/** * Extract the implied approvals from any tokens associated with the user and client id supplied. * * @see org.springframework.security.oauth2.provider.approval.ApprovalStore#getApprovals(java.lang.String, * java.lang.String) */ @Override public Collection<Approval> getApprovals(String userId, String clientId) { Collection<Approval> result = new HashSet<Approval>(); Collection<OAuth2AccessToken> tokens = store.findTokensByClientIdAndUserName(clientId, userId); for (OAuth2AccessToken token : tokens) { OAuth2Authentication authentication = store.readAuthentication(token); if (authentication != null) { Date expiresAt = token.getExpiration(); for (String scope : token.getScope()) { result.add(new Approval(userId, clientId, scope, expiresAt, ApprovalStatus.APPROVED)); } } } return result; }
/** * Revoke all tokens that match the client and user in the approvals supplied. * * @see org.springframework.security.oauth2.provider.approval.ApprovalStore#revokeApprovals(java.util.Collection) */ @Override public boolean revokeApprovals(Collection<Approval> approvals) { boolean success = true; for (Approval approval : approvals) { Collection<OAuth2AccessToken> tokens = store.findTokensByClientIdAndUserName(approval.getClientId(), approval.getUserId()); for (OAuth2AccessToken token : tokens) { OAuth2Authentication authentication = store.readAuthentication(token); if (authentication != null && approval.getClientId().equals(authentication.getOAuth2Request().getClientId())) { store.removeAccessToken(token); } } } return success; }
@PostMapping(value = "/approval/revoke") public String revokeApproval(@ModelAttribute Approval approval) { approvalStore.revokeApprovals(asList(approval)); tokenStore .findTokensByClientIdAndUserName(approval.getClientId(), approval.getUserId()) .forEach(tokenStore::removeAccessToken); return "redirect:/"; }
@RequestMapping(value="/approval/revoke",method= RequestMethod.POST) public String revokApproval(@ModelAttribute Approval approval){ approvalStore.revokeApprovals(asList(approval)); tokenStore.findTokensByClientIdAndUserName(approval.getClientId(),approval.getUserId()) .forEach(tokenStore::removeAccessToken) ; return "redirect:/"; }
public boolean longLifeTokenExist(String clientId, String userId, Collection<String> scopes) { Collection<OAuth2AccessToken> existingTokens = orcidTokenStore.findTokensByClientIdAndUserName(clientId, userId); if(existingTokens == null || existingTokens.isEmpty()) { return false; } for(OAuth2AccessToken token : existingTokens) { if (token.getAdditionalInformation().get(OrcidOauth2Constants.PERSISTENT) != null && Boolean.valueOf((token.getAdditionalInformation().get("persistent").toString()))){ if(token.getScope().containsAll(scopes) && scopes.containsAll(token.getScope())) { return true; } } } return false; }
/** * Extract the implied approvals from any tokens associated with the user and client id supplied. * * @see org.springframework.security.oauth2.provider.approval.ApprovalStore#getApprovals(java.lang.String, * java.lang.String) */ @Override public Collection<Approval> getApprovals(String userId, String clientId) { Collection<Approval> result = new HashSet<Approval>(); Collection<OAuth2AccessToken> tokens = store.findTokensByClientIdAndUserName(clientId, userId); for (OAuth2AccessToken token : tokens) { OAuth2Authentication authentication = store.readAuthentication(token); if (authentication != null) { Date expiresAt = token.getExpiration(); for (String scope : token.getScope()) { result.add(new Approval(userId, clientId, scope, expiresAt, ApprovalStatus.APPROVED)); } } } return result; }
/** * Revoke all tokens that match the client and user in the approvals supplied. * * @see org.springframework.security.oauth2.provider.approval.ApprovalStore#revokeApprovals(java.util.Collection) */ @Override public boolean revokeApprovals(Collection<Approval> approvals) { boolean success = true; for (Approval approval : approvals) { Collection<OAuth2AccessToken> tokens = store.findTokensByClientIdAndUserName(approval.getClientId(), approval.getUserId()); for (OAuth2AccessToken token : tokens) { OAuth2Authentication authentication = store.readAuthentication(token); if (authentication != null && approval.getClientId().equals(authentication.getOAuth2Request().getClientId())) { store.removeAccessToken(token); } } } return success; }