本文整理汇总了Java中org.springframework.security.oauth2.provider.AuthorizationRequest类的典型用法代码示例。如果您正苦于以下问题:Java AuthorizationRequest类的具体用法?Java AuthorizationRequest怎么用?Java AuthorizationRequest使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AuthorizationRequest类属于org.springframework.security.oauth2.provider包,在下文中一共展示了AuthorizationRequest类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getAccessConfirmation
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping("/oauth/confirm_access")
public ModelAndView getAccessConfirmation(Map<String, Object> model, Principal principal) throws Exception {
AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
model.put("auth_request", clientAuth);
model.put("client", client);
Map<String, String> scopes = new LinkedHashMap<String, String>();
for (String scope : clientAuth.getScope()) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
}
for (Approval approval : approvalStore.getApprovals(principal.getName(), client.getClientId())) {
if (clientAuth.getScope().contains(approval.getScope())) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
}
}
model.put("scopes", scopes);
return new ModelAndView("authorize", model);
}
示例2: getAccessConfirmation
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping("/oauth/confirm_access")
public ModelAndView getAccessConfirmation(Map<String, Object> model, Principal principal) throws Exception {
AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
model.put("auth_request", clientAuth);
model.put("client", client);
Map<String, String> scopes = new LinkedHashMap<String, String>();
for (String scope : clientAuth.getScope()) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
}
for (Approval approval : approvalStore.getApprovals(principal.getName(), client.getClientId())) {
if (clientAuth.getScope().contains(approval.getScope())) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
approval.getStatus() == Approval.ApprovalStatus.APPROVED ? "true" : "false");
}
}
model.put("scopes", scopes);
return new ModelAndView("access_confirmation", model); // 订阅 appproval 页面
}
示例3: getAccessConfirmation
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping("/confirm_access")
public ModelAndView getAccessConfirmation(Map<String, Object> model) {
AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
if (clientAuth == null) {
return new ModelAndView("redirect:/oauth/error");
}
String clientId = clientAuth.getClientId();
ClientDetails client = clientDetailsService.loadClientByClientId(clientId);
if (client == null) {
return new ModelAndView("redirect:/oauth/error");
}
model.put("auth_request", clientAuth);
model.put("client", client);
model.put("loginError", false);
return new ModelAndView("access_confirmation", model);
}
示例4: hasRememberedApprovalForClient
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
private boolean hasRememberedApprovalForClient(AuthorizationRequest authorizationRequest, ClientDetails client) {
@SuppressWarnings("unchecked")
Map<String, Long> approvals = (Map<String, Long>) httpSession.getAttribute(APPROVALS_SESSION_KEY);
if (approvals == null) {
return false;
}
final Long approvalTime = approvals.get(authorizationRequest.getClientId());
if (approvalTime == null) {
return false;
}
final long validityInSeconds = (Long) client.getAdditionalInformation().get("validityInSeconds");
if (System.currentTimeMillis() - TimeUnit.SECONDS.toMillis(validityInSeconds) > approvalTime) {
approvals.remove(authorizationRequest.getClientId());
return false;
}
return true;
}
示例5: getUnsuccessfulRedirect
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
private String getUnsuccessfulRedirect(AuthorizationRequest authorizationRequest, OAuth2Exception failure, boolean fragment) {
if (isNull(authorizationRequest) || isNull(authorizationRequest.getRedirectUri())) {
// we have no redirect for the user. very sad.
throw new UnapprovedClientAuthenticationException("Authorization failure, and no redirect URI.", failure);
}
Map<String, String> query = new LinkedHashMap<>();
query.put("error", failure.getOAuth2ErrorCode());
query.put("error_description", failure.getMessage());
if (nonNull(authorizationRequest.getState())) {
query.put("state", authorizationRequest.getState());
}
if (nonNull(failure.getAdditionalInformation())) {
for (Map.Entry<String, String> additionalInfo : failure.getAdditionalInformation().entrySet()) {
query.put(additionalInfo.getKey(), additionalInfo.getValue());
}
}
return append(authorizationRequest.getRedirectUri(), query, fragment);
}
示例6: ensureRedirectUriIsAuthorized
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
/**
* Ensure redirect uri is authorized.
