/** * @return */ private OAuth2Request createOAuth2Request() { return new OAuth2Request(requestParameters, clientId, authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions); }
@SuppressWarnings({ "unchecked" }) private OAuth2Request getRequest(Map<String, Object> map) { Map<String, Object> request = (Map<String, Object>) map.get("oauth2Request"); String clientId = (String) request.get("clientId"); Set<String> scope = new LinkedHashSet<>(request.containsKey("scope") ? (Collection<String>) request.get("scope") : Collections.<String>emptySet()); return new OAuth2Request(null, clientId, null, true, new HashSet<>(scope), null, null, null, null); }
@SuppressWarnings({ "unchecked" }) private OAuth2Request getRequest(Map<String, Object> map) { Map<String, Object> request = (Map<String, Object>) map.get("oauth2Request"); String clientId = (String) request.get("clientId"); Set<String> scope = new LinkedHashSet<>(request.containsKey("scope") ? (Collection<String>) request.get("scope") : Collections.<String>emptySet()); return new OAuth2Request(null, clientId, null, true, new HashSet<>(scope), null, null, null, null); }
private OAuth2Request createStoredRequest(final JsonObject token) { String clientId = token.get("client_id").getAsString(); Set<String> scopes = new HashSet<>(); if (token.has("scope")) { scopes.addAll(OAuth2Utils.parseParameterList(token.get("scope").getAsString())); } Map<String, String> parameters = new HashMap<>(); parameters.put("client_id", clientId); parameters.put("scope", OAuth2Utils.formatParameterList(scopes)); OAuth2Request storedRequest = new OAuth2Request(parameters, clientId, null, true, scopes, null, null, null, null); return storedRequest; }
/** * Update the scope and create a new request. All the other properties are the same (including the request * parameters). * * @param scope the new scope * @return a new request with the narrowed scope */ public OAuth2Request narrowScope(Set<String> scope) { OAuth2Request request = new OAuth2Request(getRequestParameters(), getClientId(), authorities, approved, scope, resourceIds, redirectUri, responseTypes, extensions); request.refresh = this.refresh; return request; }
/** * Update the request parameters and return a new object with the same properties except the parameters. * @param parameters new parameters replacing the existing ones * @return a new OAuth2Request */ public OAuth2Request createOAuth2Request(Map<String, String> parameters) { return new OAuth2Request(parameters, getClientId(), authorities, approved, getScope(), resourceIds, redirectUri, responseTypes, extensions); }
public OAuth2Authentication extractAuthentication(Map<String, ?> map) { Map<String, String> parameters = new HashMap<String, String>(); Set<String> scope = extractScope(map); Authentication user = userTokenConverter.extractAuthentication(map); String clientId = (String) map.get(clientIdAttribute); parameters.put(clientIdAttribute, clientId); if (includeGrantType && map.containsKey(GRANT_TYPE)) { parameters.put(GRANT_TYPE, (String) map.get(GRANT_TYPE)); } Set<String> resourceIds = new LinkedHashSet<String>(map.containsKey(AUD) ? getAudience(map) : Collections.<String>emptySet()); Collection<? extends GrantedAuthority> authorities = null; if (user==null && map.containsKey(AUTHORITIES)) { @SuppressWarnings("unchecked") String[] roles = ((Collection<String>)map.get(AUTHORITIES)).toArray(new String[0]); authorities = AuthorityUtils.createAuthorityList(roles); } OAuth2Request request = new OAuth2Request(parameters, clientId, authorities, true, scope, resourceIds, null, null, null); return new OAuth2Authentication(request, user); }
