protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { OAuth2Request storedOAuth2Request = requestFactory.createOAuth2Request(client, tokenRequest); return new OAuth2Authentication(storedOAuth2Request, null); }
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { Map<String, String> params = tokenRequest.getRequestParameters(); String username = params.containsKey("username") ? params.get("username") : "guest"; List<GrantedAuthority> authorities = params.containsKey("authorities") ? AuthorityUtils .createAuthorityList(OAuth2Utils.parseParameterList(params.get("authorities")).toArray(new String[0])) : AuthorityUtils.NO_AUTHORITIES; Authentication user = new UsernamePasswordAuthenticationToken(username, "N/A", authorities); OAuth2Authentication authentication = new OAuth2Authentication(tokenRequest.createOAuth2Request(client), user); return authentication; } }
@Override protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest clientToken) { Authentication userAuth = SecurityContextHolder.getContext().getAuthentication(); if (userAuth==null || !userAuth.isAuthenticated()) { throw new InsufficientAuthenticationException("There is no currently logged in user"); } Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest."); OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request(); return new OAuth2Authentication(requestForStorage, userAuth); }
@Transient public OAuth2Authentication getAuthentication() { // TODO: memoize this return new OAuth2Authentication(createOAuth2Request(), getUserAuth()); }
@Override protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest clientToken) { Authentication userAuth = SecurityContextHolder.getContext().getAuthentication(); if (userAuth==null || !userAuth.isAuthenticated()) { throw new InsufficientAuthenticationException("There is no currently logged in user"); } Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest."); OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request(); return new OAuth2Authentication(requestForStorage, userAuth); } }
private OAuth2Authentication extractAuthentication(Map<String, Object> map) { Object principal = getPrincipal(map); OAuth2Request request = getRequest(map); List<GrantedAuthority> authorities = this.authoritiesExtractor .extractAuthorities(map); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( principal, "N/A", authorities); token.setDetails(map); return new OAuth2Authentication(request, token); }
private OAuth2Authentication extractAuthentication(Map<String, Object> map) { Object principal = getPrincipal(map); OAuth2Request request = getRequest(map); List<GrantedAuthority> authorities = this.authoritiesExtractor .extractAuthorities(map); UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( principal, "N/A", authorities); token.setDetails(map); return new OAuth2Authentication(request, token); }
@Test(expected = AuthenticationException.class) public void testAuthenticateInsufficientScope() throws Exception { UsernamePasswordAuthenticationToken userAuth = null; clientCredentials.put("scope","oauth.approval"); OAuth2Authentication auth = new OAuth2Authentication(request, userAuth); authenticationManager.authenticate(auth); }
@Test public void user_authentication_wrong_type() throws Exception { authentication = new OAuth2Authentication(storedOAuth2Request, mock(Authentication.class)); SecurityContextHolder.getContext().setAuthentication(authentication); exception.expect(InsufficientAuthenticationException.class); exception.expectMessage("Unrecognizable user authentication"); checkMfaCodeNoMfaInteraction(); }
private String generateCode(AuthorizationRequest authorizationRequest, Authentication authentication) throws AuthenticationException { try { OAuth2Request storedOAuth2Request = getOAuth2RequestFactory().createOAuth2Request(authorizationRequest); OAuth2Authentication combinedAuth = new OAuth2Authentication(storedOAuth2Request, authentication); String code = authorizationCodeServices.createAuthorizationCode(combinedAuth); return code; } catch (OAuth2Exception e) { if (authorizationRequest.getState() != null) { e.addAdditionalInformation("state", authorizationRequest.getState()); } throw e; } }
