reader.beginArray(); while (reader.hasNext()) { AuthenticationHolderEntity ahe = new AuthenticationHolderEntity(); reader.beginObject(); Long currentId = null; currentId = reader.nextLong(); } else if (name.equals(REQUEST_PARAMETERS)) { ahe.setRequestParameters(readMap(reader)); } else if (name.equals(CLIENT_ID)) { ahe.setClientId(reader.nextString()); } else if (name.equals(SCOPE)) { ahe.setScope(readSet(reader)); } else if (name.equals(RESOURCE_IDS)) { ahe.setResourceIds(readSet(reader)); } else if (name.equals(AUTHORITIES)) { Set<String> authorityStrs = readSet(reader); ahe.setAuthorities(authorities); } else if (name.equals(APPROVED)) { ahe.setApproved(reader.nextBoolean()); } else if (name.equals(REDIRECT_URI)) { ahe.setRedirectUri(reader.nextString()); } else if (name.equals(RESPONSE_TYPES)) { ahe.setResponseTypes(readSet(reader)); } else if (name.equals(EXTENSIONS)) { ahe.setExtensions(readMap(reader)); } else if (name.equals(SAVED_USER_AUTHENTICATION)) { ahe.setUserAuth(readSavedUserAuthentication(reader));
@Override public DeviceCode approveDeviceCode(DeviceCode dc, OAuth2Authentication auth) { DeviceCode found = repository.getById(dc.getId()); found.setApproved(true); AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); authHolder.setAuthentication(auth); found.setAuthenticationHolder(authHolder); return repository.save(found); }
@RequestMapping(value = "/access/{id}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE) public String deleteAccessTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) { OAuth2AccessTokenEntity token = tokenService.getAccessTokenById(id); if (token == null) { logger.error("getToken failed; token not found: " + id); m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND); m.put(JsonErrorView.ERROR_MESSAGE, "The requested token with id " + id + " could not be found."); return JsonErrorView.VIEWNAME; } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) { logger.error("getToken failed; token does not belong to principal " + p.getName()); m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN); m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this token"); return JsonErrorView.VIEWNAME; } else { tokenService.revokeAccessToken(token); return HttpCodeView.VIEWNAME; } }
@Transient public OAuth2Authentication getAuthentication() { // TODO: memoize this return new OAuth2Authentication(createOAuth2Request(), getUserAuth()); }
public void setAuthentication(OAuth2Authentication authentication) { // pull apart the request and save its bits OAuth2Request o2Request = authentication.getOAuth2Request(); setAuthorities(o2Request.getAuthorities() == null ? null : new HashSet<>(o2Request.getAuthorities())); setClientId(o2Request.getClientId()); setExtensions(o2Request.getExtensions() == null ? null : new HashMap<>(o2Request.getExtensions())); setRedirectUri(o2Request.getRedirectUri()); setRequestParameters(o2Request.getRequestParameters() == null ? null : new HashMap<>(o2Request.getRequestParameters())); setResourceIds(o2Request.getResourceIds() == null ? null : new HashSet<>(o2Request.getResourceIds())); setResponseTypes(o2Request.getResponseTypes() == null ? null : new HashSet<>(o2Request.getResponseTypes())); setScope(o2Request.getScope() == null ? null : new HashSet<>(o2Request.getScope())); setApproved(o2Request.isApproved()); if (authentication.getUserAuthentication() != null) { this.userAuth = new SavedUserAuthentication(authentication.getUserAuthentication()); } else { this.userAuth = null; } }
for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) { writer.beginObject(); writer.name(ID).value(holder.getId()); for (Entry<String, String> entry : holder.getRequestParameters().entrySet()) { writer.name(entry.getKey()).value(entry.getValue()); writer.name(CLIENT_ID).value(holder.getClientId()); Set<String> scope = holder.getScope(); writer.name(SCOPE); writer.beginArray(); writer.name(RESOURCE_IDS); writer.beginArray(); if (holder.getResourceIds() != null) { for (String s : holder.getResourceIds()) { writer.value(s); writer.name(AUTHORITIES); writer.beginArray(); for (GrantedAuthority authority : holder.getAuthorities()) { writer.value(authority.getAuthority()); writer.name(APPROVED).value(holder.isApproved()); writer.name(REDIRECT_URI).value(holder.getRedirectUri()); writer.name(RESPONSE_TYPES); writer.beginArray(); for (String s : holder.getResponseTypes()) { writer.value(s);
