当前位置: 首页>>代码示例>>Java>>正文


Java RedirectMismatchException类代码示例

本文整理汇总了Java中org.springframework.security.oauth2.common.exceptions.RedirectMismatchException的典型用法代码示例。如果您正苦于以下问题:Java RedirectMismatchException类的具体用法?Java RedirectMismatchException怎么用?Java RedirectMismatchException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


RedirectMismatchException类属于org.springframework.security.oauth2.common.exceptions包,在下文中一共展示了RedirectMismatchException类的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: testWrongRedirectUri

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
@OAuth2ContextConfiguration(resource = MyLessTrustedClient.class, initialize = false)
public void testWrongRedirectUri() throws Exception {
	approveAccessTokenGrant("http://anywhere", true);
	AccessTokenRequest request = context.getAccessTokenRequest();
	// The redirect is stored in the preserved state...
	context.getOAuth2ClientContext().setPreservedState(request.getStateKey(), "http://nowhere");
	// Finally everything is in place for the grant to happen...
	try {
		assertNotNull(context.getAccessToken());
		fail("Expected RedirectMismatchException");
	}
	catch (RedirectMismatchException e) {
		// expected
	}
	assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:18,代码来源:AuthorizationCodeProviderTests.java

示例2: getOAuth2Authentication

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {

    Map<String, String> parameters = tokenRequest.getRequestParameters();
    String authorizationCode = parameters.get("code");
    String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);
    String codeVerifier = parameters.get("code_verifier");

    if (authorizationCode == null) {
        throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
        throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();




    // Validates code verifier
    Map<String, String> pendingOauth2RequestParams = pendingOAuth2Request.getRequestParameters();
    String codeChallenge = pendingOauth2RequestParams.get("code_challenge");
    String codeChallengeMethod = pendingOauth2RequestParams.get("code_challenge_method");

    if (codeVerifier == null && codeChallenge != null) {
        // client is using PKCE but did not send the codeVerifier
        throw new InvalidRequestException(
                "Invalid authorization code for current token request.");
    }

    if (codeVerifier != null && codeChallenge != null) {
        String hashed = codeVerifier;
        if ("S256".equals(codeChallengeMethod)) {
            hashed = DigestUtils.sha256Hex(codeVerifier);
        }

        if (!hashed.equalsIgnoreCase(codeChallenge)) {
            throw new InvalidRequestException(
                    "Invalid authorization code for current token request.");
        }
    }



    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
    String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
            OAuth2Utils.REDIRECT_URI);

    if ((redirectUri != null || redirectUriApprovalParameter != null)
            && !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
        throw new RedirectMismatchException("Redirect URI mismatch.");
    }

    String pendingClientId = pendingOAuth2Request.getClientId();
    String clientId = tokenRequest.getClientId();
    if (clientId != null && !clientId.equals(pendingClientId)) {
        // just a sanity check.
        throw new InvalidClientException("Client ID mismatch");
    }

    // Secret is not required in the authorization request, so it won't be available
    // in the pendingAuthorizationRequest. We do want to check that a secret is provided
    // in the token request, but that happens elsewhere.

    Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
            .getRequestParameters());
    // Combine the parameters adding the new ones last so they override if there are any clashes
    combinedParameters.putAll(parameters);

    // Make a new stored request with the combined parameters
    OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);

    Authentication userAuth = storedAuth.getUserAuthentication();

    return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);

}
 
开发者ID:PacktPublishing,项目名称:OAuth-2.0-Cookbook,代码行数:82,代码来源:CustomAuthCodeTokenGranter.java

示例3: obtainMatchingRedirect

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
/**
 * Attempt to match one of the registered URIs to the that of the requested one.
 * 
 * @param redirectUris the set of the registered URIs to try and find a match. This cannot be null or empty.
 * @param requestedRedirect the URI used as part of the request
 * @return the matching URI
 * @throws RedirectMismatchException if no match was found
 */
private String obtainMatchingRedirect(Set<String> redirectUris, String requestedRedirect) {
	Assert.notEmpty(redirectUris, "Redirect URIs cannot be empty");

	if (redirectUris.size() == 1 && requestedRedirect == null) {
		return redirectUris.iterator().next();
	}
	for (String redirectUri : redirectUris) {
		if (requestedRedirect != null && redirectMatches(requestedRedirect, redirectUri)) {
			return requestedRedirect;
		}
	}
	throw new RedirectMismatchException("Invalid redirect: " + requestedRedirect
			+ " does not match one of the registered values: " + redirectUris.toString());
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:23,代码来源:DefaultRedirectResolver.java

