org.springframework.security.oauth2.common.util.SerializationUtils Java Examples
The following examples show how to use
org.springframework.security.oauth2.common.util.SerializationUtils.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: RedisAuthorizationCodeServices.java From cloud-service with MIT License | 6 votes |
|
@Override
protected OAuth2Authentication remove(final String code) {
OAuth2Authentication oAuth2Authentication = redisTemplate.execute(new RedisCallback<OAuth2Authentication>() {
@Override
public OAuth2Authentication doInRedis(RedisConnection connection) throws DataAccessException {
byte[] keyByte = codeKey(code).getBytes();
byte[] valueByte = connection.get(keyByte);
if (valueByte != null) {
connection.del(keyByte);
return SerializationUtils.deserialize(valueByte);
}
return null;
}
});
return oAuth2Authentication;
}
Example #2
| Source File: TokenServiceImpl.java From oauth-server with Apache License 2.0 | 6 votes |
|
@Override
public void deleteOne(String tokenId) {
//筛选token
AccessTokenDO accessTokenDO = accessTokenMapper.selectByPrimaryKey(tokenId);
//token不存在
if (accessTokenDO == null) {
throw new CommonException("error.delete.token.not.exist");
}
//提取sessionId
DefaultOAuth2AccessToken deserialize = SerializationUtils.deserialize(accessTokenDO.getToken());
//删除redis session
redisTemplate.delete(SESSION_KEY_PREFIX + deserialize.getAdditionalInformation().get("sessionId"));
//删除db accessToken/refreshToken
accessTokenMapper.deleteByPrimaryKey(tokenId);
refreshTokenMapper.deleteByPrimaryKey(accessTokenDO.getRefreshToken());
LOGGER.info("delete token,tokenId:{},sessionId:{}",tokenId,deserialize.getAdditionalInformation().get("sessionId"));
}
Example #3
| Source File: AccessParameterClientTokenServices.java From shimmer with Apache License 2.0 | 6 votes |
|
@Override
public void saveAccessToken(
OAuth2ProtectedResourceDetails resource,
Authentication authentication, OAuth2AccessToken accessToken) {
String username = authentication.getPrincipal().toString();
String shimKey = authentication.getDetails().toString();
AccessParameters accessParameters =
accessParametersRepo.findByUsernameAndShimKey(
username,
shimKey,
new Sort(Sort.Direction.DESC, "dateCreated"));
if (accessParameters == null) {
accessParameters = new AccessParameters();
accessParameters.setUsername(username);
accessParameters.setShimKey(shimKey);
}
accessParameters.setSerializedToken(SerializationUtils.serialize(accessToken));
accessParametersRepo.save(accessParameters);
}
Example #4
| Source File: AccessParameterClientTokenServices.java From shimmer with Apache License 2.0 | 6 votes |
|
@Override
public OAuth2AccessToken getAccessToken(
OAuth2ProtectedResourceDetails resource,
Authentication authentication) {
String username = authentication.getPrincipal().toString();
String shimKey = authentication.getDetails().toString();
AccessParameters accessParameters = accessParametersRepo.findByUsernameAndShimKey(
username, shimKey, new Sort(Sort.Direction.DESC, "dateCreated"));
if (accessParameters == null || accessParameters.getSerializedToken() == null) {
return null; //No token was found!
}
return SerializationUtils.deserialize(accessParameters.getSerializedToken());
}
Example #5
| Source File: MongoTokenStoreTest.java From spring-security-mongo with MIT License | 6 votes |
|
@Test
public void shouldReadAuthenticationForRefreshToken() {
//Given
final OAuth2RefreshToken oAuth2RefreshToken = OAuth2RefreshTokenBuilder.oAuth2RefreshToken().build();
//And
final OAuth2Authentication authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();
final byte[] authenticationSer = SerializationUtils.serialize(authentication);
//And
given(mongoOAuth2RefreshTokenRepository.findByTokenId(any(String.class)))
.willReturn(MongoOAuth2RefreshTokenBuilder.mongoOAuth2RefreshTokenBuilder()
.authentication(authenticationSer)
.build());
//When
final OAuth2Authentication oAuth2Authentication = mongoTokenStore.readAuthenticationForRefreshToken(oAuth2RefreshToken);
//Then
assertThat(oAuth2Authentication.getPrincipal()).isEqualTo(authentication.getPrincipal());
assertThat(oAuth2Authentication.getCredentials()).isEqualTo(authentication.getCredentials());
}
Example #6
| Source File: MongoTokenStoreTest.java From spring-security-mongo with MIT License | 6 votes |
|
@Test
public void shouldReadRefreshToken() {
//Given
final String tokenValue = string().next();
final OAuth2RefreshToken oAuth2RefreshToken = OAuth2RefreshTokenBuilder.oAuth2RefreshToken().build();
