java - Spring OAuth2 Generate Access Token per request to the Token Endpoint -

-

is possible generate multiple valid access tokens using client_credentials or password grant type per request?

generating token using above grant types gives new token when current 1 expires per request.

i can use password grant type generate refresh token , generate multiple access tokens, doing invalidate previous access tokens.

any idea how change allow access token generated per request /oauth/token endpoint , insure previous tokens not invalidated?

below xml configuration of oauth server.

<!-- oauth2 config start-->   <sec:http pattern="/test/oauth/token" create-session="never"               authentication-manager-ref="authenticationmanager" >          <sec:intercept-url pattern="/test/oauth/token" access="is_authenticated_fully" />         <sec:anonymous enabled="false" />         <sec:http-basic entry-point-ref="clientauthenticationentrypoint"/>         <sec:custom-filter ref="clientcredentialstokenendpointfilter" before="basic_auth_filter" />          <sec:access-denied-handler ref="oauthaccessdeniedhandler" />      </sec:http>       <bean id="clientcredentialstokenendpointfilter"           class="org.springframework.security.oauth2.provider.client.clientcredentialstokenendpointfilter">         <property name="authenticationmanager" ref="authenticationmanager" />     </bean>      <sec:authentication-manager alias="authenticationmanager">         <sec:authentication-provider user-service-ref="clientdetailsuserservice" />     </sec:authentication-manager>      <bean id="clientdetailsuserservice"           class="org.springframework.security.oauth2.provider.client.clientdetailsuserdetailsservice">         <constructor-arg ref="clientdetails" />     </bean>      <bean id="clientdetails" class="org.security.oauth2.clientdetailsserviceimpl"></bean>      <bean id="clientauthenticationentrypoint"           class="org.springframework.security.oauth2.provider.error.oauth2authenticationentrypoint">         <property name="realmname" value="springsec/client" />         <property name="typename" value="basic" />     </bean>      <bean id="oauthaccessdeniedhandler"           class="org.springframework.security.oauth2.provider.error.oauth2accessdeniedhandler"/>      <oauth:authorization-server         client-details-service-ref="clientdetails" token-services-ref="tokenservices">         <oauth:authorization-code />         <oauth:implicit/>         <oauth:refresh-token/>         <oauth:client-credentials />         <oauth:password authentication-manager-ref="userauthenticationmanager"/>     </oauth:authorization-server>      <sec:authentication-manager id="userauthenticationmanager">         <sec:authentication-provider  ref="customuserauthenticationprovider">         </sec:authentication-provider>     </sec:authentication-manager>      <bean id="customuserauthenticationprovider"           class="org.security.oauth2.customuserauthenticationprovider">     </bean>      <bean id="tokenservices"            class="org.springframework.security.oauth2.provider.token.defaulttokenservices">         <property name="tokenstore" ref="tokenstore" />         <property name="supportrefreshtoken" value="true" />         <property name="accesstokenvalidityseconds" value="300"></property>         <property name="clientdetailsservice" ref="clientdetails" />     </bean>      <bean id="tokenstore" class="org.springframework.security.oauth2.provider.token.store.jdbctokenstore">         <constructor-arg ref="jdbctemplate" />     </bean>      <bean id="jdbctemplate"            class="org.springframework.jdbc.datasource.drivermanagerdatasource">         <property name="driverclassname" value="com.mysql.jdbc.driver"/>         <property name="url" value="jdbc:mysql://localhost:3306/oauthdb"/>         <property name="username" value="root"/>         <property name="password" value="password"/>     </bean>     <bean id="oauthauthenticationentrypoint"           class="org.springframework.security.oauth2.provider.error.oauth2authenticationentrypoint">     </bean>

updated on 21/11/2014

when double check, found inmemorytokenstore use oauth2authentication's hash string key of serveral map. , when use same username, client_id, scope.. , got same key. may leading problem. think old way deprecated. following did avoid problem.

create authenticationkeygenerator can calculate unique key, called uniqueauthenticationkeygenerator

