/** * tests that the registered scopes are used as defaults */ @Test @OAuth2ContextConfiguration(NoScopeClientCredentials.class) public void testPostForTokenWithNoScopes() throws Exception { OAuth2AccessToken token = context.getAccessToken(); assertFalse("Wrong scope: " + token.getScope(), token.getScope().isEmpty()); }
/** * tests that the registered scopes are used as defaults */ @Test @OAuth2ContextConfiguration(NoScopeClientCredentials.class) public void testPostForTokenWithNoScopes() throws Exception { OAuth2AccessToken token = context.getAccessToken(); assertFalse("Wrong scope: " + token.getScope(), token.getScope().isEmpty()); }
jgen.writeNumberField(OAuth2AccessToken.EXPIRES_IN, (expiration.getTime() - now) / 1000); Set<String> scope = token.getScope(); if (scope != null && !scope.isEmpty()) { StringBuffer scopes = new StringBuffer();
/** * Extract the implied approvals from any tokens associated with the user and client id supplied. * * @see org.springframework.security.oauth2.provider.approval.ApprovalStore#getApprovals(java.lang.String, * java.lang.String) */ @Override public Collection<Approval> getApprovals(String userId, String clientId) { Collection<Approval> result = new HashSet<Approval>(); Collection<OAuth2AccessToken> tokens = store.findTokensByClientIdAndUserName(clientId, userId); for (OAuth2AccessToken token : tokens) { OAuth2Authentication authentication = store.readAuthentication(token); if (authentication != null) { Date expiresAt = token.getExpiration(); for (String scope : token.getScope()) { result.add(new Approval(userId, clientId, scope, expiresAt, ApprovalStatus.APPROVED)); } } } return result; }
jgen.writeNumberField(OAuth2AccessToken.EXPIRES_IN, (expiration.getTime() - now) / 1000); Set<String> scope = token.getScope(); if (scope != null && !scope.isEmpty()) { StringBuffer scopes = new StringBuffer();
@Test public void testLocalUaaRestTemplateAcquireToken() throws Exception { LocalUaaRestTemplate restTemplate = getWebApplicationContext().getBean(LocalUaaRestTemplate.class); OAuth2AccessToken token = restTemplate.acquireAccessToken(new DefaultOAuth2ClientContext()); assertTrue("Scopes should contain oauth.login", token.getScope().contains("oauth.login")); assertTrue("Scopes should contain notifications.write", token.getScope().contains("notifications.write")); assertTrue("Scopes should contain critical_notifications.write", token.getScope().contains("critical_notifications.write")); }
@Override public AuditEvent getAuditEvent() { String data = JsonUtils.writeValueAsString(getSource().getScope()); return createAuditRecord(getPrincipalId(), AuditEventType.TokenIssuedEvent, getOrigin(getAuthentication()), data); }
/** * Copy constructor for access token. * * @param accessToken */ public DefaultOAuth2AccessToken(OAuth2AccessToken accessToken) { this(accessToken.getValue()); setAdditionalInformation(accessToken.getAdditionalInformation()); setRefreshToken(accessToken.getRefreshToken()); setExpiration(accessToken.getExpiration()); setScope(accessToken.getScope()); setTokenType(accessToken.getTokenType()); }
@Test public void createRefreshToken_JwtDoesNotContainScopeClaim() { AuthorizationRequest authorizationRequest = new AuthorizationRequest(CLIENT_ID, tokenSupport.requestedAuthScopes); Map<String, String> authzParameters = new HashMap<>(authorizationRequest.getRequestParameters()); authzParameters.put(GRANT_TYPE, GRANT_TYPE_PASSWORD); authzParameters.put(REQUEST_TOKEN_FORMAT, JWT.toString()); authorizationRequest.setRequestParameters(authzParameters); Authentication userAuthentication = tokenSupport.defaultUserAuthentication; OAuth2Authentication