public OAuth2Request createOAuth2Request(ClientDetails client) { Map<String, String> requestParameters = getRequestParameters(); HashMap<String, String> modifiable = new HashMap<String, String>(requestParameters); // Remove password if present to prevent leaks modifiable.remove("password"); modifiable.remove("client_secret"); // Add grant type so it can be retrieved from OAuth2Request modifiable.put("grant_type", grantType); return new OAuth2Request(modifiable, client.getClientId(), client.getAuthorities(), true, this.getScope(), client.getResourceIds(), null, null, null); }
public OAuth2Request refresh(TokenRequest tokenRequest) { OAuth2Request request = new OAuth2Request(getRequestParameters(), getClientId(), authorities, approved, getScope(), resourceIds, redirectUri, responseTypes, extensions); request.refresh = tokenRequest; return request; }
public OAuth2Request createOauthRequest(List<String> scopes) { return new OAuth2Request(EMPTY_MAP, "clientId", scopes.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList()), true, new HashSet<>(scopes), EMPTY_SET, null, EMPTY_SET, null); }
Collection<String> responseTypes = (Collection<String>) map.get(OAUTH2_REQUEST_RESPONSE_TYPES); OAuth2Request request = new OAuth2Request( requestParameters, clientId,
public static Authentication oauthAuthenticatedClient(String clientId, Set<String> scopes, Set<GrantedAuthority> authorities) { OAuth2Authentication auth = new OAuth2Authentication(new OAuth2Request(null, clientId, authorities, true, scopes, null, null, null, null), null); assertTrue(auth.isAuthenticated()); return auth; }
public static Authentication oauthAuthenticatedUser( String clientId, Set<String> scopes, Set<GrantedAuthority> authorities, String id, String username, String email, GrantedAuthority... userAuthorities) { OAuth2Authentication auth = new OAuth2Authentication(new OAuth2Request(null, clientId, authorities, true, scopes, null, null, null, null), fullyAuthenticatedUser(id, username, email, userAuthorities)); assertTrue(auth.isAuthenticated()); return auth; } }
@Override public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest, JWT assertion) { try { JWTClaimsSet claims = assertion.getJWTClaimsSet(); Set<String> scope = OAuth2Utils.parseParameterList(claims.getStringClaim("scope")); Set<String> resources = Sets.newHashSet(claims.getAudience()); return new OAuth2Request(tokenRequest.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, scope, resources, null, null, null); } catch (ParseException e) { return null; } }
public CompositeToken getCompositeAccessToken(List<String> scopes) { UaaPrincipal uaaPrincipal = new UaaPrincipal(defaultUser.getId(), defaultUser.getUsername(), defaultUser.getEmail(), defaultUser.getOrigin(), defaultUser.getExternalId(), defaultUser.getZoneId()); UaaAuthentication userAuthentication = new UaaAuthentication(uaaPrincipal, null, defaultUserAuthorities, new HashSet<>(Arrays.asList("group1", "group2")), Collections.EMPTY_MAP, null, true, System.currentTimeMillis(), System.currentTimeMillis() + 1000l * 60l); Set<String> amr = new HashSet<>(); amr.addAll(Arrays.asList("ext", "mfa", "rba")); userAuthentication.setAuthenticationMethods(amr); userAuthentication.setAuthContextClassRef(new HashSet<>(Arrays.asList(AuthnContext.PASSWORD_AUTHN_CTX))); HashMap<String, String> requestParams = Maps.newHashMap(); requestParams.put("grant_type", GRANT_TYPE_PASSWORD); OAuth2Request oAuth2Request = new OAuth2Request(requestParams, CLIENT_ID, null, false, Sets.newHashSet(scopes), null, null, Sets.newHashSet("token", "id_token"), null); UaaOauth2Authentication uaaOauth2Authentication = new UaaOauth2Authentication(null, IdentityZoneHolder.get().getId(), oAuth2Request, userAuthentication); OAuth2AccessToken accessToken = tokenServices.createAccessToken(uaaOauth2Authentication); return (CompositeToken) accessToken; }
