org.springframework.security.oauth2.client.OAuth2ClientContext Java Examples
The following examples show how to use
org.springframework.security.oauth2.client.OAuth2ClientContext.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ResourceServerTokenRelayAutoConfigurationTests.java From spring-cloud-security with Apache License 2.0 | 6 votes |
@Test public void clientConfigured() throws Exception { this.context = new SpringApplicationBuilder(ClientConfiguration.class) .properties("spring.config.name=test", "server.port=0", "spring.cloud.gateway.enabled=false", "security.oauth2.resource.userInfoUri:https://example.com", "security.oauth2.client.clientId=foo") .run(); RequestContextHolder.setRequestAttributes( new ServletRequestAttributes(new MockHttpServletRequest())); OAuth2ClientContext client = this.context.getBean(OAuth2ClientContext.class); assertThat(client.getAccessToken()).isNull(); UserInfoTokenServices services = context.getBean(UserInfoTokenServices.class); OAuth2RestTemplate template = (OAuth2RestTemplate) ReflectionTestUtils .getField(services, "restTemplate"); MockRestServiceServer server = MockRestServiceServer.createServer(template); server.expect(requestTo("https://example.com")) .andRespond(withSuccess("{\"id\":\"user\"}", MediaType.APPLICATION_JSON)); services.loadAuthentication("FOO"); assertThat(client.getAccessToken().getValue()).isEqualTo("FOO"); server.verify(); }
Example #2
Source File: OAuth2Util.java From DAFramework with MIT License | 6 votes |
public static Filter general(AuthorizationCodeResourceDetails client, ResourceServerProperties resourceServerProperties, String path, OAuth2ClientContext oauth2ClientContext) { OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationFilter = new OAuth2ClientAuthenticationProcessingFilter(path){ protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { super.successfulAuthentication(request, response, chain, authResult); OAuth2AccessToken accessToken = restTemplate.getAccessToken(); log.warn(new Gson().toJson(authResult)); log.warn(new Gson().toJson(accessToken)); } }; OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(client, oauth2ClientContext); oAuth2ClientAuthenticationFilter.setRestTemplate(oAuth2RestTemplate); UserInfoTokenServices tokenServices = new UserInfoTokenServices(resourceServerProperties.getUserInfoUri(), client.getClientId()); tokenServices.setRestTemplate(oAuth2RestTemplate); oAuth2ClientAuthenticationFilter.setTokenServices(tokenServices); return oAuth2ClientAuthenticationFilter; }
Example #3
Source File: OAuth2Util.java From DAFramework with MIT License | 6 votes |
public static Filter wechat(AuthorizationCodeResourceDetails client, ResourceServerProperties resourceServerProperties, String path, OAuth2ClientContext oauth2ClientContext) { OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationFilter = new OAuth2ClientAuthenticationProcessingFilter(path); OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(client, oauth2ClientContext); AuthorizationCodeAccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider(); accessTokenProvider.setAuthorizationRequestEnhancer((request, resource, form, headers) -> { form.set("appid", resource.getClientId()); form.set("secret", resource.getClientSecret()); form.set("scope", "snsapi_userinfo"); form.set("response_type", "code"); form.set("#wechat_redirect", ""); }); accessTokenProvider.setMessageConverters(converters()); oAuth2RestTemplate.setAccessTokenProvider(accessTokenProvider); oAuth2RestTemplate.setRetryBadAccessTokens(true); oAuth2ClientAuthenticationFilter.setRestTemplate(oAuth2RestTemplate); UserInfoTokenServices tokenServices = new UserInfoTokenServices(resourceServerProperties.getUserInfoUri(), client.getClientId()); tokenServices.setRestTemplate(oAuth2RestTemplate); oAuth2ClientAuthenticationFilter.setTokenServices(tokenServices); return oAuth2ClientAuthenticationFilter; }
Example #4
Source File: CaseStandardizingOAuth2RequestAuthenticator.java From shimmer with Apache License 2.0 | 6 votes |
@Override public void authenticate(OAuth2ProtectedResourceDetails resource, OAuth2ClientContext clientContext, ClientHttpRequest request) { OAuth2AccessToken accessToken = clientContext.getAccessToken(); if (accessToken == null) { throw new AccessTokenRequiredException(resource); } String tokenType = accessToken.getTokenType(); if (!StringUtils.hasText(tokenType) || tokenType.equalsIgnoreCase(OAuth2AccessToken.BEARER_TYPE)) { tokenType = OAuth2AccessToken.BEARER_TYPE; // we'll assume basic bearer token type if none is specified. } request.getHeaders().set("Authorization", String.format("%s %s", tokenType, accessToken.getValue())); }
