public ImplicitTokenRequest(TokenRequest tokenRequest, OAuth2Request oauth2Request) { super(tokenRequest.getRequestParameters(), tokenRequest.getClientId(), tokenRequest.getScope(), tokenRequest.getGrantType()); this.oauth2Request = oauth2Request; }
@Override public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) { //swap the client ID for the recipient //so that the rest of the flow continues as normal TokenRequest adjusted = new TokenRequest( tokenRequest.getRequestParameters(), tokenRequest.getRequestParameters().get(USER_TOKEN_REQUESTING_CLIENT_ID), tokenRequest.getScope(), tokenRequest.getGrantType() ); return super.grant(grantType, adjusted); }
public void validateScope(TokenRequest tokenRequest, ClientDetails client) throws InvalidScopeException { if (GRANT_TYPE_CLIENT_CREDENTIALS.equalsIgnoreCase(tokenRequest.getGrantType())) { validateScope(tokenRequest.getScope(), getAuthorities(client.getAuthorities()), false); } else if (GRANT_TYPE_USER_TOKEN.equalsIgnoreCase(tokenRequest.getGrantType())) { client = clientDetailsService.loadClientByClientId(tokenRequest.getRequestParameters().get(CLIENT_ID), IdentityZoneHolder.get().getId()); validateScope(tokenRequest.getScope(), client.getScope(), true); } else { validateScope(tokenRequest.getScope(), client.getScope(), true); } }
oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient); if (!StringUtils.hasText(tokenRequest.getGrantType())) { throw new InvalidRequestException("Missing grant type"); if (tokenRequest.getGrantType().equals("implicit")) { throw new InvalidGrantException("Implicit grant type not supported from token endpoint"); OAuth2AccessToken token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest); if (token == null) { throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());
@Override public OAuth2AccessToken grant(String grantType, TokenRequest tokenRequest) { TokenRequest adjusted = new TokenRequest(tokenRequest.getRequestParameters(), tokenRequest.getClientId(), tokenRequest.getScope(), tokenRequest.getGrantType()); return super.grant(grantType, adjusted); }
protected Authentication validateRequest(TokenRequest request) { //things to validate //1. Authentication must exist and be authenticated Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null || !authentication.isAuthenticated() || !(authentication instanceof UaaOauth2Authentication)) { throw new InsufficientAuthenticationException("Invalid authentication object:"+authentication); } UaaOauth2Authentication oauth2Authentication = (UaaOauth2Authentication)authentication; //2. authentication must be a user, and authenticated if (oauth2Authentication.getUserAuthentication() == null || !oauth2Authentication.getUserAuthentication().isAuthenticated()) { throw new InsufficientAuthenticationException("Authentication containing a user is required"); } //3. parameter requesting_client_id must be present if (request.getRequestParameters()==null || request.getRequestParameters().get(USER_TOKEN_REQUESTING_CLIENT_ID)==null) { throw new InvalidGrantException("Parameter "+USER_TOKEN_REQUESTING_CLIENT_ID+" is required."); } //4. grant_type must be user_token if (!TokenConstants.GRANT_TYPE_USER_TOKEN.equals(request.getGrantType())) { throw new InvalidGrantException("Invalid grant type"); } //5. requesting client must have user_token grant type ClientDetails requesting = clientDetailsService.loadClientByClientId(request.getRequestParameters().get(USER_TOKEN_REQUESTING_CLIENT_ID), IdentityZoneHolder.get().getId()); super.validateGrantType(GRANT_TYPE_USER_TOKEN, requesting); //6. receiving client must have refresh_token grant type ClientDetails receiving = clientDetailsService.loadClientByClientId(request.getRequestParameters().get(CLIENT_ID), IdentityZoneHolder.get().getId()); super.validateGrantType(GRANT_TYPE_REFRESH_TOKEN, receiving); return oauth2Authentication.getUserAuthentication(); }
public ImplicitTokenRequest(TokenRequest tokenRequest, OAuth2Request oauth2Request) { super(tokenRequest.getRequestParameters(), tokenRequest.getClientId(), tokenRequest.getScope(), tokenRequest.getGrantType()); this.oauth2Request = oauth2Request; }
oAuth2RequestValidator.validateScope(tokenRequest, authenticatedClient); if (!StringUtils.hasText(tokenRequest.getGrantType())) { throw new InvalidRequestException("Missing grant type"); if (tokenRequest.getGrantType().equals("implicit")) { throw new InvalidGrantException("Implicit grant type not supported from token endpoint"); OAuth2AccessToken token = getTokenGranter().grant(tokenRequest.getGrantType(), tokenRequest); if (token == null) { throw new UnsupportedGrantTypeException("Unsupported grant type: " + tokenRequest.getGrantType());