reader.beginArray(); while (reader.hasNext()) { AuthenticationHolderEntity ahe = new AuthenticationHolderEntity(); reader.beginObject(); Long currentId = null; ahe.setAuthentication(auth); } else { logger.debug("Found unexpected entry"); Long newId = authHolderRepository.save(ahe).getId(); maps.getAuthHolderOldToNewIdMap().put(currentId, newId); logger.debug("Read authentication holder {}", currentId);
AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();
@Override protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { String deviceCode = tokenRequest.getRequestParameters().get("device_code"); // look up the device code and consume it DeviceCode dc = deviceCodeService.findDeviceCode(deviceCode, client); if (dc != null) { // make sure the code hasn't expired yet if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) { deviceCodeService.clearDeviceCode(deviceCode, client); throw new DeviceCodeExpiredException("Device code has expired " + deviceCode); } else if (!dc.isApproved()) { // still waiting for approval throw new AuthorizationPendingException("Authorization pending for code " + deviceCode); } else { // inherit the (approved) scopes from the original request tokenRequest.setScope(dc.getScope()); OAuth2Authentication auth = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), dc.getAuthenticationHolder().getUserAuth()); deviceCodeService.clearDeviceCode(deviceCode, client); return auth; } } else { throw new InvalidGrantException("Invalid device code: " + deviceCode); } }
accessToken.getAuthenticationHolder().getClientId()); return idToken;
for (AuthenticationHolderEntity holder : authHolderRepository.getAll()) { writer.beginObject(); writer.name(ID).value(holder.getId()); for (Entry<String, String> entry : holder.getRequestParameters().entrySet()) { writer.name(entry.getKey()).value(entry.getValue()); writer.name(CLIENT_ID).value(holder.getClientId()); Set<String> scope = holder.getScope(); writer.name(SCOPE); writer.beginArray(); writer.name(RESOURCE_IDS); writer.beginArray(); if (holder.getResourceIds() != null) { for (String s : holder.getResourceIds()) { writer.value(s); writer.name(AUTHORITIES); writer.beginArray(); for (GrantedAuthority authority : holder.getAuthorities()) { writer.value(authority.getAuthority()); writer.name(APPROVED).value(holder.isApproved()); writer.name(REDIRECT_URI).value(holder.getRedirectUri()); writer.name(RESPONSE_TYPES); writer.beginArray(); for (String s : holder.getResponseTypes()) { writer.value(s);
reader.beginArray(); while (reader.hasNext()) { AuthenticationHolderEntity ahe = new AuthenticationHolderEntity(); reader.beginObject(); Long currentId = null; ahe.setAuthentication(auth); } else { logger.debug("Found unexpected entry"); Long newId = authHolderRepository.save(ahe).getId(); maps.getAuthHolderOldToNewIdMap().put(currentId, newId); logger.debug("Read authentication holder {}", currentId);
AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); OAuth2Request originalAuthRequest = authHolder.getAuthentication().getOAuth2Request();
@Override protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { String deviceCode = tokenRequest.getRequestParameters().get("device_code"); // look up the device code and consume it DeviceCode dc = deviceCodeService.findDeviceCode(deviceCode, client); if (dc != null) { // make sure the code hasn't expired yet if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) { deviceCodeService.clearDeviceCode(deviceCode, client); throw new DeviceCodeExpiredException("Device code has expired " + deviceCode); } else if (!dc.isApproved()) { // still waiting for approval throw new AuthorizationPendingException("Authorization pending for code " + deviceCode); } else { // inherit the (approved) scopes from the original request tokenRequest.setScope(dc.getScope()); OAuth2Authentication auth = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), dc.getAuthenticationHolder().getUserAuth()); deviceCodeService.clearDeviceCode(deviceCode, client); return auth; } } else { throw new InvalidGrantException("Invalid device code: " + deviceCode); } }
