/** * Convenience constructor for unit tests, where client ID and scope are * often the only needed fields. * * @param clientId * @param scopes */ public AuthorizationRequest(String clientId, Collection<String> scopes) { setClientId(clientId); setScope(scopes); // in case we need to parse }
/** * Full constructor. */ public AuthorizationRequest(Map<String, String> authorizationParameters, Map<String, String> approvalParameters, String clientId, Set<String> scope, Set<String> resourceIds, Collection<? extends GrantedAuthority> authorities, boolean approved, String state, String redirectUri, Set<String> responseTypes) { setClientId(clientId); setRequestParameters(authorizationParameters); // in case we need to // wrap the collection setScope(scope); // in case we need to parse if (resourceIds != null) { this.resourceIds = new HashSet<String>(resourceIds); } if (authorities != null) { this.authorities = new HashSet<GrantedAuthority>(authorities); } this.approved = approved; this.resourceIds = resourceIds; this.redirectUri = redirectUri; if (responseTypes != null) { this.responseTypes = responseTypes; } this.state = state; }
@Test(expected = InvalidRequestException.class) public void testApproveWithModifiedClientId() { AuthorizationRequest authorizationRequest = getAuthorizationRequest( "foo", "http://anywhere.com", "state-1234", "read", Collections.singleton("code")); model.put("authorizationRequest", authorizationRequest); model.put("org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint.ORIGINAL_AUTHORIZATION_REQUEST", uaaAuthorizationEndpoint.unmodifiableMap(authorizationRequest)); authorizationRequest.setClientId("bar"); // Modify authorization request Map<String, String> approvalParameters = new HashMap<>(); approvalParameters.put("user_oauth_approval", "true"); uaaAuthorizationEndpoint.approveOrDeny(approvalParameters, model, sessionStatus, principal); }
request.setClientId(signedJwt.getJWTClaimsSet().getStringClaim(CLIENT_ID)); request.setClientId(plainJwt.getJWTClaimsSet().getStringClaim(CLIENT_ID)); request.setClientId(encryptedJWT.getJWTClaimsSet().getStringClaim(CLIENT_ID));
authorizationRequest.setClientId(clientId); authorizationRequest.setRedirectUri(TEST_REDIRECT_URI); authorizationRequest.setScope(new ArrayList<>(Arrays.asList("openid")));
authorizationRequest.setClientId(clientId); authorizationRequest.setRedirectUri(TEST_REDIRECT_URI); authorizationRequest.setScope(new ArrayList<>(Arrays.asList("openid")));
/** * Convenience constructor for unit tests, where client ID and scope are * often the only needed fields. * * @param clientId * @param scopes */ public AuthorizationRequest(String clientId, Collection<String> scopes) { setClientId(clientId); setScope(scopes); // in case we need to parse }
/** * Full constructor. */ public AuthorizationRequest(Map<String, String> authorizationParameters, Map<String, String> approvalParameters, String clientId, Set<String> scope, Set<String> resourceIds, Collection<? extends GrantedAuthority> authorities, boolean approved, String state, String redirectUri, Set<String> responseTypes) { setClientId(clientId); setRequestParameters(authorizationParameters); // in case we need to // wrap the collection setScope(scope); // in case we need to parse if (resourceIds != null) { this.resourceIds = new HashSet<String>(resourceIds); } if (authorities != null) { this.authorities = new HashSet<GrantedAuthority>(authorities); } this.approved = approved; this.resourceIds = resourceIds; this.redirectUri = redirectUri; if (responseTypes != null) { this.responseTypes = responseTypes; } this.state = state; }
request.setClientId(signedJwt.getJWTClaimsSet().getStringClaim(CLIENT_ID)); request.setClientId(plainJwt.getJWTClaimsSet().getStringClaim(CLIENT_ID)); request.setClientId(encryptedJWT.getJWTClaimsSet().getStringClaim(CLIENT_ID));