1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.springframework.security.oauth2.provider.implicit;
18
19
20 import org.springframework.security.authentication.InsufficientAuthenticationException;
21 import org.springframework.security.core.Authentication;
22 import org.springframework.security.core.context.SecurityContextHolder;
23 import org.springframework.security.oauth2.provider.ClientDetails;
24 import org.springframework.security.oauth2.provider.ClientDetailsService;
25 import org.springframework.security.oauth2.provider.OAuth2Authentication;
26 import org.springframework.security.oauth2.provider.OAuth2Request;
27 import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
28 import org.springframework.security.oauth2.provider.TokenRequest;
29 import org.springframework.security.oauth2.provider.token.AbstractTokenGranter;
30 import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
31 import org.springframework.util.Assert;
32
33
34
35
36
37 public class ImplicitTokenGranter extends AbstractTokenGranter {
38
39 private static final String GRANT_TYPE = "implicit";
40
41 public ImplicitTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) {
42 this(tokenServices, clientDetailsService, requestFactory, GRANT_TYPE);
43 }
44
45 protected ImplicitTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService,
46 OAuth2RequestFactory requestFactory, String grantType) {
47 super(tokenServices, clientDetailsService, requestFactory, grantType);
48 }
49
50 @Override
51 protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest clientToken) {
52
53 Authentication userAuth = SecurityContextHolder.getContext().getAuthentication();
54 if (userAuth==null || !userAuth.isAuthenticated()) {
55 throw new InsufficientAuthenticationException("There is no currently logged in user");
56 }
57 Assert.state(clientToken instanceof ImplicitTokenRequest, "An ImplicitTokenRequest is required here. Caller needs to wrap the TokenRequest.");
58
59 OAuth2Request requestForStorage = ((ImplicitTokenRequest)clientToken).getOAuth2Request();
60
61 return new OAuth2Authentication(requestForStorage, userAuth);
62
63 }
64
65 @SuppressWarnings("deprecation")
66 public void setImplicitGrantService(ImplicitGrantService service) {
67 }
68
69 }