reader.beginArray(); while (reader.hasNext()) { AuthenticationHolderEntity ahe = new AuthenticationHolderEntity(); reader.beginObject(); Long currentId = null; currentId = reader.nextLong(); } else if (name.equals(REQUEST_PARAMETERS)) { ahe.setRequestParameters(readMap(reader)); } else if (name.equals(CLIENT_ID)) { ahe.setClientId(reader.nextString()); } else if (name.equals(SCOPE)) { ahe.setScope(readSet(reader)); } else if (name.equals(RESOURCE_IDS)) { ahe.setResourceIds(readSet(reader)); } else if (name.equals(AUTHORITIES)) { Set<String> authorityStrs = readSet(reader); ahe.setAuthorities(authorities); } else if (name.equals(APPROVED)) { ahe.setApproved(reader.nextBoolean()); } else if (name.equals(REDIRECT_URI)) { ahe.setRedirectUri(reader.nextString()); } else if (name.equals(RESPONSE_TYPES)) { ahe.setResponseTypes(readSet(reader)); } else if (name.equals(EXTENSIONS)) { ahe.setExtensions(readMap(reader)); } else if (name.equals(SAVED_USER_AUTHENTICATION)) { ahe.setUserAuth(readSavedUserAuthentication(reader));
/** * Generate a random authorization code and create an AuthorizationCodeEntity, * which will be stored in the repository. * * @param authentication the authentication of the current user, to be retrieved when the * code is consumed * @return the authorization code */ @Override @Transactional(value="defaultTransactionManager") public String createAuthorizationCode(OAuth2Authentication authentication) { String code = generator.generate(); // attach the authorization so that we can look it up later AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); // set the auth code to expire Date expiration = new Date(System.currentTimeMillis() + (getAuthCodeExpirationSeconds() * 1000L)); AuthorizationCodeEntity entity = new AuthorizationCodeEntity(code, authHolder, expiration); repository.save(entity); return code; }
reader.beginArray(); while (reader.hasNext()) { AuthenticationHolderEntity ahe = new AuthenticationHolderEntity(); reader.beginObject(); Long currentId = null; ahe.setAuthentication(auth); } else { logger.debug("Found unexpected entry"); Long newId = authHolderRepository.save(ahe).getId(); maps.getAuthHolderOldToNewIdMap().put(currentId, newId); logger.debug("Read authentication holder {}", currentId);
@RequestMapping(value = "/access/{id}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) public String getAccessTokenById(@PathVariable("id") Long id, ModelMap m, Principal p) { OAuth2AccessTokenEntity token = tokenService.getAccessTokenById(id); if (token == null) { logger.error("getToken failed; token not found: " + id); m.put(HttpCodeView.CODE, HttpStatus.NOT_FOUND); m.put(JsonErrorView.ERROR_MESSAGE, "The requested token with id " + id + " could not be found."); return JsonErrorView.VIEWNAME; } else if (!token.getAuthenticationHolder().getAuthentication().getName().equals(p.getName())) { logger.error("getToken failed; token does not belong to principal " + p.getName()); m.put(HttpCodeView.CODE, HttpStatus.FORBIDDEN); m.put(JsonErrorView.ERROR_MESSAGE, "You do not have permission to view this token"); return JsonErrorView.VIEWNAME; } else { m.put(JsonEntityView.ENTITY, token); return TokenApiView.VIEWNAME; } }
reader.beginArray(); while (reader.hasNext()) { AuthenticationHolderEntity ahe = new AuthenticationHolderEntity(); reader.beginObject(); Long currentId = null; currentId = reader.nextLong(); } else if (name.equals(REQUEST_PARAMETERS)) { ahe.setRequestParameters(readMap(reader)); } else if (name.equals(CLIENT_ID)) { ahe.setClientId(reader.nextString()); } else if (name.equals(SCOPE)) { ahe.setScope(readSet(reader)); } else if (name.equals(RESOURCE_IDS)) { ahe.setResourceIds(readSet(reader)); } else if (name.equals(AUTHORITIES)) { Set<String> authorityStrs = readSet(reader); ahe.setAuthorities(authorities); } else if (name.equals(APPROVED)) { ahe.setApproved(reader.nextBoolean()); } else if (name.equals(REDIRECT_URI)) { ahe.setRedirectUri(reader.nextString()); } else if (name.equals(RESPONSE_TYPES)) { ahe.setResponseTypes(readSet(reader)); } else if (name.equals(EXTENSIONS)) { ahe.setExtensions(readMap(reader)); } else if (name.equals(SAVED_USER_AUTHENTICATION)) { ahe.setUserAuth(readSavedUserAuthentication(reader));
token.setScope(scope); AuthenticationHolderEntity authHolder = new AuthenticationHolderEntity(); authHolder.setAuthentication(authentication); authHolder = authenticationHolderRepository.save(authHolder); token.setAuthenticationHolder(authHolder);