public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest) { return tokenRequest.createOAuth2Request(client); }
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { Map<String, String> params = tokenRequest.getRequestParameters(); String username = params.containsKey("username") ? params.get("username") : "guest"; List<GrantedAuthority> authorities = params.containsKey("authorities") ? AuthorityUtils .createAuthorityList(OAuth2Utils.parseParameterList(params.get("authorities")).toArray(new String[0])) : AuthorityUtils.NO_AUTHORITIES; Authentication user = new UsernamePasswordAuthenticationToken(username, "N/A", authorities); OAuth2Authentication authentication = new OAuth2Authentication(tokenRequest.createOAuth2Request(client), user); return authentication; } }
@Override public OAuth2Request createOAuth2Request(ClientDetails client) { OAuth2Request request = super.createOAuth2Request(client); return new OAuth2Request( request.getRequestParameters(), client.getClientId(), client.getAuthorities(), true, request.getScope(), resourceIds, request.getRedirectUri(), responseTypes, request.getExtensions()); } }
@Before public void createTokenStore() throws Exception { jdbcTemplate.update("delete from oauth_code"); List<GrantedAuthority> userAuthorities = Arrays.<GrantedAuthority>asList(new SimpleGrantedAuthority("openid")); store = new UaaTokenStore(dataSource); legacyCodeServices = new JdbcAuthorizationCodeServices(dataSource); BaseClientDetails client = new BaseClientDetails("clientid", null, "openid","client_credentials,password", "oauth.login", null); Map<String,String> parameters = new HashMap<>(); parameters.put(OAuth2Utils.CLIENT_ID, client.getClientId()); TokenRequest clientRequest = new TokenRequest(new HashMap<>(parameters), client.getClientId(), UaaStringUtils.getStringsFromAuthorities(client.getAuthorities()), "client_credentials"); clientAuthentication = new OAuth2Authentication(clientRequest.createOAuth2Request(client), null); parameters.put("scope","openid"); parameters.put("grant_type","password"); UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(principal,null,userAuthorities); clientRequest = new TokenRequest(new HashMap<>(parameters), client.getClientId(), client.getScope(), "password"); usernamePasswordAuthentication = new OAuth2Authentication(clientRequest.createOAuth2Request(client), usernamePasswordAuthenticationToken); MockHttpServletRequest request = new MockHttpServletRequest(); request.setRemoteAddr("127.0.0.1"); UaaAuthentication authentication = new UaaAuthentication(principal, userAuthorities, new UaaAuthenticationDetails(request)); uaaAuthentication = new OAuth2Authentication(clientRequest.createOAuth2Request(client), authentication); }
@Test public void testTokenRequestIncludesResourceIds() { SecurityContextAccessor securityContextAccessor = new StubSecurityContextAccessor() { @Override public boolean isUser() { return false; } @Override public Collection<? extends GrantedAuthority> getAuthorities() { return AuthorityUtils.commaSeparatedStringToAuthorityList("aud1.test aud2.test"); } }; parameters.put("scope", "aud1.test aud2.test"); parameters.put("client_id", client.getClientId()); parameters.put(OAuth2Utils.GRANT_TYPE, "client_credentials"); IdentityZoneHolder.get().getConfig().getUserConfig().setDefaultGroups(Arrays.asList("aud1.test")); factory.setSecurityContextAccessor(securityContextAccessor); client.setScope(StringUtils.commaDelimitedListToSet("aud1.test,aud2.test")); OAuth2Request request = factory.createTokenRequest(parameters, client).createOAuth2Request(client); assertEquals(StringUtils.commaDelimitedListToSet("aud1.test,aud2.test"), new TreeSet<>(request.getScope())); assertEquals(StringUtils.commaDelimitedListToSet("aud1,aud2"), new TreeSet<>(request.getResourceIds())); }
ReflectionTestUtils.setField(factory, "uaaUserDatabase", null); client.setClientId("requestingId"); OAuth2Request request = factory.createTokenRequest(parameters, client).createOAuth2Request(recipient); assertEquals(recipient.getClientId(), request.getClientId()); assertEquals(recipient.getClientId(), request.getRequestParameters().get(CLIENT_ID));
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken oAuth2AccessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