*
* @param authorizationRequest the authorization request
* @param client the client
*/
private static void ensureRedirectUriIsAuthorized(final AuthorizationRequest authorizationRequest,
final ClientDetailsEntity client) {
if (!Strings.isNullOrEmpty(authorizationRequest.getRedirectUri())) {
boolean found = false;
final Iterator<String> it = client.getRedirectUris().iterator();
while (!found && it.hasNext()) {
found = it.next().equals(authorizationRequest.getRedirectUri());
}
if (!found) {
throw new OIDCException("Redirect uri in the authorization request " +
authorizationRequest.getRedirectUri()
+ " is not registered for client " + client.getClientId());
}
}
}
示例7: processRequestedAcrValuesIfAny
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
/**
* Process requested acr values if any.
*
* @param authorizationRequest the authorization request
* @param principals the principals
*/
private void processRequestedAcrValuesIfAny(final AuthorizationRequest authorizationRequest,
final List<Principal> principals) {
if (authorizationRequest.getExtensions().containsKey(OIDCConstants.ACR_VALUES)) {
final String[] acrValues = authorizationRequest.getExtensions()
.get(OIDCConstants.ACR_VALUES).toString().split(" ");
for (final String acrValue : acrValues) {
final AuthnContextClassRefPrincipal requestedPrincipal =
new AuthnContextClassRefPrincipal(acrValue.trim());
for (final AuthenticationFlowDescriptor flow : this.availableAuthenticationFlows) {
if (!principals.contains(requestedPrincipal)
&& flow.getSupportedPrincipals().contains(requestedPrincipal)) {
principals.add(requestedPrincipal);
}
}
}
}
}
示例8: getAuthorizationRequestForError
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
private AuthorizationRequest getAuthorizationRequestForError(ServletWebRequest webRequest) {
// If it's already there then we are in the approveOrDeny phase and we can use the saved request
AuthorizationRequest authorizationRequest = (AuthorizationRequest) sessionAttributeStore.retrieveAttribute(
webRequest, "authorizationRequest");
if (authorizationRequest != null) {
return authorizationRequest;
}
Map<String, String> parameters = new HashMap<String, String>();
Map<String, String[]> map = webRequest.getParameterMap();
for (String key : map.keySet()) {
String[] values = map.get(key);
if (values != null && values.length > 0) {
parameters.put(key, values[0]);
}
}
try {
return getOAuth2RequestFactory().createAuthorizationRequest(parameters);
}
catch (Exception e) {
return getDefaultOAuth2RequestFactory().createAuthorizationRequest(parameters);
}
}
示例9: testOauthClient
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@Test
public void testOauthClient() throws Exception {
AuthorizationRequest request = new AuthorizationRequest("foo",
Collections.singleton("read"));
request
.setResourceIdsAndAuthoritiesFromClientDetails(new BaseClientDetails("foo", "", "", "client_credentials", "ROLE_CLIENT"));
Authentication userAuthentication = null;
OAuth2Request clientAuthentication = RequestTokenFactory.createOAuth2Request(request.getRequestParameters(), request.getClientId(), request.getAuthorities(), request.isApproved(), request.getScope(), request.getResourceIds(),
request.getRedirectUri(), request.getResponseTypes(), request.getExtensions());
OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(clientAuthentication, userAuthentication);
MethodInvocation invocation = new SimpleMethodInvocation(this, ReflectionUtils.findMethod(getClass(),
"testOauthClient"));
EvaluationContext context = handler.createEvaluationContext(oAuth2Authentication, invocation);
Expression expression = handler.getExpressionParser()
.parseExpression("#oauth2.clientHasAnyRole('ROLE_CLIENT')");
assertTrue((Boolean) expression.getValue(context));
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:20,代码来源:OAuth2MethodSecurityExpressionHandlerTests.java
示例10: getAuthorizationRequest
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
private AuthorizationRequest getAuthorizationRequest(String clientId, String redirectUri, String state,
String scope, Set<String> responseTypes) {
HashMap<String, String> parameters = new HashMap<String, String>();
parameters.put(OAuth2Utils.CLIENT_ID, clientId);
if (redirectUri != null) {
parameters.put(OAuth2Utils.REDIRECT_URI, redirectUri);
}
if (state != null) {
parameters.put(OAuth2Utils.STATE, state);
}
if (scope != null) {
parameters.put(OAuth2Utils.SCOPE, scope);