示例4: handleException

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
private ModelAndView handleException(Exception e, ServletWebRequest webRequest) throws Exception {

		ResponseEntity<OAuth2Exception> translate = getExceptionTranslator().translate(e);
		webRequest.getResponse().setStatus(translate.getStatusCode().value());

		if (e instanceof ClientAuthenticationException || e instanceof RedirectMismatchException) {
			return new ModelAndView(errorPage, Collections.singletonMap("error", translate.getBody()));
		}

		AuthorizationRequest authorizationRequest = null;
		try {
			authorizationRequest = getAuthorizationRequestForError(webRequest);
			String requestedRedirectParam = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
			String requestedRedirect = redirectResolver.resolveRedirect(requestedRedirectParam,
					getClientDetailsService().loadClientByClientId(authorizationRequest.getClientId()));
			authorizationRequest.setRedirectUri(requestedRedirect);
			String redirect = getUnsuccessfulRedirect(authorizationRequest, translate.getBody(), authorizationRequest
					.getResponseTypes().contains("token"));
			return new ModelAndView(new RedirectView(redirect, false, true, false));
		}
		catch (OAuth2Exception ex) {
			// If an AuthorizationRequest cannot be created from the incoming parameters it must be
			// an error. OAuth2Exception can be handled this way. Other exceptions will generate a standard 500
			// response.
			return new ModelAndView(errorPage, Collections.singletonMap("error", translate.getBody()));
		}

	}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:29,代码来源:AuthorizationEndpoint.java

示例5: writeRedirectUriMismatch

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void writeRedirectUriMismatch() throws Exception {
	OAuth2Exception oauthException = new RedirectMismatchException(DETAILS);
	String expected = createResponse(oauthException.getOAuth2ErrorCode());
	converter.write(oauthException, contentType, outputMessage);
	assertEquals(expected, getOutput());
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:8,代码来源:JaxbOAuth2ExceptionMessageConverterTests.java

示例6: readRedirectUriMismatch

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void readRedirectUriMismatch() throws Exception {
	String accessToken = createResponse(OAuth2Exception.REDIRECT_URI_MISMATCH);
	when(inputMessage.getBody()).thenReturn(createInputStream(accessToken));
	@SuppressWarnings("unused")
	RedirectMismatchException result = (RedirectMismatchException) converter.read(OAuth2Exception.class,
			inputMessage);
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:9,代码来源:JaxbOAuth2ExceptionMessageConverterTests.java

示例7: readValueRedirectUriMismatch

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void readValueRedirectUriMismatch() throws Exception {
	String accessToken = createResponse(OAuth2Exception.INVALID_GRANT, "Redirect URI mismatch.");
	RedirectMismatchException result = (RedirectMismatchException) mapper.readValue(accessToken,
			OAuth2Exception.class);
	assertEquals("Redirect URI mismatch.",result.getMessage());
	assertEquals(null,result.getAdditionalInformation());
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:9,代码来源:OAuth2ExceptionDeserializerTests.java

示例8: testRegisteredRedirectWithWrongRequestedRedirect

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
@OAuth2ContextConfiguration(resource = MyClientWithRegisteredRedirect.class, initialize = false)
public void testRegisteredRedirectWithWrongRequestedRedirect() throws Exception {
	try {
		approveAccessTokenGrant("http://nowhere", true);
		fail("Expected RedirectMismatchException");
	}
	catch (RedirectMismatchException e) {
	}
	assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:12,代码来源:AuthorizationCodeProviderTests.java

示例9: testRegisteredRedirectWithWrongOneInTokenEndpoint

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
@OAuth2ContextConfiguration(resource = MyClientWithRegisteredRedirect.class, initialize = false)
public void testRegisteredRedirectWithWrongOneInTokenEndpoint() throws Exception {
	approveAccessTokenGrant("http://anywhere?key=value", true);
	// Setting the redirect uri directly in the request shoiuld override the saved value
	context.getAccessTokenRequest().set("redirect_uri", "http://nowhere.com");
	try {
		assertNotNull(context.getAccessToken());
		fail("Expected RedirectMismatchException");
	}
	catch (RedirectMismatchException e) {
	}
	assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:15,代码来源:AuthorizationCodeProviderTests.java