Example #5
Source File: OAuth2AutoConfigurationTests.java From spring-security-oauth2-boot with Apache License 2.0 | 6 votes |
@Test public void testCanUseClientCredentialsWithEnableOAuth2Client() { this.context = new AnnotationConfigServletWebServerApplicationContext(); this.context.register(ClientConfiguration.class, MinimalSecureWebApplication.class); TestPropertyValues .of("security.oauth2.client.clientId=client", "security.oauth2.client.grantType=client_credentials") .applyTo(this.context); ConfigurationPropertySources.attach(this.context.getEnvironment()); this.context.refresh(); // The primary context is fine (not session scoped): OAuth2ClientContext bean = this.context.getBean(OAuth2ClientContext.class); assertThat(bean.getAccessTokenRequest()).isNotNull(); assertThat(countBeans(ClientCredentialsResourceDetails.class)).isEqualTo(1); // Kind of a bug (should ideally be 1), but the cause is in Spring OAuth2 (there // is no need for the extra session-scoped bean). What this test proves is that // even if the user screws up and does @EnableOAuth2Client for client // credentials, // it will still just about work (because of the @Primary annotation on the // Boot-created instance of OAuth2ClientContext). assertThat(countBeans(OAuth2ClientContext.class)).isEqualTo(2); }
Example #6
Source File: UserInfoTokenServicesRefreshTokenTests.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Test public void withRestTemplateChangesState() { OAuth2ProtectedResourceDetails resource = new AuthorizationCodeResourceDetails(); OAuth2ClientContext context = new DefaultOAuth2ClientContext(); context.setAccessToken(new DefaultOAuth2AccessToken("FOO")); this.services.setRestTemplate(new OAuth2RestTemplate(resource, context)); assertThat(this.services.loadAuthentication("BAR").getName()).isEqualTo("me"); assertThat(context.getAccessToken().getValue()).isEqualTo("BAR"); }
Example #7
Source File: OAuthClientConfiguration.java From microservices-basics-spring-boot with Apache License 2.0 | 5 votes |
/** * RestTempate that relays the OAuth2 token passed to the task webservice. * * @param oauth2ClientContext * @return */ @Bean(name = "oAuth2RestTemplate") @LoadBalanced @Primary public OAuth2RestTemplate restTemplate(OAuth2ClientContext context) { return new OAuth2RestTemplate(authServer(), context); }
Example #8
Source File: HttpRequestWithPoPSignatureInterceptor.java From OAuth-2.0-Cookbook with MIT License | 5 votes |
@Override public ClientHttpResponse intercept(HttpRequest request, byte[] body, ClientHttpRequestExecution execution) throws IOException { OAuth2ClientContext clientContext = applicationContext.getBean(OAuth2ClientContext.class); OAuth2AccessToken accessToken = clientContext.getAccessToken(); request.getHeaders().set("Authorization", "Bearer " + accessToken.getValue()); request.getHeaders().set("nonce", keyPairManager.getSignedContent(UUID.randomUUID().toString())); return execution.execute(request, body); }
Example #9
Source File: GoogleConfiguration.java From OAuth-2.0-Cookbook with MIT License | 5 votes |
@Bean public OAuth2RestTemplate restTemplate(OAuth2ClientContext context) { OAuth2RestTemplate rest = new OAuth2RestTemplate(resourceDetails(), context); AccessTokenProviderChain providerChain = new AccessTokenProviderChain( Arrays.asList(new AuthorizationCodeAccessTokenProvider())); rest.setAccessTokenProvider(providerChain); return rest; }
Example #10
Source File: GoogleConfiguration.java From OAuth-2.0-Cookbook with MIT License | 5 votes |
@Bean public OAuth2RestTemplate restTemplate(OAuth2ClientContext context) { OAuth2RestTemplate rest = new OAuth2RestTemplate(resourceDetails(), context); AccessTokenProviderChain providerChain = new AccessTokenProviderChain( Arrays.asList(new AuthorizationCodeAccessTokenProvider())); rest.setAccessTokenProvider(providerChain); return rest; }
Example #11
Source File: FacebookConfiguration.java From OAuth-2.0-Cookbook with MIT License | 5 votes |
@Bean public OAuth2RestTemplate restTemplate(OAuth2ClientContext context) { OAuth2RestTemplate rest = new OAuth2RestTemplate(resourceDetails(), context); rest.setAccessTokenProvider( new AccessTokenProviderChain( Arrays.asList(new AuthorizationCodeAccessTokenProvider()))); return rest; }
Example #12