}
if (responseTypes != null) {
parameters.put(OAuth2Utils.RESPONSE_TYPE, OAuth2Utils.formatParameterList(responseTypes));
}
return new AuthorizationRequest(parameters, Collections.<String, String> emptyMap(),
parameters.get(OAuth2Utils.CLIENT_ID),
OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.SCOPE)), null,
null, false, parameters.get(OAuth2Utils.STATE),
parameters.get(OAuth2Utils.REDIRECT_URI),
OAuth2Utils.parseParameterList(parameters.get(OAuth2Utils.RESPONSE_TYPE)));
}
示例11: getAccessConfirmation
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping("/oauth/confirm_access")
public ModelAndView getAccessConfirmation(Map<String, Object> model, Principal principal) throws Exception {
AuthorizationRequest clientAuth = (AuthorizationRequest) model.remove("authorizationRequest");
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
model.put("auth_request", clientAuth);
model.put("client", client);
Map<String, String> scopes = new LinkedHashMap<String, String>();
for (String scope : clientAuth.getScope()) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
}
for (Approval approval : approvalStore.getApprovals(principal.getName(), client.getClientId())) {
if (clientAuth.getScope().contains(approval.getScope())) {
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
}
}
model.put("scopes", scopes);
return new ModelAndView("access_confirmation", model);
}
示例12: authorizationApproval
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping("/oauth/confirm_access")
public ModelAndView authorizationApproval(AuthorizationRequest request) {
ModelAndView modelAndView = new ModelAndView(AUTHORIZATION_APPROVAL);
modelAndView.addObject("client", clientService.findClientById(request.getClientId()));
modelAndView.addObject("authorizationRequest", request);
return modelAndView;
}
示例13: login
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(HttpServletRequest request, HttpServletResponse response, Model model) {
HttpRequestResponseHolder holder = new HttpRequestResponseHolder(request, response);
httpSessionSecurityContextRepository.loadContext(holder);
try {
// 使用提供的证书认证用户
List<GrantedAuthority> authorities = AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN");
Authentication auth = new UsernamePasswordAuthenticationToken(request.getParameter("username"), request.getParameter("password"), authorities);
SecurityContextHolder.getContext().setAuthentication(authenticationManager.authenticate(auth));
// 认证用户
if(!auth.isAuthenticated())
throw new CredentialException("用户不能够被认证");
} catch (Exception ex) {
// 用户不能够被认证,重定向回登录页
logger.info(ex);
return "login";
}
// 从会话得到默认保存的请求
DefaultSavedRequest defaultSavedRequest = (DefaultSavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
// 为令牌请求生成认证参数Map
Map<String, String> authParams = getAuthParameters(defaultSavedRequest);
AuthorizationRequest authRequest = new DefaultOAuth2RequestFactory(clientDetailsService).createAuthorizationRequest(authParams);
authRequest.setAuthorities(AuthorityUtils.createAuthorityList("ROLE_USER", "ROLE_ADMIN"));
model.addAttribute("authorizationRequest", authRequest);
httpSessionSecurityContextRepository.saveContext(SecurityContextHolder.getContext(), holder.getRequest(), holder.getResponse());
return "authorize";
}
示例14: oauthConfirmAccess
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
@RequestMapping("/confirm_access")
public String oauthConfirmAccess(
@ModelAttribute AuthorizationRequest authRequest,
Model viewModel
) {
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(authRequest.getClientId());
viewModel.addAttribute("authRequest", authRequest);
viewModel.addAttribute("client", clientDetails);
if(!authRequest.getClientId().isEmpty()) {
viewModel.addAttribute("clientApp", clientService.findByClientId(clientDetails.getClientId()));
}
viewModel.addAttribute("scopes", String.join(",", authRequest.getScope()));
return "auth/confirm_access";
}
示例15: isApproved
import org.springframework.security.oauth2.provider.AuthorizationRequest; //导入依赖的package包/类
public boolean isApproved(AuthorizationRequest authorizationRequest, Authentication userAuthentication) {
if (super.isApproved(authorizationRequest, userAuthentication)) {
return true;
}
if (!userAuthentication.isAuthenticated()) {
return false;
}
OauthClientDetails clientDetails = oauthService.loadOauthClientDetails(authorizationRequest.getClientId());
return clientDetails != null && clientDetails.trusted();
}