private OAuth2AccessToken performPasswordGrant(String tokenFormat) { AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, tokenSupport.requestedAuthScopes); authorizationRequest.setResourceIds(new HashSet<>(tokenSupport.resourceIds)); Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters()); azParameters.put(GRANT_TYPE, GRANT_TYPE_PASSWORD); azParameters.put(REQUEST_TOKEN_FORMAT, tokenFormat); authorizationRequest.setRequestParameters(azParameters); Authentication userAuthentication = tokenSupport.defaultUserAuthentication; OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication); return tokenServices.createAccessToken(authentication); }
@Test(expected = UsernameNotFoundException.class) public void testMissingUser() { UaaAuthentication authentication = UaaAuthenticationTestFactory.getAuthentication("nonexist-id", "Dale", "olds@vmware.com"); endpoint.loginInfo(new OAuth2Authentication(createOauthRequest(Arrays.asList("openid")), authentication)); }
@Before public void init() { subject.setApplicationEventPublisher(publisher); Authentication authentication = new OAuth2Authentication(new AuthorizationRequest("client", Arrays.asList("read")).createOAuth2Request(), UaaAuthenticationTestFactory.getAuthentication("ID", "joe", "joe@test.org")); SecurityContextHolder.getContext().setAuthentication(authentication); }
@Test public void isOpaqueTokenRequired() { AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, tokenSupport.requestedAuthScopes); Map<String, String> azParameters = new HashMap<>(authorizationRequest.getRequestParameters()); azParameters.put(GRANT_TYPE, TokenConstants.GRANT_TYPE_USER_TOKEN); authorizationRequest.setRequestParameters(azParameters); Authentication userAuthentication = tokenSupport.defaultUserAuthentication; OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication); assertTrue(tokenServices.isOpaqueTokenRequired(authentication)); }
public static Authentication oauthAuthenticatedClient(String clientId, Set<String> scopes, Set<GrantedAuthority> authorities) { OAuth2Authentication auth = new OAuth2Authentication(new OAuth2Request(null, clientId, authorities, true, scopes, null, null, null, null), null); assertTrue(auth.isAuthenticated()); return auth; }
@Test public void testSunnyDay_whenLastLogonNull_displaysNull() { user.setPreviousLogonTime(null); UaaUser user = userDatabase.retrieveUserByName("olds", OriginKeys.UAA); UaaAuthentication authentication = UaaAuthenticationTestFactory.getAuthentication(user.getId(), "olds", "olds@vmware.com", new HashSet<>(Arrays.asList("openid"))); UserInfoResponse map = endpoint.loginInfo(new OAuth2Authentication(createOauthRequest(Arrays.asList("openid")), authentication)); assertNull(map.getPreviousLogonSuccess()); }
@Test(expected = InvalidScopeException.class) public void testValidateScopesNotPresent() throws Exception { try { authentication = new OAuth2Authentication(new AuthorizationRequest("client", Collections.singleton("scim.read")).createOAuth2Request(), null); OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication); endpoint.checkToken(accessToken.getValue(), Collections.singletonList("scim.write"), request); } catch (InvalidScopeException ex) { assertEquals(missingScopeMessage("scim.write"), ex.getMessage()); throw ex; } }
@Test(expected = InvalidScopeException.class) public void testValidateScopesSomeNotPresent() throws Exception { try { authentication = new OAuth2Authentication(new AuthorizationRequest("client", Arrays.asList("scim.read", "scim.write")).createOAuth2Request(), null); OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication); endpoint.checkToken(accessToken.getValue(), Arrays.asList("scim.read", "ponies.ride"), request); } catch (InvalidScopeException ex) { assertEquals(missingScopeMessage("ponies.ride"), ex.getMessage()); throw ex; } }
@Test(expected = InvalidScopeException.class) public void testValidateScopesMultipleNotPresent() throws Exception { try { authentication = new OAuth2Authentication(new AuthorizationRequest("client", Collections.singletonList("cat.pet")).createOAuth2Request(), null); OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication); endpoint.checkToken(accessToken.getValue(), Arrays.asList("scim.write", "scim.read"), request); } catch (InvalidScopeException ex) { assertEquals(missingScopeMessage("scim.write", "scim.read"), ex.getMessage()); throw ex; } }
@Test public void testClientOnly() throws Exception { authentication = new OAuth2Authentication(new AuthorizationRequest("client", Collections.singleton("scim.read")).createOAuth2Request(), null); OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication); Claims result = endpoint.checkToken(accessToken.getValue(), Collections.emptyList(), request); assertEquals("client", result.getClientId()); assertNull(result.getUserId()); }