/*  * copyright 2006-2011 original author or authors.  *   * licensed under apache license, version 2.0 (the "license"); may not use file except in compliance  * license. may obtain copy of license @  *   * http://www.apache.org/licenses/license-2.0  *   * unless required applicable law or agreed in writing, software distributed under license distributed on  * "as is" basis, without warranties or conditions of kind, either express or implied. see license  * specific language governing permissions , limitations under license.  */  /**  * basic key generator taking account client id, scope, resource ids , username (principal name) if  * exist.  *   * @author dave syer  * @author thanh  */ public class uniqueauthenticationkeygenerator implements authenticationkeygenerator {      private static final string client_id = "client_id";      private static final string scope = "scope";      private static final string username = "username";      private static final string uuid_key = "uuid";      public string extractkey(oauth2authentication authentication) {         map<string, string> values = new linkedhashmap<string, string>();         oauth2request authorizationrequest = authentication.getoauth2request();         if (!authentication.isclientonly()) {             values.put(username, authentication.getname());         }         values.put(client_id, authorizationrequest.getclientid());         if (authorizationrequest.getscope() != null) {             values.put(scope, oauth2utils.formatparameterlist(authorizationrequest.getscope()));         }         map<string, serializable> extentions = authorizationrequest.getextensions();         string uuid = null;         if (extentions == null) {             extentions = new hashmap<string, serializable>(1);             uuid = uuid.randomuuid().tostring();             extentions.put(uuid_key, uuid);         } else {             uuid = (string) extentions.get(uuid_key);             if (uuid == null) {                 uuid = uuid.randomuuid().tostring();                 extentions.put(uuid_key, uuid);             }         }         values.put(uuid_key, uuid);          messagedigest digest;         try {             digest = messagedigest.getinstance("md5");         }         catch (nosuchalgorithmexception e) {             throw new illegalstateexception("md5 algorithm not available.  fatal (should in jdk).");         }          try {             byte[] bytes = digest.digest(values.tostring().getbytes("utf-8"));             return string.format("%032x", new biginteger(1, bytes));         }         catch (unsupportedencodingexception e) {             throw new illegalstateexception("utf-8 encoding not available.  fatal (should in jdk).");         }     } }

finally, wire them up

<bean id="tokenstore" class="org.springframework.security.oauth2.provider.token.store.jdbctokenstore">     <constructor-arg ref="jdbctemplate" />     <property name="authenticationkeygenerator">         <bean class="your.package.uniqueauthenticationkeygenerator" />     </property> </bean>

below way may leading problem, see updated answer!!!

using defaulttokenservices. try code , make sure re-define `tokenservices` package com.thanh.backend.oauth2.core; import java.util.date; import java.util.uuid; import org.springframework.security.core.authenticationexception; import org.springframework.security.oauth2.common.defaultexpiringoauth2refreshtoken; import org.springframework.security.oauth2.common.defaultoauth2accesstoken; import org.springframework.security.oauth2.common.expiringoauth2refreshtoken; import org.springframework.security.oauth2.common.oauth2accesstoken; import org.springframework.security.oauth2.common.oauth2refreshtoken; import org.springframework.security.oauth2.provider.oauth2authentication; import org.springframework.security.oauth2.provider.token.defaulttokenservices; import org.springframework.security.oauth2.provider.token.tokenenhancer; import org.springframework.security.oauth2.provider.token.tokenstore; /** * @author thanh */ public class simpletokenservice extends defaulttokenservices { private tokenstore tokenstore; private tokenenhancer accesstokenenhancer; @override public oauth2accesstoken createaccesstoken(oauth2authentication authentication) throws authenticationexception { oauth2refreshtoken refreshtoken = createrefreshtoken(authentication);; oauth2accesstoken accesstoken = createaccesstoken(authentication, refreshtoken); tokenstore.storeaccesstoken(accesstoken, authentication); tokenstore.storerefreshtoken(refreshtoken, authentication); return accesstoken; } private oauth2accesstoken createaccesstoken(oauth2authentication authentication, oauth2refreshtoken refreshtoken) { defaultoauth2accesstoken token = new defaultoauth2accesstoken(uuid.randomuuid().tostring()); int validityseconds = getaccesstokenvalidityseconds(authentication.getoauth2request()); if (validityseconds > 0) { token.setexpiration(new date(system.currenttimemillis() + (validityseconds * 1000l))); } token.setrefreshtoken(refreshtoken); token.setscope(authentication.getoauth2request().getscope()); return accesstokenenhancer != null ? accesstokenenhancer.enhance(token, authentication) : token; } private expiringoauth2refreshtoken createrefreshtoken(oauth2authentication authentication) { if (!issupportrefreshtoken(authentication.getoauth2request())) { return null; } int validityseconds = getrefreshtokenvalidityseconds(authentication.getoauth2request()); expiringoauth2refreshtoken refreshtoken = new defaultexpiringoauth2refreshtoken(uuid.randomuuid().tostring(), new date(system.currenttimemillis() + (validityseconds * 1000l))); return refreshtoken; } @override public void settokenenhancer(tokenenhancer accesstokenenhancer) { super.settokenenhancer(accesstokenenhancer); this.accesstokenenhancer = accesstokenenhancer; } @override public void settokenstore(tokenstore tokenstore) { super.settokenstore(tokenstore); this.tokenstore = tokenstore; } }

