Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Need to create oAuth2 token manually without password

I have implemented oAuth2 with spring security and it is working fine for me. But Now I want to create user token from back-end manually without password. Because I have only username of user.

Can any one help me.

like image 779
Charnjeet Singh Avatar asked Feb 23 '16 06:02

Charnjeet Singh


2 Answers

Got Answer!!!

    HashMap<String, String> authorizationParameters = new HashMap<String, String>();
    authorizationParameters.put("scope", "read");
    authorizationParameters.put("username", "user");
    authorizationParameters.put("client_id", "client_id");
    authorizationParameters.put("grant", "password");

    Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
    authorities.add(new SimpleGrantedAuthority("ROLE_USER"));

    Set<String> responseType = new HashSet<String>();
    responseType.add("password");

    Set<String> scopes = new HashSet<String>();
   scopes.add("read");
   scopes.add("write");

    OAuth2Request authorizationRequest = new OAuth2Request(
            authorizationParameters, "Client_Id",
            authorities, true,scopes, null, "",
            responseType, null);

    User userPrincipal = new User("user", "", true, true, true, true, authorities);

    UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
            userPrincipal, null, authorities);

    OAuth2Authentication authenticationRequest = new OAuth2Authentication(
            authorizationRequest, authenticationToken);
    authenticationRequest.setAuthenticated(true);

    OAuth2AccessToken accessToken = tokenService
            .createAccessToken(authenticationRequest);

accessToken is token which you want.

Thanks

like image 119
Charnjeet Singh Avatar answered Oct 13 '22 10:10

Charnjeet Singh


Assign access token while signup process, Spring boot. Call getAccessToken(user) from anywhere in your app code.

public OAuth2AccessToken getAccessToken(User user) {
    HashMap<String, String> authorizationParameters = new HashMap<String, String>();
    authorizationParameters.put("scope", "read");
    authorizationParameters.put("username", user.getEmail());
    authorizationParameters.put("client_id", clientId);
    authorizationParameters.put("grant", "password");

    Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
    user.getRoles().forEach((role) -> {
        Role rol = roleRepository.findByName(role.getName());
        authorities.add(new SimpleGrantedAuthority(rol.getName()));
    });

    Set<String> responseType = new HashSet<String>();
    responseType.add("password");

    Set<String> scopes = new HashSet<String>();
    scopes.add("read");
    scopes.add("write");

    OAuth2Request authorizationRequest = new OAuth2Request(authorizationParameters, clientId, authorities, true,
            scopes, null, "", responseType, null);

    org.springframework.security.core.userdetails.User userPrincipal = new org.springframework.security.core.userdetails.User(
            user.getEmail(), user.getPassword(), authorities);
    UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userPrincipal,
            null, authorities);

    OAuth2Authentication authenticationRequest = new OAuth2Authentication(authorizationRequest,
            authenticationToken);
    authenticationRequest.setAuthenticated(true);
    OAuth2AccessToken accessToken = tokenServices().createAccessToken(authenticationRequest);

    return accessToken;
}

@Bean
TokenEnhancerChain enhancerChain() {
    TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
    enhancerChain.setTokenEnhancers(Arrays.asList(customTokenEnhancer, accessTokenConverter()));
    return enhancerChain;
}

@Bean
public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey(signingKey);
    return converter;
}

@Bean
public TokenStore tokenStore() {
    return new JwtTokenStore(accessTokenConverter());
}

@Bean
@Primary
public DefaultTokenServices tokenServices() {
    DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
    defaultTokenServices.setTokenStore(tokenStore());
    defaultTokenServices.setSupportRefreshToken(true);
    defaultTokenServices.setTokenEnhancer(enhancerChain());
    return defaultTokenServices;
}
like image 41
Nitin Jha Avatar answered Oct 13 '22 08:10

Nitin Jha