Source File: OAuth2AutoConfigurationTests.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Test public void testCanUseClientCredentials() { this.context = new AnnotationConfigServletWebServerApplicationContext(); this.context.register(TestSecurityConfiguration.class, MinimalSecureWebApplication.class); TestPropertyValues .of("security.oauth2.client.clientId=client", "security.oauth2.client.grantType=client_credentials") .applyTo(this.context); ConfigurationPropertySources.attach(this.context.getEnvironment()); this.context.refresh(); OAuth2ClientContext bean = this.context.getBean(OAuth2ClientContext.class); assertThat(bean.getAccessTokenRequest()).isNotNull(); assertThat(countBeans(ClientCredentialsResourceDetails.class)).isEqualTo(1); assertThat(countBeans(OAuth2ClientContext.class)).isEqualTo(1); }
Example #13
Source File: OAuth2AutoConfigurationTests.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Test public void testClientIsNotResourceServer() { this.context = new AnnotationConfigServletWebServerApplicationContext(); this.context.register(ClientConfiguration.class, MinimalSecureWebApplication.class); this.context.refresh(); assertThat(countBeans(RESOURCE_SERVER_CONFIG)).isEqualTo(0); assertThat(countBeans(AUTHORIZATION_SERVER_CONFIG)).isEqualTo(0); // Scoped target and proxy: assertThat(countBeans(OAuth2ClientContext.class)).isEqualTo(2); }
Example #14
Source File: UserInfoTokenServicesTests.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Before public void init() { this.resource.setClientId("foo"); given(this.template.getForEntity(any(String.class), eq(Map.class))) .willReturn(new ResponseEntity<>(this.map, HttpStatus.OK)); given(this.template.getAccessToken()).willReturn(new DefaultOAuth2AccessToken("FOO")); given(this.template.getResource()).willReturn(this.resource); given(this.template.getOAuth2ClientContext()).willReturn(mock(OAuth2ClientContext.class)); }
Example #15
Source File: UserInfoTokenServicesRefreshTokenTests.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Test public void withRestTemplate() { OAuth2ProtectedResourceDetails resource = new AuthorizationCodeResourceDetails(); OAuth2ClientContext context = new DefaultOAuth2ClientContext(); DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken("FOO"); token.setRefreshToken(new DefaultExpiringOAuth2RefreshToken("BAR", new Date(0L))); context.setAccessToken(token); this.services.setRestTemplate(new OAuth2RestTemplate(resource, context)); assertThat(this.services.loadAuthentication("FOO").getName()).isEqualTo("me"); assertThat(context.getAccessToken().getValue()).isEqualTo("FOO"); // The refresh token is still intact assertThat(context.getAccessToken().getRefreshToken()).isEqualTo(token.getRefreshToken()); }
Example #16
Source File: DefaultUserInfoRestTemplateFactory.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
public DefaultUserInfoRestTemplateFactory(ObjectProvider<List<UserInfoRestTemplateCustomizer>> customizers, ObjectProvider<OAuth2ProtectedResourceDetails> details, ObjectProvider<OAuth2ClientContext> oauth2ClientContext) { this.customizers = customizers.getIfAvailable(); this.details = details.getIfAvailable(); this.oauth2ClientContext = oauth2ClientContext.getIfAvailable(); }
Example #17
Source File: ResourceServerTokenServicesConfiguration.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Bean @ConditionalOnMissingBean public UserInfoRestTemplateFactory userInfoRestTemplateFactory( ObjectProvider<List<UserInfoRestTemplateCustomizer>> customizers, ObjectProvider<OAuth2ProtectedResourceDetails> details, ObjectProvider<OAuth2ClientContext> oauth2ClientContext) { return new DefaultUserInfoRestTemplateFactory(customizers, details, oauth2ClientContext); }
Example #18
Source File: ResourceServerTokenRelayTests.java From spring-cloud-security with Apache License 2.0 | 5 votes |
@Bean public OAuth2RestTemplate oauth2RestTemplate( OAuth2ProtectedResourceDetails resource, OAuth2ClientContext oauth2Context) { return new OAuth2RestTemplate(resource, oauth2Context); }
Example #19
Source File: OAuth2FeignRequestInterceptorTests.java From spring-cloud-security with Apache License 2.0 | 5 votes |
