本文整理汇总了Java中org.springframework.security.oauth2.common.exceptions.RedirectMismatchException类的典型用法代码示例。如果您正苦于以下问题:Java RedirectMismatchException类的具体用法?Java RedirectMismatchException怎么用?Java RedirectMismatchException使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
RedirectMismatchException类属于org.springframework.security.oauth2.common.exceptions包,在下文中一共展示了RedirectMismatchException类的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。
示例1: testWrongRedirectUri
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
@OAuth2ContextConfiguration(resource = MyLessTrustedClient.class, initialize = false)
public void testWrongRedirectUri() throws Exception {
approveAccessTokenGrant("http://anywhere", true);
AccessTokenRequest request = context.getAccessTokenRequest();
// The redirect is stored in the preserved state...
context.getOAuth2ClientContext().setPreservedState(request.getStateKey(), "http://nowhere");
// Finally everything is in place for the grant to happen...
try {
assertNotNull(context.getAccessToken());
fail("Expected RedirectMismatchException");
}
catch (RedirectMismatchException e) {
// expected
}
assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:18,代码来源:AuthorizationCodeProviderTests.java
示例2: getOAuth2Authentication
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
Map<String, String> parameters = tokenRequest.getRequestParameters();
String authorizationCode = parameters.get("code");
String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);
String codeVerifier = parameters.get("code_verifier");
if (authorizationCode == null) {
throw new InvalidRequestException("An authorization code must be supplied.");
}
OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
if (storedAuth == null) {
throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
}
OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
// Validates code verifier
Map<String, String> pendingOauth2RequestParams = pendingOAuth2Request.getRequestParameters();
String codeChallenge = pendingOauth2RequestParams.get("code_challenge");
String codeChallengeMethod = pendingOauth2RequestParams.get("code_challenge_method");
if (codeVerifier == null && codeChallenge != null) {
// client is using PKCE but did not send the codeVerifier
throw new InvalidRequestException(
"Invalid authorization code for current token request.");
}
if (codeVerifier != null && codeChallenge != null) {
String hashed = codeVerifier;
if ("S256".equals(codeChallengeMethod)) {
hashed = DigestUtils.sha256Hex(codeVerifier);
}
if (!hashed.equalsIgnoreCase(codeChallenge)) {
throw new InvalidRequestException(
"Invalid authorization code for current token request.");
}
}
// https://jira.springsource.org/browse/SECOAUTH-333
// This might be null, if the authorization was done without the redirect_uri parameter
String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
OAuth2Utils.REDIRECT_URI);
if ((redirectUri != null || redirectUriApprovalParameter != null)
&& !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
throw new RedirectMismatchException("Redirect URI mismatch.");
}
String pendingClientId = pendingOAuth2Request.getClientId();
String clientId = tokenRequest.getClientId();
if (clientId != null && !clientId.equals(pendingClientId)) {
// just a sanity check.
throw new InvalidClientException("Client ID mismatch");
}
// Secret is not required in the authorization request, so it won't be available
// in the pendingAuthorizationRequest. We do want to check that a secret is provided
// in the token request, but that happens elsewhere.
Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
.getRequestParameters());
// Combine the parameters adding the new ones last so they override if there are any clashes
combinedParameters.putAll(parameters);
// Make a new stored request with the combined parameters
OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);
Authentication userAuth = storedAuth.getUserAuthentication();
return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);
}
开发者ID:PacktPublishing,项目名称:OAuth-2.0-Cookbook,代码行数:82,代码来源:CustomAuthCodeTokenGranter.java
示例3: obtainMatchingRedirect
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
/**
* Attempt to match one of the registered URIs to the that of the requested one.
*
* @param redirectUris the set of the registered URIs to try and find a match. This cannot be null or empty.
