Skip to content

code added to return token to the user in auth code grant flow #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jan 24, 2018
Merged

code added to return token to the user in auth code grant flow #11

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 23 additions & 0 deletions src/main/java/org/seedstack/oauth/internal/OAuthCallbackFilter.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,11 +59,34 @@ public class OAuthCallbackFilter extends AuthenticatingFilter implements Session
private static final Logger LOGGER = LoggerFactory.getLogger(OAuthCallbackFilter.class);
private static final String DEFAULT_REDIRECT_URL = "/";
private String redirectUrl = DEFAULT_REDIRECT_URL;
private static final String AUTHORIZATION = "Authorization";
@Inject
private OAuthProvider oauthProvider;
@Configuration
private OAuthConfig oauthConfig;


@Override
protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception {
AuthenticationToken token = createToken(request, response);
if (token == null) {
String msg = "createToken method implementation returned null. A valid non-null AuthenticationToken " +
"must be created in order to execute a login attempt.";
throw new IllegalStateException(msg);
}
try {
Subject subject = getSubject(request, response);
subject.login(token);

((HttpServletResponse)response).addHeader(AUTHORIZATION, token.getCredentials().toString());

return onLoginSuccess(token, subject, request, response);
} catch (AuthenticationException e) {
return onLoginFailure(token, e, request, response);
}
}


@Override
protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception {
Tokens tokens = requestTokens(new AuthorizationCodeGrant(parseAuthorizationCode(WebUtils.toHttp(request)),
Expand Down
17 changes: 16 additions & 1 deletion src/test/java/org/seedstack/oauth/OAuthClientCredsFlowIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@
package org.seedstack.oauth;

import static org.junit.Assert.assertNotNull;

import java.net.URL;
import javax.inject.Inject;
import org.apache.shiro.authc.AuthenticationToken;
Expand All @@ -20,13 +19,21 @@
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Test;
import org.seedstack.seed.it.AbstractSeedWebIT;
//import org.apache.shiro.SecurityUtils;
//import org.apache.shiro.mgt.SecurityManager;
//import org.apache.shiro.util.ThreadContext;

public class OAuthClientCredsFlowIT extends AbstractSeedWebIT {

@Inject
private OAuthService oauthService;

@ArquillianResource
private URL baseURL;

/*@Inject
private SecurityManager securityManager;*/

@Deployment
public static WebArchive createDeployment() {
return ShrinkWrap.create(WebArchive.class);
Expand All @@ -38,4 +45,12 @@ public void getAccessTokenFromCredentials() {
AuthenticationToken token = oauthService.getTokenFromClientCredentials();
assertNotNull(token);
}

/*@Test
@RunAsClient
public void authenticateUser(){
ThreadContext.bind(securityManager);
SecurityUtils.getSubject().login(oauthService.getTokenFromClientCredentials());

}*/
}