authentication = new OAuth2Authentication(authorizationRequest.createOAuth2Request(), userAuthentication); OAuth2AccessToken accessToken = tokenServices.createAccessToken(authentication); String refreshTokenString = accessToken.getRefreshToken().getValue(); assertNotNull(refreshTokenString); Claims refreshTokenClaims = getClaimsFromTokenString(refreshTokenString); assertNotNull(refreshTokenClaims); assertNull(refreshTokenClaims.getScope()); // matcher below can't match list against set assertThat(refreshTokenClaims.getGrantedScopes(), containsInAnyOrder(accessToken.getScope().toArray())); }
@Test public void testAccessTokenReflectsGroupMembershipForPasswordGrant() throws Exception { createTestClient(DELETE_ME, "secret", CFID); ScimUser user = createUser(DELETE_ME, "Passwo3d"); createGroup(CFID, new ScimGroupMember(user.getId())); OAuth2AccessToken token = getAccessTokenWithPassword(DELETE_ME, "secret", DELETE_ME, "Passwo3d"); assertTrue("Wrong token: " + token, token.getScope().contains(CFID)); deleteTestClient(DELETE_ME); deleteResource(userEndpoint, user.getId()); }
@Test public void testAccessTokenReflectsGroupMembership() throws Exception { createTestClient(DELETE_ME, "secret", CFID); ScimUser user = createUser(DELETE_ME, "Passwo3d"); createGroup(CFID, new ScimGroupMember(user.getId())); OAuth2AccessToken token = getAccessToken(DELETE_ME, "secret", DELETE_ME, "Passwo3d"); assertTrue("Wrong token: " + token, token.getScope().contains(CFID)); deleteTestClient(DELETE_ME); deleteResource(userEndpoint, user.getId()); }
@Override public Set<String> getScope() { return oAuth2AccessToken.getScope(); }
@Override public Set<String> getScope() { return oAuth2AccessToken.getScope(); }
private boolean hasAdminScope(UserInfo userInfo) { return userInfo.getToken() .getScope() .contains(TokenFactory.SCOPE_CC_ADMIN); }
public boolean longLifeTokenExist(String clientId, String userId, Collection<String> scopes) { Collection<OAuth2AccessToken> existingTokens = orcidTokenStore.findTokensByClientIdAndUserName(clientId, userId); if(existingTokens == null || existingTokens.isEmpty()) { return false; } for(OAuth2AccessToken token : existingTokens) { if (token.getAdditionalInformation().get(OrcidOauth2Constants.PERSISTENT) != null && Boolean.valueOf((token.getAdditionalInformation().get("persistent").toString()))){ if(token.getScope().containsAll(scopes) && scopes.containsAll(token.getScope())) { return true; } } } return false; }
public static IETFTokenExchangeResponse accessToken(OAuth2AccessToken accessToken) { IETFTokenExchangeResponse token = new IETFTokenExchangeResponse(); token.additionalInformation.put("issued_token_type", OrcidOauth2Constants.IETF_EXCHANGE_ACCESS_TOKEN ); token.value = accessToken.getValue(); token.tokenType="bearer"; token.expiration = accessToken.getExpiration(); token.expiresIn = accessToken.getExpiresIn(); token.scope = accessToken.getScope(); if (accessToken.getAdditionalInformation().containsKey("orcid")) { token.additionalInformation.put("orcid",accessToken.getAdditionalInformation().get("orcid")); } if (accessToken.getAdditionalInformation().containsKey("name")) { token.additionalInformation.put("name",accessToken.getAdditionalInformation().get("name")); } return token; }
/** * Copy constructor for access token. * * @param accessToken */ public DefaultOAuth2AccessToken(OAuth2AccessToken accessToken) { this(accessToken.getValue()); setAdditionalInformation(accessToken.getAdditionalInformation()); setRefreshToken(accessToken.getRefreshToken()); setExpiration(accessToken.getExpiration()); setScope(accessToken.getScope()); setTokenType(accessToken.getTokenType()); }