Authentication) principal;
      if (!authentication.isClientOnly() && !user.equals(principal.getName())) {
        throw new AccessDeniedException(String.format("User '%s' cannot obtain tokens for user '%s'",
            principal.getName(), user));
      }
    }
  }

  /**
   * @param userApprovalHandler the userApprovalHandler to set
   */
  public void setUserApprovalHandler(SparklrUserApprovalHandler userApprovalHandler) {
    this.userApprovalHandler = userApprovalHandler;
  }

  /**
   * @param tokenServices the consumerTokenServices to set
   */
  public void setTokenServices(ConsumerTokenServices tokenServices) {
    this.tokenServices = tokenServices;
  }

  /**
   * @param tokenStore the tokenStore to set
   */
  public void setTokenStore(TokenStore tokenStore) {
    this.tokenStore = tokenStore;
  }

}
TOP

Related Classes of org.springframework.security.oauth.examples.sparklr.mvc.AdminController

  • org.springframework.security.oauth.examples.sparklr.config.WebMvcConfig
  • org.springframework.security.oauth2.common.DefaultOAuth2AccessToken
  • org.springframework.security.oauth2.provider.OAuth2Authentication
  • org.springframework.security.access.AccessDeniedException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.