* @param requestedRedirect the URI used as part of the request
* @return the matching URI
* @throws RedirectMismatchException if no match was found
*/
private String obtainMatchingRedirect(Set<String> redirectUris, String requestedRedirect) {
Assert.notEmpty(redirectUris, "Redirect URIs cannot be empty");
if (redirectUris.size() == 1 && requestedRedirect == null) {
return redirectUris.iterator().next();
}
for (String redirectUri : redirectUris) {
if (requestedRedirect != null && redirectMatches(requestedRedirect, redirectUri)) {
return requestedRedirect;
}
}
throw new RedirectMismatchException("Invalid redirect: " + requestedRedirect
+ " does not match one of the registered values: " + redirectUris.toString());
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:23,代码来源:DefaultRedirectResolver.java
示例4: handleException
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
private ModelAndView handleException(Exception e, ServletWebRequest webRequest) throws Exception {
ResponseEntity<OAuth2Exception> translate = getExceptionTranslator().translate(e);
webRequest.getResponse().setStatus(translate.getStatusCode().value());
if (e instanceof ClientAuthenticationException || e instanceof RedirectMismatchException) {
return new ModelAndView(errorPage, Collections.singletonMap("error", translate.getBody()));
}
AuthorizationRequest authorizationRequest = null;
try {
authorizationRequest = getAuthorizationRequestForError(webRequest);
String requestedRedirectParam = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
String requestedRedirect = redirectResolver.resolveRedirect(requestedRedirectParam,
getClientDetailsService().loadClientByClientId(authorizationRequest.getClientId()));
authorizationRequest.setRedirectUri(requestedRedirect);
String redirect = getUnsuccessfulRedirect(authorizationRequest, translate.getBody(), authorizationRequest
.getResponseTypes().contains("token"));
return new ModelAndView(new RedirectView(redirect, false, true, false));
}
catch (OAuth2Exception ex) {
// If an AuthorizationRequest cannot be created from the incoming parameters it must be
// an error. OAuth2Exception can be handled this way. Other exceptions will generate a standard 500
// response.
return new ModelAndView(errorPage, Collections.singletonMap("error", translate.getBody()));
}
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:29,代码来源:AuthorizationEndpoint.java
示例5: writeRedirectUriMismatch
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void writeRedirectUriMismatch() throws Exception {
OAuth2Exception oauthException = new RedirectMismatchException(DETAILS);
String expected = createResponse(oauthException.getOAuth2ErrorCode());
converter.write(oauthException, contentType, outputMessage);
assertEquals(expected, getOutput());
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:8,代码来源:JaxbOAuth2ExceptionMessageConverterTests.java
示例6: readRedirectUriMismatch
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void readRedirectUriMismatch() throws Exception {
String accessToken = createResponse(OAuth2Exception.REDIRECT_URI_MISMATCH);
when(inputMessage.getBody()).thenReturn(createInputStream(accessToken));
@SuppressWarnings("unused")
RedirectMismatchException result = (RedirectMismatchException) converter.read(OAuth2Exception.class,
inputMessage);
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:9,代码来源:JaxbOAuth2ExceptionMessageConverterTests.java
示例7: readValueRedirectUriMismatch
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void readValueRedirectUriMismatch() throws Exception {
String accessToken = createResponse(OAuth2Exception.INVALID_GRANT, "Redirect URI mismatch.");
RedirectMismatchException result = (RedirectMismatchException) mapper.readValue(accessToken,
OAuth2Exception.class);
assertEquals("Redirect URI mismatch.",result.getMessage());
assertEquals(null,result.getAdditionalInformation());
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:9,代码来源:OAuth2ExceptionDeserializerTests.java
示例8: testRegisteredRedirectWithWrongRequestedRedirect
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
@OAuth2ContextConfiguration(resource = MyClientWithRegisteredRedirect.class, initialize = false)
public void testRegisteredRedirectWithWrongRequestedRedirect() throws Exception {
try {
approveAccessTokenGrant("http://nowhere", true);
fail("Expected RedirectMismatchException");
}
catch (RedirectMismatchException e) {
}
assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:12,代码来源:AuthorizationCodeProviderTests.java
示例9: testRegisteredRedirectWithWrongOneInTokenEndpoint
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
@OAuth2ContextConfiguration(resource = MyClientWithRegisteredRedirect.class, initialize = false)
public void testRegisteredRedirectWithWrongOneInTokenEndpoint() throws Exception {
approveAccessTokenGrant("http://anywhere?key=value", true);
// Setting the redirect uri directly in the request shoiuld override the saved value
context.getAccessTokenRequest().set("redirect_uri", "http://nowhere.com");
try {
assertNotNull(context.getAccessToken());
fail("Expected RedirectMismatchException");
}
catch (RedirectMismatchException e) {
}
assertEquals(HttpStatus.BAD_REQUEST, tokenEndpointResponse.getStatusCode());
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:15,代码来源:AuthorizationCodeProviderTests.java
示例10: getOAuth2Authentication
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
Map<String, String> parameters = tokenRequest.getRequestParameters();
String authorizationCode = parameters.get("code");
String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);
if (authorizationCode == null) {
throw new InvalidRequestException("An authorization code must be supplied.");
}
OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
if (storedAuth == null) {
throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
}
OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
// https://jira.springsource.org/browse/SECOAUTH-333
// This might be null, if the authorization was done without the redirect_uri parameter
String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
if (redirectUriApprovalParameter != null && redirectUri == null
|| redirectUriApprovalParameter != null
&& !pendingOAuth2Request.getRedirectUri().startsWith(redirectUri)) {
throw new RedirectMismatchException("Redirect URI mismatch.");
}
String pendingClientId = pendingOAuth2Request.getClientId();
String clientId = tokenRequest.getClientId();
if (clientId != null && !clientId.equals(pendingClientId)) {
// just a sanity check.
