@Override protected void onSuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, Authentication authResult) throws IOException { super.onSuccessfulAuthentication(request, response, authResult); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); if (auth instanceof OAuth2Authentication) { ((OAuth2Authentication)auth).setAuthenticated(true); } }
private Authentication performClientAuthentication(HttpServletRequest req, Map<String, String> loginInfo, String clientId) { String clientSecret = loginInfo.get(CLIENT_SECRET); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(clientId, clientSecret); authentication.setDetails(new UaaAuthenticationDetails(req, clientId)); try { Authentication auth = clientAuthenticationManager.authenticate(authentication); if (auth == null || !auth.isAuthenticated()) { throw new BadCredentialsException("Client Authentication failed."); } loginInfo.remove(CLIENT_SECRET); AuthorizationRequest authorizationRequest = new AuthorizationRequest(clientId, getScope(req)); authorizationRequest.setRequestParameters(getSingleValueMap(req)); authorizationRequest.setApproved(true); //must set this to true in order for //Authentication.isAuthenticated to return true OAuth2Authentication result = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), null); result.setAuthenticated(true); return result; } catch (AuthenticationException e) { throw new BadCredentialsException(e.getMessage(), e); } catch (Exception e) { logger.debug("Unable to authenticate client: " + clientId, e); throw new BadCredentialsException(e.getMessage(), e); } }
authorizationRequest.createOAuth2Request(), userAuthentication); authentication.setAuthenticated(true); return authentication;
auth.setAuthenticated(true); return auth;
HashMap<String, String> authorizationParameters = new HashMap<String, String>(); authorizationParameters.put("scope", "read"); authorizationParameters.put("username", "mobile_client"); authorizationParameters.put("client_id", "mobile-client"); authorizationParameters.put("grant", "password"); DefaultAuthorizationRequest authorizationRequest = new DefaultAuthorizationRequest(authorizationParameters); authorizationRequest.setApproved(true); Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); authorities.add(new SimpleGrantedAuthority("ROLE_UNTRUSTED_CLIENT")); authorizationRequest.setAuthorities(authorities); HashSet<String> resourceIds = new HashSet<String>(); resourceIds.add("mobile-public"); authorizationRequest.setResourceIds(resourceIds); // Create principal and auth token User userPrincipal = new User(user.getUserID(), "", true, true, true, true, authorities); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userPrincipal, null, authorities) ; OAuth2Authentication authenticationRequest = new OAuth2Authentication(authorizationRequest, authenticationToken); authenticationRequest.setAuthenticated(true); CustomTokenStore tokenStore = new CustomTokenStore(); // Token Enhancer CustomTokenEnhancer tokenEnhancer = new CustomTokenEnhancer(user.getUserID()); CustomTokenServices tokenServices = new CustomTokenServices(); tokenServices.setTokenEnhancer(tokenEnhancer); tokenServices.setSupportRefreshToken(true); tokenServices.setTokenStore(tokenStore); OAuth2AccessToken accessToken = tokenServices.createAccessTokenForUser(authenticationRequest, user);
oAuth2Authentication.setAuthenticated(true);
protected Authentication authenticate(Authentication authentication) { if (authentication == null) { throw new InvalidTokenException("Invalid token (token not found)"); } else { String token = (String) authentication.getPrincipal(); OAuth2Authentication auth = this.tokenServices.loadAuthentication(token); if (auth == null) { throw new InvalidTokenException("Invalid token: " + token); } else { if (authentication.getDetails() instanceof OAuth2AuthenticationDetails) { OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails(); if (!details.equals(auth.getDetails())) { details.setDecodedDetails(auth.getDetails()); } } auth.setDetails(authentication.getDetails()); auth.setAuthenticated(true); return auth; } } }
auth.setAuthenticated(true); return auth;