Comments

Post a Comment

Popular posts from this blog

java - Oracle EBS .ClassNotFoundException: oracle.apps.fnd.formsClient.FormsLauncher.class ERROR -

-
i need in configuring java on machine because, when try loading forms, loader goes in circles , gives error: java.lang.classnotfoundexception: oracle.apps.fnd.formsclient.formslauncher.class @ sun.plugin2.applet.applet2classloader.findclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass0(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadclass(unknown source) @ java.lang.classloader.loadclass(unknown source) @ sun.plugin2.applet.plugin2classloader.loadcode(unknown source) @ sun.plugin2.applet.plugin2manager.createapplet(unknown source) @ sun.plugin2.applet.plugin2manager$appletexecutionrunnable.run (unknown source) @ java.lang.thread.run(unknown source) i have tried re-installing firefox, older versions of java runtime environments, disabling proxy. what missing? application working on other machines. i spent around 100 hours finding s
Read more

c# - how to use buttonedit in devexpress gridcontrol -

-
Image
i trying create gridcontrol buttonedit in 1 of columns. when user clicks button edit, popups form select product. when selection done on popup, returns datarow selection main grid below. but when column loses focus, value wrote column disappear. here code creates gridcontrol's data , buttonedit's click event. private void frmsiparisnew_load(object sender, eventargs e) { dt = new datatable(); dt.columns.add("malzeme_kodu",typeof(string)); dt.columns.add("malzeme_aciklama", typeof(string)); dt.columns.add("adet", typeof(decimal)); dt.columns.add("birim", typeof(string)); dt.columns.add("fiyat", typeof(decimal)); dt.columns.add("kur", typeof(string)); dt.columns.add("tutar", typeof(decimal)); datarow dr = dt.newrow(); dt.rows.add(dr); gc.datasource = dt; } private void repositoryitembuttoneditmal
Read more

nvd3.js - angularjs-nvd3-directives setting color in legend as well as in chart elements -

-
good morning i using angularjs-nvd3-directives, great, having difficulties when setting color of multi bar chart ( http://cmaurer.github.io/angularjs-nvd3-directives/multi.bar.chart.html ). the show legend works well: <div ng-controller="examplectrl"> <nvd3-multi-bar-chart data="exampledata" id="showlegendexample" width="550" height="300" showxaxis="true" showyaxis="true" xaxistickformat="xaxistickformatfunction()" showlegend="true"> <svg></svg> </nvd3-multi-bar-chart> </div> but when add option in conjunction color="colorfunction()" where, var colorarray = ['#ff0000', '#0000ff', '#ffff00', '#00ffff']; $scope.colorfunction = function() { return function(d, i) { return colorarray[i]; }; } the color of cha
Read more