org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException Java Examples
The following examples show how to use
org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OAuth2Controller.java From microservices-platform with Apache License 2.0 | 5 votes |
private ClientDetails getClient(String clientId, String clientSecret) { ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId对应的信息不存在"); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("clientSecret不匹配"); } return clientDetails; }
Example #2
Source File: AuthUtils.java From microservices-platform with Apache License 2.0 | 5 votes |
/** * *从header 请求中的clientId:clientSecret */ public static String[] extractClient(HttpServletRequest request) { String header = request.getHeader("Authorization"); if (header == null || !header.startsWith(BASIC_)) { throw new UnapprovedClientAuthenticationException("请求头中client信息为空"); } return extractHeaderClient(header); }
Example #3
Source File: SmsSuccessHandler.java From spring-security-oauth2-demo with GNU General Public License v3.0 | 5 votes |
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { log.info("Login succeed!"); // 1. 获取客户端认证信息 String header = request.getHeader("Authorization"); if (header == null || !header.toLowerCase().startsWith("basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无客户端信息"); } // 解密请求头 String[] client = extractAndDecodeHeader(header); if (client.length != 2) { throw new BadCredentialsException("Invalid basic authentication token"); } String clientId = client[0]; String clientSecret = client[1]; // 获取客户端信息进行对比判断 ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("客户端信息不存在:" + clientId); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("客户端密钥不匹配" + clientSecret); } // 2. 构建令牌请求 TokenRequest tokenRequest = new TokenRequest(new HashMap<>(0), clientId, clientDetails.getScope(), "custom"); // 3. 创建 oauth2 令牌请求 OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); // 4. 获取当前用户信息(省略,前面已经获取过了) // 5. 构建用户授权令牌 (省略,已经传过来了) // 6. 构建 oauth2 身份验证令牌 OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); // 7. 创建令牌 OAuth2AccessToken accessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); // 直接结束 response.setContentType("application/json;charset=utf-8"); response.getWriter().write(objectMapper.writeValueAsString(accessToken)); }
Example #4
Source File: CustomAuthenticationSuccessHandler.java From fast-family-master with Apache License 2.0 | 5 votes |
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = this.extractAndDecodeHeader(header, request); if (tokens.length != 2) { throw new BadCredentialsException("Invalid basic authentication token"); } String clientId = tokens[0]; String clientSecret = tokens[1]; ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId); } else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId); } TokenRequest tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom"); OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); //此处可自定义扩展返回结果。 extendAuthenticationSuccessHandler.customAuthenticationSuccessResult(response, token, authentication); }
Example #5
Source File: MyAuthenticationSucessHandler.java From SpringAll with MIT License | 5 votes |
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { // 1. 从请求头中获取 ClientId String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = this.extractAndDecodeHeader(header, request); String clientId = tokens[0]; String clientSecret = tokens[1]; TokenRequest tokenRequest = null; // 2. 通过 ClientDetailsService 获取 ClientDetails ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); // 3. 校验 ClientId和 ClientSecret的正确性 if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId:" + clientId + "对应的信息不存在"); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("clientSecret不正确"); } else { // 4. 通过 TokenRequest构造器生成 TokenRequest tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom"); } // 5. 通过 TokenRequest的 createOAuth2Request方法获取 OAuth2Request OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); // 6. 通过 Authentication和 OAuth2Request构造出 OAuth2Authentication OAuth2Authentication auth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); // 7. 通过 AuthorizationServerTokenServices 生成 OAuth2AccessToken OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(auth2Authentication); // 8. 返回 Token log.info("登录成功"); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write(new ObjectMapper().writeValueAsString(token)); }
Example #6
Source File: MyAuthenticationSucessHandler.java From SpringAll with MIT License | 5 votes |
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { // 1. 从请求头中获取 ClientId String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = this.extractAndDecodeHeader(header, request); String clientId = tokens[0]; String clientSecret = tokens[1]; TokenRequest tokenRequest = null; // 2. 通过 ClientDetailsService 获取 ClientDetails ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); // 3. 校验 ClientId和 ClientSecret的正确性 if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId:" + clientId + "对应的信息不存在"); } else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { throw new UnapprovedClientAuthenticationException("clientSecret不正确"); } else { // 4. 通过 TokenRequest构造器生成 TokenRequest tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom"); } // 5. 通过 TokenRequest的 createOAuth2Request方法获取 OAuth2Request OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); // 6. 通过 Authentication和 OAuth2Request构造出 OAuth2Authentication OAuth2Authentication auth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); // 7. 通过 AuthorizationServerTokenServices 生成 OAuth2AccessToken OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(auth2Authentication); // 8. 返回 Token log.info("登录成功"); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write(new ObjectMapper().writeValueAsString(token)); }
Example #7
Source File: CustomToken.java From spring-security-oauth2-demo with GNU General Public License v3.0 | 4 votes |
@PostMapping("/{type}") public HttpEntity<?> auth(HttpServletRequest request, @PathVariable String type) { // 判断是否是我们自定义的授权类型 if (!"sms".equalsIgnoreCase(type) && !"email".equalsIgnoreCase(type)) { throw new UnsupportedGrantTypeException("Unsupported grant type: " + type); } log.info(type + " login succeed!"); // 1. 获取客户端认证信息 String header = request.getHeader("Authorization"); if (header == null || !header.toLowerCase().startsWith("basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无客户端信息"); } // 解密请求头 String[] client = extractAndDecodeHeader(header); if (client.length != 2) { throw new BadCredentialsException("Invalid basic authentication token"); } String clientId = client[0]; String clientSecret = client[1]; // 获取客户端信息进行对比判断 ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("客户端信息不存在:" + clientId); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("客户端密钥不匹配" + clientSecret); } // 2. 构建令牌请求 TokenRequest tokenRequest = new TokenRequest(new HashMap<>(0), clientId, clientDetails.getScope(), "custom"); // 3. 创建 oauth2 令牌请求 OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); // 4. 获取当前用户信息 UserDetails userDetails = userDetailsService.loadUserByUsername(request.getParameter(type)); // 5. 构建用户授权令牌 Authentication authentication = new UsernamePasswordAuthenticationToken( userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities()); // 6. 构建 oauth2 身份验证令牌 OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); // 7. 创建令牌 OAuth2AccessToken accessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); return ResponseEntity.ok(accessToken); }
Example #8
Source File: PoPAuthenticationManager.java From OAuth-2.0-Cookbook with MIT License | 4 votes |
@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { Authentication authenticationResult = authenticationManager .authenticate(authentication); if (authenticationResult.isAuthenticated()) { // validates nonce because JWT is already valid if (authentication instanceof PoPAuthenticationToken) { PoPAuthenticationToken popAuthentication = (PoPAuthenticationToken) authentication; // starts validating nonce here String nonce = popAuthentication.getNonce(); if (nonce == null) { throw new UnapprovedClientAuthenticationException( "This request does not have a valid signed nonce"); } String token = (String) popAuthentication.getPrincipal(); System.out.println("access token:" + token); try { JWT jwt = JWTParser.parse(token); String publicKey = jwt.getJWTClaimsSet().getClaim("public_key").toString(); JWK jwk = JWK.parse(publicKey); JWSObject jwsNonce = JWSObject.parse(nonce); JWSVerifier verifier = new RSASSAVerifier((RSAKey) jwk); if (!jwsNonce.verify(verifier)) { throw new InvalidTokenException("Client hasn't possession of given token"); } } catch (Exception e) { throw new RuntimeException(e); } } } return authenticationResult; }