View Javadoc
1   /*
2    * Copyright 2002-2011 the original author or authors.
3    *
4    * Licensed under the Apache License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    *      https://www.apache.org/licenses/LICENSE-2.0
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  
17  package org.springframework.security.oauth2.provider.implicit;
18  
19  
20  import org.springframework.security.authentication.InsufficientAuthenticationException;
21  import org.springframework.security.core.Authentication;
22  import org.springframework.security.core.context.SecurityContextHolder;
23  import org.springframework.security.oauth2.provider.ClientDetails;
24  import org.springframework.security.oauth2.provider.ClientDetailsService;
25  import org.springframework.security.oauth2.provider.OAuth2Authentication;
26  import org.springframework.security.oauth2.provider.OAuth2Request;
27  import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
28  import org.springframework.security.oauth2.provider.TokenRequest;
29  import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
30  import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
31  import org.springframework.util.Assert;
32  
33  /**
34   * @author Dave Syer
35   * 
36   */
37  public class ImplicitTokenGranter extends AbstractTokenGranter {
38  
39  	private static final String GRANT_TYPE = "implicit";
40  
41  	public ImplicitTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {
42  		this(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
43  	}
44  
45  	protected ImplicitTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService,
46  			OAuth2RequestFactory requestFactory, String grantType) {
47  		super(tokenServices, clientDetailsService, requestFactory, grantType);
48  	}
49  
50  	@Override
51  	protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest clientToken) {
52  
53  		Authentication userAuth = SecurityContextHolder.getContext().getAuthentication();
54  		if (userAuth==null || !userAuth.isAuthenticated()) {
55  			throw new InsufficientAuthenticationException("There is no currently logged in user");
56  		}
57  		Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest.");
58  		
59  		OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request();
60  		
61  		return new OAuth2Authentication(requestForStorage, userAuth);
62  
63  	}
64  	
65  	@SuppressWarnings("deprecation")
66  	public void setImplicitGrantService(ImplicitGrantService service) {
67  	}
68  
69  }