final byte[] oAuth2RefreshTokenSer = SerializationUtils.serialize(oAuth2RefreshToken);
//And
given(mongoOAuth2RefreshTokenRepository.findByTokenId(any(String.class)))
.willReturn(MongoOAuth2RefreshTokenBuilder.mongoOAuth2RefreshTokenBuilder().token(oAuth2RefreshTokenSer).build());
//When
final OAuth2RefreshToken result = mongoTokenStore.readRefreshToken(tokenValue);
//Then
assertThat(result.getValue()).isEqualTo(oAuth2RefreshToken.getValue());
}
Example #7
| Source File: MongoTokenStoreTest.java From spring-security-mongo with MIT License | 6 votes |
|
@Test
public void shouldStoreRefreshToken() {
//Given
final OAuth2RefreshToken oAuth2RefreshToken = OAuth2RefreshTokenBuilder.oAuth2RefreshToken().build();
//And
final OAuth2Authentication oAuth2Authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();
//And
final ArgumentCaptor<MongoOAuth2RefreshToken> argumentCaptor = ArgumentCaptor.forClass(MongoOAuth2RefreshToken.class);
//When
mongoTokenStore.storeRefreshToken(oAuth2RefreshToken, oAuth2Authentication);
//Then
verify(mongoOAuth2RefreshTokenRepository).save(argumentCaptor.capture());
final MongoOAuth2RefreshToken refreshToken = argumentCaptor.getValue();
final byte[] expectedResult = SerializationUtils.serialize(oAuth2RefreshToken);
assertThat(refreshToken.getToken()).isEqualTo(expectedResult);
}
Example #8
| Source File: MongoTokenStoreTest.java From spring-security-mongo with MIT License | 6 votes |
|
@Test
public void shouldStoreAccessToken() {
//Given
final OAuth2AccessToken auth2AccessToken = OAuth2AccessTokenBuilder.oAuth2AccessTokenBuilder().build();
final byte[] token = SerializationUtils.serialize(auth2AccessToken);
//And
final OAuth2Authentication oAuth2Authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();
//And
given(mongoOAuth2AccessTokenRepository.findByTokenId(any(String.class)))
.willReturn(MongoOAuth2AccessTokenBuilder.mongoOAuth2AccessTokenBuilder().token(token).build());
//When
mongoTokenStore.storeAccessToken(auth2AccessToken, oAuth2Authentication);
//Then
verify(mongoOAuth2AccessTokenRepository).deleteByTokenId(any(String.class));
verify(mongoOAuth2AccessTokenRepository).save(any(MongoOAuth2AccessToken.class));
}
Example #9
| Source File: OAuth2Shim.java From shimmer with Apache License 2.0 | 5 votes |
|
@Override
public AuthorizationRequestParameters getAuthorizationRequestParameters(
String username,
Map<String, String> additionalParameters)
throws ShimException {
OAuth2RestOperations restTemplate = restTemplate();
try {
// TODO replace with restTemplate.getAccessToken();
trigger(restTemplate, getTriggerDataRequest());
// if no exception has been thrown, assume that the current authorization is valid
return AuthorizationRequestParameters.authorized();
}
catch (UserRedirectRequiredException e) {
// if an exception was thrown it means a redirect is required
AccessTokenRequest accessTokenRequest = restTemplate.getOAuth2ClientContext().getAccessTokenRequest();
String stateKey = accessTokenRequest.getStateKey();
/**
* Build an authorization request from the exception
* parameters. We also serialize spring's accessTokenRequest.
*/
AuthorizationRequestParameters authRequestParams = new AuthorizationRequestParameters();
authRequestParams.setRedirectUri(e.getRedirectUri());
authRequestParams.setStateKey(e.getStateKey());
authRequestParams.setAuthorizationUrl(getAuthorizationUrl(e, additionalParameters));
authRequestParams.setSerializedRequest(SerializationUtils.serialize(accessTokenRequest));
authRequestParams.setStateKey(stateKey);
authRequestParams.setRequestParams(additionalParameters);
return authorizationRequestParametersRepo.save(authRequestParams);
}
}
Example #10
| Source File: RedisAuthorizationCodeServices.java From cloud-service with MIT License | 5 votes |
|
/**
* 存储code到redis,并设置过期时间,10分钟<br>
* value为OAuth2Authentication序列化后的字节<br>
* 因为OAuth2Authentication没有无参构造函数<br>
* redisTemplate.opsForValue().set(key, value, timeout, unit);
* 这种方式直接存储的话,redisTemplate.opsForValue().get(key)的时候有些问题,
* 所以这里采用最底层的方式存储,get的时候也用最底层的方式获取
*/
@Override
protected void store(String code, OAuth2Authentication authentication) {
redisTemplate.execute(new RedisCallback<Long>() {
@Override
public Long doInRedis(RedisConnection connection) throws DataAccessException {
connection.set(codeKey(code).getBytes(), SerializationUtils.serialize(authentication),
Expiration.from(10, TimeUnit.MINUTES), SetOption.UPSERT);
return 1L;
}
});
}
Example #11
