@Override
public OAuth2AccessToken getAccessToken(
OAuth2ProtectedResourceDetails resource, Authentication authentication) {
if (authentication instanceof OAuth2Authentication) {
OAuth2AccessToken token = tokenStore.getAccessToken((OAuth2Authentication) authentication);
if (token != null) {
logger.debug("Found token for OAuth2Authentication");
return token;
}
}
Collection<OAuth2AccessToken> tokens = tokenStore.findTokensByClientId(resource.getClientId());
if (tokens == null || tokens.isEmpty()) {
return null;
}
Iterator<OAuth2AccessToken> iter = tokens.iterator();
while (iter.hasNext()) {
OAuth2AccessToken token = iter.next();
OAuth2Authentication oauth2Auth = tokenStore.readAuthentication(token);
if (oauth2Auth != null
&& resource.getClientId().equals(oauth2Auth.getOAuth2Request().getClientId())
&& oauth2Auth.getName().equals(authentication.getName())) {
logger.debug("token for user: "******" found");
return token;
}
}
logger.debug("token not found");
return null;
}
@Override
public void enhance(
AccessTokenRequest request,
OAuth2ProtectedResourceDetails resource,
MultiValueMap<String, String> form,
HttpHeaders headers) {
form.set("client_id", resource.getClientId());
form.set("client_secret", resource.getClientSecret());
}
@Override
protected String getAuthorizationUrl(UserRedirectRequiredException exception) {
final OAuth2ProtectedResourceDetails resource = getResource();
UriComponentsBuilder uriBuilder =
UriComponentsBuilder.fromUriString(exception.getRedirectUri())
.queryParam("state", exception.getStateKey())
.queryParam("client_id", resource.getClientId())
.queryParam("response_type", "code")
.queryParam("scope", StringUtils.collectionToDelimitedString(resource.getScope(), " "))
.queryParam("redirect_uri", getCallbackUrl());
return uriBuilder.build().encode().toUriString();
}
private void initializeIfNecessary(FrameworkMethod method, Object target) {
OAuth2ProtectedResourceDetails resource = testAccounts.getAdminClientCredentialsResource();
OAuth2RestTemplate client = createRestTemplate(resource, new DefaultAccessTokenRequest());
// Cache statically to save time on a test suite
if (!initialized) {
logger.info("Checking user account context for server=" + resource.getAccessTokenUri());
if (!scimClientExists(client)) {
createScimClient(client);
}
if (!appClientExists(client)) {
createAppClient(client);
}
if (!vmcClientExists(client)) {
createVmcClient(client);
}
initialized = true;
}
resource =
testAccounts.getClientCredentialsResource("oauth.clients.scim", "scim", "scimsecret");
client = createRestTemplate(resource, new DefaultAccessTokenRequest());
initializeUserAccount(client);
}
private boolean clientExists(RestOperations client, OAuth2ProtectedResourceDetails resource) {
ResponseEntity<String> response =
client.getForEntity(
serverRunning.getClientsUri() + "/" + resource.getClientId(), String.class);
return response != null && response.getStatusCode() == HttpStatus.OK;
}
public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
return resource instanceof AuthorizationCodeResourceDetails
&& "authorization_code".equals(resource.getGrantType());
}