@Test public void applyAuthorizationHeaderOnlyOnce() { OAuth2ClientContext oAuth2ClientContext = mock(OAuth2ClientContext.class); when(oAuth2ClientContext.getAccessToken()) .thenReturn(new MockOAuth2AccessToken("MOCKED_TOKEN")); OAuth2FeignRequestInterceptor oAuth2FeignRequestInterceptor = new OAuth2FeignRequestInterceptor( oAuth2ClientContext, new BaseOAuth2ProtectedResourceDetails()); oAuth2FeignRequestInterceptor.apply(requestTemplate); // First idempotent call failed, retry mechanism kicks in, and token has expired // in the meantime OAuth2AccessToken expiredAccessToken = mock(OAuth2AccessToken.class); when(expiredAccessToken.isExpired()).thenReturn(true); when(oAuth2ClientContext.getAccessToken()).thenReturn(expiredAccessToken); AccessTokenRequest accessTokenRequest = mock(AccessTokenRequest.class); when(oAuth2ClientContext.getAccessTokenRequest()).thenReturn(accessTokenRequest); OAuth2AccessToken newToken = new MockOAuth2AccessToken("Fancy"); oAuth2FeignRequestInterceptor .setAccessTokenProvider(new MockAccessTokenProvider(newToken)); oAuth2FeignRequestInterceptor.apply(requestTemplate); Map<String, Collection<String>> headers = requestTemplate.headers(); Assert.assertTrue("RequestTemplate must have a Authorization header", headers.containsKey("Authorization")); Assert.assertThat("Authorization must have a extract of Fancy", headers.get("Authorization"), hasSize(1)); Assert.assertThat("Authorization must have a extract of Fancy", headers.get("Authorization"), contains("Bearer Fancy")); }
Example #20
Source File: AccountServiceApplication.java From microservices-event-sourcing with Apache License 2.0 | 4 votes |
@LoadBalanced @Bean public OAuth2RestTemplate loadBalancedRestTemplate(OAuth2ProtectedResourceDetails details, OAuth2ClientContext context) { return new OAuth2RestTemplate(details, context); }
Example #21
Source File: ResourceServerTokenRelayAutoConfigurationTests.java From spring-cloud-security with Apache License 2.0 | 4 votes |
@Bean public OAuth2RestTemplate oauth2RestTemplate( OAuth2ProtectedResourceDetails resource, OAuth2ClientContext oauth2Context) { return new OAuth2RestTemplate(resource, oauth2Context); }
Example #22
Source File: WebSecurityConfig.java From docs-manage with MIT License | 4 votes |
@Autowired public WebSecurityConfig(OAuth2ClientContext clientContext) { this.clientContext = clientContext; }
Example #23
Source File: ProfileApplication.java From cloud-native-microservice-strangler-example with GNU General Public License v3.0 | 4 votes |
@LoadBalanced @Bean public OAuth2RestTemplate loadBalancedOauth2RestTemplate( OAuth2ProtectedResourceDetails resource, OAuth2ClientContext context) { return new OAuth2RestTemplate(resource, context); }
Example #24
Source File: ResourceServerTokenRelayAutoConfiguration.java From spring-cloud-security with Apache License 2.0 | 4 votes |
@Bean public AccessTokenContextRelay accessTokenContextRelay(OAuth2ClientContext context) { return new AccessTokenContextRelay(context); }
Example #25
Source File: AccessTokenContextRelay.java From spring-cloud-security with Apache License 2.0 | 4 votes |
public AccessTokenContextRelay(OAuth2ClientContext context) { this.context = context; }
Example #26
Source File: ShoppingCartApplication.java From spring-cloud-event-sourcing-example with GNU General Public License v3.0 | 4 votes |
@LoadBalanced @Bean public OAuth2RestTemplate loadBalancedOauth2RestTemplate( OAuth2ProtectedResourceDetails resource, OAuth2ClientContext context) { return new OAuth2RestTemplate(resource, context); }
Example #27
Source File: OAuth2HttpClientTest.java From feign-oauth2-spring-cloud-starter with Apache License 2.0 | 4 votes |
@Bean public OAuth2ClientContext auth2ClientContext() { return new DefaultOAuth2ClientContext(); }
Example #28
Source File: OAuth2FeignAutoConfiguration.java From feign-oauth2-spring-cloud-starter with Apache License 2.0 | 4 votes |
@Bean @ConditionalOnBean(OAuth2ClientContext.class) public RequestInterceptor oauth2FeignRequestInterceptor(OAuth2ClientContext oauth2ClientContext) { return new OAuth2FeignRequestInterceptor(oauth2ClientContext); }
Example #29
Source File: AccountApplication.java From spring-cloud-event-sourcing-example with GNU General Public License v3.0 | 4 votes |
@LoadBalanced @Bean public OAuth2RestTemplate loadBalancedOauth2RestTemplate( OAuth2ProtectedResourceDetails resource, OAuth2ClientContext context) { return new OAuth2RestTemplate(resource, context); }
Example #30
Source File: OrderApplication.java From spring-cloud-event-sourcing-example with GNU General Public License v3.0 | 4 votes |
@LoadBalanced @Bean public OAuth2RestTemplate loadBalancedOauth2RestTemplate( OAuth2ProtectedResourceDetails resource, OAuth2ClientContext context) { return new OAuth2RestTemplate(resource, context); }