Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

Package org.springframework.security.oauth2.provider

Examples of org.springframework.security.oauth2.provider.AuthorizationRequest

org.springframework.security.oauth2.provider.AuthorizationRequest
A request for authorization by an OAuth 2 Client, normally received and processed by the AuthorizationEndpoint. This class is meant to be manipulated throughout the authorization process, and is therefore treated as ephemeral and not to be stored long term. For long term storage, use the read-only {@link OAuth2Request} class.HTTP request parameters are stored in the parameters map, and any processing the server makes throughout the lifecycle of a request are stored on individual properties. The original request parameters will remain available through the parameters map. For convenience, constants are defined in order to get at those original values. However, the parameters map is unmodifiable so that processing cannot drop the original values. This class is {@link Serializable} in order to support storage of theauthorization request as a {@link SessionAttributes} member while the enduser through the authorization process (which may span several page requests). @author Ryan Heaton @author Dave Syer @author Amanda Anganes

   * Ensure that if the approval endpoint is called without a resolved redirect URI, the request fails.
   * @throws Exception
   */
  @Test(expected = InvalidRequestException.class)
  public void testApproveOrDenyWithOAuth2RequestWithoutRedirectUri() throws Exception {
    AuthorizationRequest request = getAuthorizationRequest("foo", null, null, null, Collections.singleton("code"));
    request.setApproved(true);
    Map<String, String> approvalParameters = new HashMap<String, String>();
    approvalParameters.put("user_oauth_approval", "true");
    model.put("authorizationRequest", request);
    endpoint.approveOrDeny(approvalParameters, model, sessionStatus, principal);

View Full Code Here


  @Test
  public void testBasicApproval() {
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put(OAuth2Utils.USER_OAUTH_APPROVAL, "true");
    AuthorizationRequest request = new AuthorizationRequest(parameters, null, null, null, null, null, false, null, null, null);
    request.setApproved(true); // This is enough to be explicitly approved
    assertTrue(handler.isApproved(request , new TestAuthentication("marissa", true)));
  }

View Full Code Here

  @Test
  public void testMemorizedApproval() {
    HashMap<String, String> parameters = new HashMap<String, String>();
    parameters.put(OAuth2Utils.USER_OAUTH_APPROVAL, "false");
    parameters.put("client_id", "foo");
    AuthorizationRequest authorizationRequest = new AuthorizationRequest(parameters, null, "foo", null, null, null, false, null, null, null);
    authorizationRequest.setApproved(false);
    TestAuthentication userAuthentication = new TestAuthentication("marissa", true);
    OAuth2Request storedOAuth2Request = requestFactory.createOAuth2Request(authorizationRequest);
    
    tokenServices.createAccessToken(new OAuth2Authentication(storedOAuth2Request, userAuthentication));
    authorizationRequest = handler.checkForPreApproval(authorizationRequest, userAuthentication);

View Full Code Here


    for (String clientId : clientIds.keySet()) {
      Map<String, Set<String>> users = clientIds.get(clientId);
      for (String userId : users.keySet()) {
        Authentication user = new UsernamePasswordAuthenticationToken(userId, "N/A", AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
        AuthorizationRequest authorizationRequest = new AuthorizationRequest();
        authorizationRequest.setClientId(clientId);
        Set<String> scopes = users.get(userId);
        authorizationRequest.setScope(scopes);
        OAuth2Request request = authorizationRequest.createOAuth2Request();
        OAuth2Authentication authentication = new OAuth2Authentication(request, user);
        DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(UUID.randomUUID().toString());
        token.setScope(scopes);
        tokenStore.storeAccessToken(token, authentication);        
      }

View Full Code Here


  private DefaultUserApprovalHandler handler = new DefaultUserApprovalHandler();


  @Test
  public void testBasicApproval() {
    AuthorizationRequest request = new AuthorizationRequest(new HashMap<String, String>(), null, null, null, null, null, false, null, null, null);
    request.setApproved(true); // This is enough to be explicitly approved
    assertTrue(handler.isApproved(request, new TestAuthentication("marissa", true)));
  }

View Full Code Here

        AuthorityUtils.commaSeparatedStringToAuthorityList("USER"));
  }


  @Test
  public void testExplicitlyApprovedScopes() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    authorizationRequest.setApprovalParameters(Collections.singletonMap("scope.read", "approved"));
    AuthorizationRequest result = handler.updateAfterApproval(authorizationRequest, userAuthentication);
    assertTrue(handler.isApproved(result, userAuthentication));
    assertEquals(1, store.getApprovals("user", "client").size());
    assertEquals(1, result.getScope().size());
    assertTrue(result.isApproved());
  }

View Full Code Here

    assertTrue(result.isApproved());
  }


  @Test
  public void testImplicitlyDeniedScope() {
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read", "write"));
    authorizationRequest.setApprovalParameters(Collections.singletonMap("scope.read", "approved"));
    AuthorizationRequest result = handler.updateAfterApproval(authorizationRequest, userAuthentication);
    assertTrue(handler.isApproved(result, userAuthentication));
    Collection<Approval> approvals = store.getApprovals("user", "client");
    assertEquals(2, approvals.size());
    approvals.contains(new Approval("user", "client", "read", new Date(), Approval.ApprovalStatus.APPROVED));
    approvals.contains(new Approval("user", "client", "write", new Date(), Approval.ApprovalStatus.DENIED));
    assertEquals(1, result.getScope().size());
  }

View Full Code Here


  @Test
  public void testExplicitlyPreapprovedScopes() {
    store.addApprovals(Arrays.asList(new Approval("user", "client", "read", new Date(
        System.currentTimeMillis() + 10000), Approval.ApprovalStatus.APPROVED)));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }

View Full Code Here

  public void testAutoapprovedScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList("read")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }

View Full Code Here

  public void testAutoapprovedWildcardScopes() {
    handler.setClientDetailsService(clientDetailsService);
    BaseClientDetails client = new BaseClientDetails("client", null, "read", "authorization_code", null);
    client.setAutoApproveScopes(new HashSet<String>(Arrays.asList(".*")));
    clientDetailsService.setClientDetailsStore(Collections.singletonMap("client", client));
    AuthorizationRequest authorizationRequest = new AuthorizationRequest("client", Arrays.asList("read"));
    AuthorizationRequest result = handler.checkForPreApproval(authorizationRequest, userAuthentication);
    assertTrue(result.isApproved());
  }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.springframework.security.oauth2.provider.AuthorizationRequest

client.ClientServerInteractionTests

com.springsource.greenhouse.settings.SettingsControllerTest

demo.Application

demo.Application$OAuth2Config

demo.Application$TokenEndpointSecurity

OAuth2AuthenticationReadConverter

org.codehaus.jackson.map.ObjectMapper

org.mitre.oauth2.introspectingfilter.IntrospectingTokenService

org.mitre.oauth2.repository.impl.JpaAuthorizationCodeRepository

org.mitre.oauth2.service.impl.DefaultIntrospectionResultAssembler

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.