@Override public OAuth2Request createOAuth2Request(ClientDetails client) { OAuth2Request request = super.createOAuth2Request(client); return new OAuth2Request( request.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, request.getScope(), resourceIds, request.getRedirectUri(), responseTypes, request.getExtensions()); } }
public OAuth2Request createOAuth2Request() { return new OAuth2Request(getRequestParameters(), getClientId(), getAuthorities(), isApproved(), getScope(), getResourceIds(), getRedirectUri(), getResponseTypes(), getExtensions()); }
@Before public void getBean() { id = new RandomValueStringGenerator(25).generate(); clientId = id; request = new MockHttpServletRequest(); request.setRemoteAddr("127.0.0.1"); principal = new UaaPrincipal(id, "username","username@email.org", OriginKeys.UAA, null, IdentityZoneHolder.get().getId()); authentication = new UaaAuthentication(principal, Collections.<GrantedAuthority>emptyList(), new UaaAuthenticationDetails(request)); OAuth2Request request = new OAuth2Request(emptyMap(), clientId, emptyList(), true, emptySet(), emptySet(), null, emptySet(), emptyMap()); oAuth2AuthenticationWithUser = new OAuth2Authentication(request, authentication); oAuth2AuthenticationWithoutUser = new OAuth2Authentication(request, null); tokenProvisioning = Mockito.mock(RevocableTokenProvisioning.class); bean = new IsSelfCheck(tokenProvisioning); }
@Test public void test_oauth2_authentication_with_empty_allowed() { OAuth2Request myReq = new OAuth2Request(requestParameters, receivingClient.getClientId(), receivingClient.getAuthorities(), true, receivingClient.getScope(), receivingClient.getResourceIds(), null, null, null); BaseClientDetails myClient = new BaseClientDetails(requestingClient); List<String> allowedProviders = new LinkedList<String>(); Map<String, Object> additionalInformation = new LinkedHashMap<>(); Collection me = AuthorityUtils.commaSeparatedStringToAuthorityList("openid,foo.bar,uaa.user,one.read"); //when(new DefaultSecurityContextAccessor()).thenReturn((DefaultSecurityContextAccessor) securityContextAccessor); mockedgranter = mock(Saml2TokenGranter.class); when(mockedgranter.getRequestFactory()).thenReturn(requestFactory); when(mockedgranter.validateRequest(tokenRequest)).thenReturn(userAuthentication); when(mockedgranter.getOAuth2Authentication(myClient, tokenRequest)).thenCallRealMethod(); myClient.setScope(StringUtils.commaDelimitedListToSet("openid,foo.bar")); additionalInformation.put(ClientConstants.ALLOWED_PROVIDERS, allowedProviders); myClient.setAdditionalInformation(additionalInformation); when(userAuthentication.getAuthorities()).thenReturn(me); when(requestFactory.createOAuth2Request(receivingClient, tokenRequest)).thenReturn(myReq); mockedgranter.getOAuth2Authentication(myClient, tokenRequest); }
@Test public void test_getAccessToken() { Collection me = AuthorityUtils.commaSeparatedStringToAuthorityList("openid,foo.bar,uaa.user,one.read"); OAuth2Request myReq = new OAuth2Request(requestParameters, receivingClient.getClientId(), receivingClient.getAuthorities(), true, receivingClient.getScope(), receivingClient.getResourceIds(), null, null, null); requestingClient.setScope(StringUtils.commaDelimitedListToSet("openid,foo.bar")); when(userAuthentication.getAuthorities()).thenReturn(me); tokenRequest.setClientId(receivingClient.getClientId()); when(authentication.isAuthenticated()).thenReturn(true); when(authentication.getUserAuthentication()).thenReturn(null); when(authentication.getUserAuthentication()).thenReturn(userAuthentication); when(userAuthentication.isAuthenticated()).thenReturn(true); when(requestFactory.createOAuth2Request(receivingClient, tokenRequest)).thenReturn(myReq); ReflectionTestUtils.setField(granter, "requestFactory", requestFactory); granter.getAccessToken(receivingClient, tokenRequest); }