/**
  * Obtain a new access token for the specified resource using the refresh token.
  *
  * @param resource The resource.
  * @param refreshToken The refresh token.
  * @return The access token, or null if failed.
  */
 protected OAuth2AccessToken obtainAccessToken(
     OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken) {
   MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
   form.add("grant_type", "refresh_token");
   form.add("refresh_token", refreshToken.getValue());
   return retrieveToken(form, resource);
 }
 @Override
 public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken) {
   OAuth2AuthenticationAccessToken oAuth2AuthenticationAccessToken =
       oAuth2AccessTokenRepository.findByRefreshToken(refreshToken.getValue());
   if (oAuth2AuthenticationAccessToken != null) {
     oAuth2AccessTokenRepository.delete(oAuth2AuthenticationAccessToken);
   }
 }
Ejemplo n.º 3
0
 @Override
 public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token) {
   /*Query query = new Query();
   query.addCriteria(Criteria.where("tokenId").is(token.getValue()));
   OAuth2AuthenticationRefreshToken auth2AuthenticationRefreshToken = mongoTemplate.findOne(query, OAuth2AuthenticationRefreshToken.class, "oauth2_refresh_token");*/
   OAuth2AuthenticationRefreshToken auth2AuthenticationRefreshToken =
       oAuth2RefreshTokenDao.findByTokenId(token.getValue());
   return auth2AuthenticationRefreshToken.getAuthentication();
 }
Ejemplo n.º 4
0
 @Override
 public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken) {
   /*Query query = new Query();
   query.addCriteria(Criteria.where("refreshToken").is(refreshToken.getValue()));
   OAuth2AuthenticationAccessToken token = mongoTemplate.findOne(query, OAuth2AuthenticationAccessToken.class, "oauth2_access_token");*/
   OAuth2AuthenticationAccessToken token =
       oAuth2AccessTokenDao.findByRefreshToken(refreshToken.getValue());
   if (token != null) {
     oAuth2AccessTokenDao.delete(token);
   }
 }
 @Test
 public void testDifferentRefreshTokenMaintainsState() throws Exception {
   // create access token
   getTokenServices().setAccessTokenValiditySeconds(1);
   getTokenServices()
       .setClientDetailsService(
           new ClientDetailsService() {
             public ClientDetails loadClientByClientId(String clientId) throws OAuth2Exception {
               BaseClientDetails client = new BaseClientDetails();
               client.setAccessTokenValiditySeconds(1);
               return client;
             }
           });
   OAuth2Authentication expectedAuthentication =
       new OAuth2Authentication(
           new AuthorizationRequest("id", Collections.singleton("read"), null, null),
           new TestAuthentication("test2", false));
   DefaultOAuth2AccessToken firstAccessToken =
       (DefaultOAuth2AccessToken) getTokenServices().createAccessToken(expectedAuthentication);
   OAuth2RefreshToken expectedExpiringRefreshToken = firstAccessToken.getRefreshToken();
   // Make it expire (and rely on mutable state in volatile token store)
   firstAccessToken.setExpiration(new Date(System.currentTimeMillis() - 1000));
   // create another access token
   OAuth2AccessToken secondAccessToken =
       getTokenServices().createAccessToken(expectedAuthentication);
   assertFalse(
       "The new access token should be different",
       firstAccessToken.getValue().equals(secondAccessToken.getValue()));
   assertEquals(
       "The new access token should have the same refresh token",
       expectedExpiringRefreshToken.getValue(),
       secondAccessToken.getRefreshToken().getValue());
   // refresh access token with refresh token
   getTokenServices()
       .refreshAccessToken(
           expectedExpiringRefreshToken.getValue(),
           expectedAuthentication.getAuthorizationRequest().getScope());
   assertEquals(1, getAccessTokenCount());
 }
  public void storeRefreshToken(
      OAuth2RefreshToken refreshToken, OAuth2Authentication authentication) {
    Map<String, AttributeValueUpdate> updates = new HashMap<String, AttributeValueUpdate>();
    updates.put(
        schema.getRefreshColumnToken(),
        new AttributeValueUpdate(
            new AttributeValue().withB(serializeRefreshToken(refreshToken)), AttributeAction.PUT));
    updates.put(
        schema.getRefreshColumnAuthentication(),
        new AttributeValueUpdate(
            new AttributeValue().withB(serializeAuthentication(authentication)),
            AttributeAction.PUT));

    dynamoDBTemplate.update(
        schema.getRefreshTableName(), //
        Collections.singletonMap(
            schema.getRefreshColumnTokenId(),
            new AttributeValue(extractTokenKey(refreshToken.getValue()))), //
        updates);
  }
 @Override
 public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken) {
   oAuth2AccessTokenRepository.delete(
       oAuth2AccessTokenRepository.findByRefreshToken(refreshToken.getValue()));
 }
 @Override
 public void removeRefreshToken(OAuth2RefreshToken token) {
   oAuth2RefreshTokenRepository.delete(
       oAuth2RefreshTokenRepository.findByTokenId(token.getValue()));
 }
 @Override
 public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token) {
   return oAuth2RefreshTokenRepository.findByTokenId(token.getValue()).getAuthentication();
 }
 public void removeAccessTokenUsingRefreshToken(OAuth2RefreshToken refreshToken) {
   removeAccessTokenUsingRefreshToken(refreshToken.getValue());
 }
 public OAuth2Authentication readAuthenticationForRefreshToken(OAuth2RefreshToken token) {
   return readAuthenticationForRefreshToken(token.getValue());
 }
 public void removeRefreshToken(OAuth2RefreshToken token) {
   removeRefreshToken(token.getValue());
 }