throw new InvalidClientException("Client ID mismatch");
}
// Secret is not required in the authorization request, so it won't be available
// in the pendingAuthorizationRequest. We do want to check that a secret is provided
// in the token request, but that happens elsewhere.
Map<String, String> combinedParameters = new HashMap<>(pendingOAuth2Request.getRequestParameters());
// Combine the parameters adding the new ones last so they override if there are any clashes
combinedParameters.putAll(parameters);
// Make a new stored request with the combined parameters
OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);
Authentication userAuth = storedAuth.getUserAuthentication();
return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);
}
开发者ID:osiam,项目名称:auth-server,代码行数:50,代码来源:LessStrictRedirectUriAuthorizationCodeTokenGranter.java
示例11: configure
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected void configure() {
setControllerPath("oauth");
get("authorize", (req, resp) -> {
Map<String, String> parameters = MapUtils.createOneDimMap(req.getQueryParams());
AuthorizationRequest authorizationRequest = requestFactory.createAuthorizationRequest(parameters);
Set<String> responseTypes = authorizationRequest.getResponseTypes();
if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
}
if (isNull(authorizationRequest.getClientId())) {
throw new InvalidClientException("A client id must be provided");
}
ClientDetails client = clientDetailsService.loadClientByClientId(authorizationRequest.getClientId());
String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
if (isEmpty(resolvedRedirect)) {
throw new RedirectMismatchException(
"A redirectUri must be either supplied or preconfigured in the ClientDetails");
}
authorizationRequest.setRedirectUri(resolvedRedirect);
requestValidator.validateScope(authorizationRequest, client);
authorizationRequest = userApprovalHandler.checkForPreApproval(authorizationRequest, null);
boolean approved = userApprovalHandler.isApproved(authorizationRequest, null);
authorizationRequest.setApproved(approved);
if (authorizationRequest.isApproved()) {
if (responseTypes.contains("token")) {
resp.status(HttpStatus.FOUND);
resp.header(HeaderName.LOCATION, getImplicitGrantResponse(authorizationRequest));
}
if (responseTypes.contains("code")) {
resp.status(HttpStatus.FOUND);
resp.header(HeaderName.LOCATION, getAuthorizationCodeResponse(authorizationRequest));
}
}
});
}
开发者ID:petrbouda,项目名称:joyrest,代码行数:46,代码来源:AuthorizationEndpoint.java
示例12: getOAuth2Authentication
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Override
protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
Map<String, String> parameters = tokenRequest.getRequestParameters();
String authorizationCode = parameters.get("code");
String redirectUri = parameters.get(OAuth2Utils.REDIRECT_URI);
if (authorizationCode == null) {
throw new InvalidRequestException("An authorization code must be supplied.");
}
OAuth2Authentication storedAuth = authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
if (storedAuth == null) {
throw new InvalidGrantException("Invalid authorization code: " + authorizationCode);
}
OAuth2Request pendingOAuth2Request = storedAuth.getOAuth2Request();
// https://jira.springsource.org/browse/SECOAUTH-333
// This might be null, if the authorization was done without the redirect_uri parameter
String redirectUriApprovalParameter = pendingOAuth2Request.getRequestParameters().get(
OAuth2Utils.REDIRECT_URI);
if ((redirectUri != null || redirectUriApprovalParameter != null)
&& !pendingOAuth2Request.getRedirectUri().equals(redirectUri)) {
throw new RedirectMismatchException("Redirect URI mismatch.");
}
String pendingClientId = pendingOAuth2Request.getClientId();
String clientId = tokenRequest.getClientId();
if (clientId != null && !clientId.equals(pendingClientId)) {
// just a sanity check.
throw new InvalidClientException("Client ID mismatch");
}
// Secret is not required in the authorization request, so it won't be available
// in the pendingAuthorizationRequest. We do want to check that a secret is provided
// in the token request, but that happens elsewhere.