示例10: getOAuth2Authentication

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {

    Map<String, String> parameters = tokenRequest.getRequestParameters();
    String authorizationCode = parameters.get("code");
    String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);

    if (authorizationCode == null) {
        throw new InvalidRequestException("An authorization code must be supplied.");
    }

    OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
    if (storedAuth == null) {
        throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
    }

    OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
    // https://jira.springsource.org/browse/SECOAUTH-333
    // This might be null, if the authorization was done without the redirect_uri parameter
    String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);

    if (redirectUriApprovalParameter != null && redirectUri == null
            || redirectUriApprovalParameter != null
            && !pendingOAuth2Request.getRedirectUri().startsWith(redirectUri)) {
        throw new RedirectMismatchException("Redirect URI mismatch.");
    }

    String pendingClientId = pendingOAuth2Request.getClientId();
    String clientId = tokenRequest.getClientId();
    if (clientId != null && !clientId.equals(pendingClientId)) {
        // just a sanity check.
        throw new InvalidClientException("Client ID mismatch");
    }

    // Secret is not required in the authorization request, so it won't be available
    // in the pendingAuthorizationRequest. We do want to check that a secret is provided
    // in the token request, but that happens elsewhere.

    Map<String, String> combinedParameters = new HashMap<>(pendingOAuth2Request.getRequestParameters());
    // Combine the parameters adding the new ones last so they override if there are any clashes
    combinedParameters.putAll(parameters);

    // Make a new stored request with the combined parameters
    OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);

    Authentication userAuth = storedAuth.getUserAuthentication();

    return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);
}
 
开发者ID:osiam,项目名称:auth-server,代码行数:50,代码来源:LessStrictRedirectUriAuthorizationCodeTokenGranter.java

示例11: configure

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected void configure() {
    setControllerPath("oauth");

    get("authorize", (req, resp) -> {
        Map<String, String> parameters = MapUtils.createOneDimMap(req.getQueryParams());
        AuthorizationRequest authorizationRequest = requestFactory.createAuthorizationRequest(parameters);

        Set<String> responseTypes = authorizationRequest.getResponseTypes();
        if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
            throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
        }

        if (isNull(authorizationRequest.getClientId())) {
            throw new InvalidClientException("A client id must be provided");
        }

        ClientDetails client = clientDetailsService.loadClientByClientId(authorizationRequest.getClientId());

        String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
        String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
        if (isEmpty(resolvedRedirect)) {
            throw new RedirectMismatchException(
                "A redirectUri must be either supplied or preconfigured in the ClientDetails");
        }
        authorizationRequest.setRedirectUri(resolvedRedirect);

        requestValidator.validateScope(authorizationRequest, client);

        authorizationRequest = userApprovalHandler.checkForPreApproval(authorizationRequest, null);
        boolean approved = userApprovalHandler.isApproved(authorizationRequest, null);
        authorizationRequest.setApproved(approved);

        if (authorizationRequest.isApproved()) {
            if (responseTypes.contains("token")) {
                resp.status(HttpStatus.FOUND);
                resp.header(HeaderName.LOCATION, getImplicitGrantResponse(authorizationRequest));
            }
            if (responseTypes.contains("code")) {
                resp.status(HttpStatus.FOUND);
                resp.header(HeaderName.LOCATION, getAuthorizationCodeResponse(authorizationRequest));
            }
        }
    });
}
 
开发者ID:petrbouda,项目名称:joyrest,代码行数:46,代码来源:AuthorizationEndpoint.java

示例12: getOAuth2Authentication

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {

	Map<String, String> parameters = tokenRequest.getRequestParameters();
	String authorizationCode = parameters.get("code");
	String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);

	if (authorizationCode == null) {
		throw new InvalidRequestException("An authorization code must be supplied.");
	}

	OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
	if (storedAuth == null) {
		throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
	}

	OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
	// https://jira.springsource.org/browse/SECOAUTH-333
	// This might be null, if the authorization was done without the redirect_uri parameter
	String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
			OAuth2Utils.REDIRECT_URI);

	if ((redirectUri != null || redirectUriApprovalParameter != null)
			&& !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
		throw new RedirectMismatchException("Redirect URI mismatch.");
	}

	String pendingClientId = pendingOAuth2Request.getClientId();
	String clientId = tokenRequest.getClientId();
	if (clientId != null && !clientId.equals(pendingClientId)) {
		// just a sanity check.
		throw new InvalidClientException("Client ID mismatch");
	}

	// Secret is not required in the authorization request, so it won't be available
	// in the pendingAuthorizationRequest. We do want to check that a secret is provided
	// in the token request, but that happens elsewhere.

	Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
			.getRequestParameters());
	// Combine the parameters adding the new ones last so they override if there are any clashes
	combinedParameters.putAll(parameters);
	
	// Make a new stored request with the combined parameters
	OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);
	
	Authentication userAuth = storedAuth.getUserAuthentication();
	
	return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);

}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:52,代码来源:AuthorizationCodeTokenGranter.java

示例13: authorize

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@RequestMapping
public ModelAndView authorize(Map<String, Object> model, @RequestParam Map<String, String> parameters, 
		SessionStatus sessionStatus, Principal principal) {

	//Pull out the authorization request first, using the OAuth2RequestFactory. All further logic should
	//query off of the authorization request instead of referring back to the parameters map. The contents of the 
	//parameters map will be stored without change in the AuthorizationRequest object once it is created.
	AuthorizationRequest authorizationRequest = getOAuth2RequestFactory().createAuthorizationRequest(parameters);

	Set<String> responseTypes = authorizationRequest.getResponseTypes();

	if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
		throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
	}

	if (authorizationRequest.getClientId() == null) {
		throw new InvalidClientException("A client id must be provided");
	}
	
	try {
		
		if (!(principal instanceof Authentication) || !((Authentication) principal).isAuthenticated()) {
			throw new InsufficientAuthenticationException(
					"User must be authenticated with Spring Security before authorization can be completed.");
		}
		
		ClientDetails client = getClientDetailsService().loadClientByClientId(authorizationRequest.getClientId());

		// The resolved redirect URI is either the redirect_uri from the parameters or the one from
		// clientDetails. Either way we need to store it on the AuthorizationRequest.
		String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
		String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
		if (!StringUtils.hasText(resolvedRedirect)) {
			throw new RedirectMismatchException(
					"A redirectUri must be either supplied or preconfigured in the ClientDetails");
		}
		authorizationRequest.setRedirectUri(resolvedRedirect);

		// We intentionally only validate the parameters requested by the client (ignoring any data that may have
		// been added to the request by the manager).
		oAuth2RequestValidator.validateScope(authorizationRequest, client);

		//Some systems may allow for approval decisions to be remembered or approved by default. Check for 
		//such logic here, and set the approved flag on the authorization request accordingly.
		authorizationRequest = userApprovalHandler.checkForPreApproval(authorizationRequest, (Authentication) principal);
		// TODO: is this call necessary?
		boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
		authorizationRequest.setApproved(approved);
		
		// Validation is all done, so we can check for auto approval...
		if (authorizationRequest.isApproved()) {
			if (responseTypes.contains("token")) {
				return getImplicitGrantResponse(authorizationRequest);
			}
			if (responseTypes.contains("code")) {
				return new ModelAndView(getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
			}
		}

		// Place auth request into the model so that it is stored in the session
		// for approveOrDeny to use. That way we make sure that auth request comes from the session,
		// so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session.
		model.put("authorizationRequest", authorizationRequest);

		return getUserApprovalPageResponse(model, authorizationRequest);

	}
	catch (RuntimeException e) {
		sessionStatus.setComplete();
		throw e;
	}

}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:74,代码来源:AuthorizationEndpoint.java

示例14: writeValueAsStringRedirectUriMismatch

import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void writeValueAsStringRedirectUriMismatch() throws Exception {
	oauthException = new RedirectMismatchException(DETAILS);
	String expected = createResponse(oauthException.getOAuth2ErrorCode());
	assertEquals(expected,mapper.writeValueAsString(oauthException));
}
 
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:7,代码来源:OAuth2ExceptionSerializerTests.java


注:本文中的org.springframework.security.oauth2.common.exceptions.RedirectMismatchException类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。