/* * In the user consent filter the scopes are (possible) set on the Request */ private void processScopes(AuthorizationRequest authReq, HttpServletRequest request) { if (authReq.getClient().isSkipConsent()) { // return the scopes in the authentication request since the requested scopes are stored in // the // authorizationRequest. authReq.setGrantedScopes(authReq.getRequestedScopes()); } else { String[] scopes = (String[]) request.getAttribute(AbstractUserConsentHandler.GRANTED_SCOPES); if (!ArrayUtils.isEmpty(scopes)) { authReq.setGrantedScopes(Arrays.asList(scopes)); } else { authReq.setGrantedScopes(null); } } }
private AuthorizationRequest clientCredentialToken(AccessTokenRequest accessTokenRequest) { AuthorizationRequest request = new AuthorizationRequest(); request.setClient(accessTokenRequest.getClient()); // We have to construct a AuthenticatedPrincipal on-the-fly as there is only key-secret // authentication request.setPrincipal(new AuthenticatedPrincipal(request.getClient().getClientId())); // Get scopes (either from request or the client's default set) request.setGrantedScopes(accessTokenRequest.getScopeList()); return request; }
private AuthorizationRequest refreshTokenToken(AccessTokenRequest accessTokenRequest) { AccessToken accessToken = accessTokenRepository.findByRefreshToken(accessTokenRequest.getRefreshToken()); if (accessToken == null) { throw new ValidationResponseException(ValidationResponse.INVALID_GRANT_REFRESH_TOKEN); } AuthorizationRequest request = new AuthorizationRequest(); request.setClient(accessToken.getClient()); request.setPrincipal(accessToken.getPrincipal()); request.setGrantedScopes(accessToken.getScopes()); accessTokenRepository.delete(accessToken); return request; }
private AuthorizationRequest passwordToken(AccessTokenRequest accessTokenRequest) { // Authenticate the resource owner AuthenticatedPrincipal principal = resourceOwnerAuthenticator.authenticate( accessTokenRequest.getUsername(), accessTokenRequest.getPassword()); if (principal == null) { throw new ValidationResponseException(ValidationResponse.INVALID_GRANT_PASSWORD); } AuthorizationRequest request = new AuthorizationRequest(); request.setClient(accessTokenRequest.getClient()); request.setPrincipal(principal); request.setGrantedScopes(accessTokenRequest.getScopeList()); return request; }