Map<String, String> combinedParameters = new HashMap<String, String>(pendingOAuth2Request
.getRequestParameters());
// Combine the parameters adding the new ones last so they override if there are any clashes
combinedParameters.putAll(parameters);
// Make a new stored request with the combined parameters
OAuth2Request finalStoredOAuth2Request = pendingOAuth2Request.createOAuth2Request(combinedParameters);
Authentication userAuth = storedAuth.getUserAuthentication();
return new OAuth2Authentication(finalStoredOAuth2Request, userAuth);
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:52,代码来源:AuthorizationCodeTokenGranter.java
示例13: authorize
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@RequestMapping
public ModelAndView authorize(Map<String, Object> model, @RequestParam Map<String, String> parameters,
SessionStatus sessionStatus, Principal principal) {
//Pull out the authorization request first, using the OAuth2RequestFactory. All further logic should
//query off of the authorization request instead of referring back to the parameters map. The contents of the
//parameters map will be stored without change in the AuthorizationRequest object once it is created.
AuthorizationRequest authorizationRequest = getOAuth2RequestFactory().createAuthorizationRequest(parameters);
Set<String> responseTypes = authorizationRequest.getResponseTypes();
if (!responseTypes.contains("token") && !responseTypes.contains("code")) {
throw new UnsupportedResponseTypeException("Unsupported response types: " + responseTypes);
}
if (authorizationRequest.getClientId() == null) {
throw new InvalidClientException("A client id must be provided");
}
try {
if (!(principal instanceof Authentication) || !((Authentication) principal).isAuthenticated()) {
throw new InsufficientAuthenticationException(
"User must be authenticated with Spring Security before authorization can be completed.");
}
ClientDetails client = getClientDetailsService().loadClientByClientId(authorizationRequest.getClientId());
// The resolved redirect URI is either the redirect_uri from the parameters or the one from
// clientDetails. Either way we need to store it on the AuthorizationRequest.
String redirectUriParameter = authorizationRequest.getRequestParameters().get(OAuth2Utils.REDIRECT_URI);
String resolvedRedirect = redirectResolver.resolveRedirect(redirectUriParameter, client);
if (!StringUtils.hasText(resolvedRedirect)) {
throw new RedirectMismatchException(
"A redirectUri must be either supplied or preconfigured in the ClientDetails");
}
authorizationRequest.setRedirectUri(resolvedRedirect);
// We intentionally only validate the parameters requested by the client (ignoring any data that may have
// been added to the request by the manager).
oAuth2RequestValidator.validateScope(authorizationRequest, client);
//Some systems may allow for approval decisions to be remembered or approved by default. Check for
//such logic here, and set the approved flag on the authorization request accordingly.
authorizationRequest = userApprovalHandler.checkForPreApproval(authorizationRequest, (Authentication) principal);
// TODO: is this call necessary?
boolean approved = userApprovalHandler.isApproved(authorizationRequest, (Authentication) principal);
authorizationRequest.setApproved(approved);
// Validation is all done, so we can check for auto approval...
if (authorizationRequest.isApproved()) {
if (responseTypes.contains("token")) {
return getImplicitGrantResponse(authorizationRequest);
}
if (responseTypes.contains("code")) {
return new ModelAndView(getAuthorizationCodeResponse(authorizationRequest, (Authentication) principal));
}
}
// Place auth request into the model so that it is stored in the session
// for approveOrDeny to use. That way we make sure that auth request comes from the session,
// so any auth request parameters passed to approveOrDeny will be ignored and retrieved from the session.
model.put("authorizationRequest", authorizationRequest);
return getUserApprovalPageResponse(model, authorizationRequest);
}
catch (RuntimeException e) {
sessionStatus.setComplete();
throw e;
}
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:74,代码来源:AuthorizationEndpoint.java
示例14: writeValueAsStringRedirectUriMismatch
import org.springframework.security.oauth2.common.exceptions.RedirectMismatchException; //导入依赖的package包/类
@Test
public void writeValueAsStringRedirectUriMismatch() throws Exception {
oauthException = new RedirectMismatchException(DETAILS);
String expected = createResponse(oauthException.getOAuth2ErrorCode());
assertEquals(expected,mapper.writeValueAsString(oauthException));
}
开发者ID:jungyang,项目名称:oauth-client-master,代码行数:7,代码来源:OAuth2ExceptionSerializerTests.java
注:本文中的org.springframework.security.oauth2.common.exceptions.RedirectMismatchException类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论