| Source File: MongoTokenStoreTest.java From spring-security-mongo with MIT License | 5 votes |
|
@Test
public void shouldGetAccessToken() {
//Given
final OAuth2Authentication oAuth2Authentication = OAuth2AuthenticationBuilder.oAuth2AuthenticationBuilder().build();
//And
final String value = string().next();
doReturn(value).doReturn(value).when(authenticationKeyGenerator).extractKey(any());
//And
final OAuth2AccessToken oAuth2AccessToken = OAuth2AccessTokenBuilder.oAuth2AccessTokenBuilder().build();
final byte[] oAuth2AccessTokenSer = SerializationUtils.serialize(oAuth2AccessToken);
given(mongoOAuth2AccessTokenRepository.findByAuthenticationId(value))
.willReturn(MongoOAuth2AccessTokenBuilder.mongoOAuth2AccessTokenBuilder()
.token(oAuth2AccessTokenSer)
.build());
//And
given(mongoOAuth2AccessTokenRepository.findByTokenId(any()))
.willReturn(MongoOAuth2AccessTokenBuilder.mongoOAuth2AccessTokenBuilder().build());
//When
mongoTokenStore.getAccessToken(oAuth2Authentication);
//Then
verify(mongoOAuth2AccessTokenRepository, never()).deleteByTokenId(any(String.class));
verify(mongoOAuth2AccessTokenRepository, never()).save(any(MongoOAuth2AccessToken.class));
}
Example #12
| Source File: MongoClientTokenServices.java From spring-security-mongo with MIT License | 5 votes |
|
@Override
public void saveAccessToken(final OAuth2ProtectedResourceDetails resource,
final Authentication authentication,
final OAuth2AccessToken accessToken) {
removeAccessToken(resource, authentication);
final MongoOAuth2ClientToken mongoOAuth2ClientToken = new MongoOAuth2ClientToken(UUID.randomUUID().toString(),
accessToken.getValue(),
SerializationUtils.serialize(accessToken),
clientKeyGenerator.extractKey(resource, authentication),
authentication.getName(),
resource.getClientId());
mongoOAuth2ClientTokenRepository.save(mongoOAuth2ClientToken);
}
Example #13
| Source File: MongoClientTokenServices.java From spring-security-mongo with MIT License | 4 votes |
|
@Override
public OAuth2AccessToken getAccessToken(final OAuth2ProtectedResourceDetails resource,
final Authentication authentication) {
final MongoOAuth2ClientToken mongoOAuth2ClientToken = mongoOAuth2ClientTokenRepository.findByAuthenticationId(clientKeyGenerator.extractKey(resource, authentication));
return SerializationUtils.deserialize(mongoOAuth2ClientToken.getToken());
}
Example #14
| Source File: MongoTokenStore.java From spring-security-mongo with MIT License | 4 votes |
|
private Collection<OAuth2AccessToken> transformToOAuth2AccessTokens(final List<MongoOAuth2AccessToken> oAuth2AccessTokens) {
return oAuth2AccessTokens.stream()
.filter(Objects::nonNull)
.map(token -> SerializationUtils.<OAuth2AccessToken>deserialize(token.getToken()))
.collect(Collectors.toList());
}
Example #15
| Source File: RefreshToken.java From konker-platform with Apache License 2.0 | 4 votes |
|
public OAuth2Authentication authentication() {
return SerializationUtils.deserialize(authentication);
}
Example #16
| Source File: RefreshToken.java From konker-platform with Apache License 2.0 | 4 votes |
|
public OAuth2RefreshToken token() {
return SerializationUtils.deserialize(token);
}
Example #17
| Source File: AccessToken.java From konker-platform with Apache License 2.0 | 4 votes |
|
@Tolerate
public OAuth2Authentication authentication() {
return SerializationUtils.deserialize(authentication);
}
Example #18
| Source File: AccessToken.java From konker-platform with Apache License 2.0 | 4 votes |
|
@Tolerate
public OAuth2AccessToken token() {
return SerializationUtils.deserialize(token);
}
Example #19
| Source File: AuthorizationCode.java From konker-platform with Apache License 2.0 | 4 votes |
|
public OAuth2Authentication authentication() {
return SerializationUtils.deserialize(authenticationBytes);
}
Example #20
| Source File: AccessTokenDO.java From oauth-server with Apache License 2.0 | 4 votes |
|
public void setAuth2Authentication(OAuth2Authentication oauth2Authentication) {
this.auth2Authentication = oauth2Authentication;
this.authentication = SerializationUtils.serialize(oauth2Authentication);
}
Example #21
| Source File: AccessTokenDO.java From oauth-server with Apache License 2.0 | 4 votes |
|
public void setToken(byte[] token) {
this.token = token;
this.value = SerializationUtils.deserialize(token);
}
Example #22
| Source File: AccessTokenDO.java From oauth-server with Apache License 2.0 | 4 votes |
|
public void setValue(OAuth2AccessToken value) {
this.value = value;
this.token = SerializationUtils.serialize(value);
}