public OAuth2Request createOAuth2Request(ClientDetails client, TokenRequest tokenRequest) { return tokenRequest.createOAuth2Request(client); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) { String header = request.getHeader(SecurityConstant.AUTHORIZATION); if (StringHelper.isBlank(header) || !header.startsWith(SecurityConstant.BASIC)) throw new UnapprovedClientAuthenticationException("请求头中client信息为空"); try { String[] tokens = extractAndDecodeHeader(header); assert tokens.length == 2; String clientId = tokens[0]; ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); TokenRequest tokenRequest = new TokenRequest(MapUtil.newHashMap(), clientId, clientDetails.getScope(), CommonConstant.SPRING_SECURITY_FORM_MOBILE_KEY); OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken oAuth2AccessToken = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); log.info("获取token 成功:{}", oAuth2AccessToken.getValue()); response.setCharacterEncoding(CommonConstant.UTF8); response.setContentType(CommonConstant.CONTENT_TYPE); PrintWriter printWriter = response.getWriter(); printWriter.append(objectMapper.writeValueAsString(oAuth2AccessToken)); } catch (IOException e) { throw new BadCredentialsException("Failed to decode basic authentication token"); } }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { log.info("【AppLoginInSuccessHandler】 onAuthenticationSuccess authentication={}", authentication); String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = this.extractAndDecodeHeader(header, request); assert tokens.length == 2; String clientId = tokens[0]; String clientSecret = tokens[1]; ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId); } TokenRequest tokenRequest = new TokenRequest(new HashMap<String, String>(), clientId, clientDetails.getScope(), "custom"); OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write(objectMapper.writeValueAsString(token)); log.info("token={}", JsonUtil.toJson(token)); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { log.info("【AppLoginInSuccessHandler】 onAuthenticationSuccess authentication={}", authentication); String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = this.extractAndDecodeHeader(header, request); assert tokens.length == 2; String clientId = tokens[0]; String clientSecret = tokens[1]; ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId); } TokenRequest tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom"); OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write(objectMapper.writeValueAsString(token)); log.info("token={}", JsonUtil.toJson(token)); }
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { log.info("【AppLoginInSuccessHandler】 onAuthenticationSuccess authentication={}", authentication); String header = request.getHeader("Authorization"); if (header == null || !header.startsWith("Basic ")) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = this.extractAndDecodeHeader(header, request); assert tokens.length == 2; String clientId = tokens[0]; String clientSecret = tokens[1]; ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId); } else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId); } TokenRequest tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom"); OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write(objectMapper.writeValueAsString(token)); log.info("token={}", JsonUtil.toJson(token)); }
@Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { logger.info("登录成功"); String header = request.getHeader(HttpHeaders.AUTHORIZATION); if (header == null || !header.startsWith(BEARER_TOKEN_TYPE)) { throw new UnapprovedClientAuthenticationException("请求头中无client信息"); } String[] tokens = RequestUtil.extractAndDecodeHeader(header); assert tokens.length == 2; String clientId = tokens[0]; //客户端密码加密 String clientSecret = tokens[1]; ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); if (clientDetails == null) { throw new UnapprovedClientAuthenticationException("clientId对应的配置信息不存在:" + clientId); } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { throw new UnapprovedClientAuthenticationException("clientSecret不匹配:" + clientId); } TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "custom"); OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); SecurityUser principal = (SecurityUser) authentication.getPrincipal(); //uacUserService.handlerLoginData(token, principal, request); log.info("用户【 {} 】记录登录日志", principal.getUsername()); response.setContentType("application/json;charset=UTF-8"); response.getWriter().write((objectMapper.writeValueAsString(WrapMapper.ok(token)))); }