Thursday, 19 September 2013

Spring oauth2 custom token issue

Spring oauth2 custom token issue

I have a requirement to generate a token manually in the code with a 3rd
party has been verified. I'm running into an issue when I have to
authenticate the token. I have created my own token store, which was
working great when not generating the manual token. I also extended the
The DefaultTokenService, but just added one method.
I have thrown in a few breakpoints and found that I'm hitting the
ProviderManager class when I'm creating my own tokens manually. But when
I'm not creating my own tokens, I'm hitting the UnanimousBased class. Not
sure if that detail helps. Going to backtrace it more, but I'm open to any
ideas.
Here is how I'm creating the token:
ConcurrentHashMap<String, String> authorizationParameters = new
ConcurrentHashMap<String, String>();
authorizationParameters.put("scope", "read");
authorizationParameters.put("username", "mobile_client");
authorizationParameters.put("client_id", "mobile-client");
authorizationParameters.put("grant", "password");
DefaultAuthorizationRequest authorizationRequest = new
DefaultAuthorizationRequest(authorizationParameters);
Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
authorities.add(new GrantedAuthorityImpl("ROLE_UNTRUSTED_CLIENT"));
authorizationRequest.setAuthorities(authorities);
HashSet<String> resourceIds = new HashSet<String>();
resourceIds.add("mobile-client");
authorizationRequest.setResourceIds(resourceIds);
User userPrincipal = new User("mobile_client", "", true, true,
true, true, authorities);
UsernamePasswordAuthenticationToken authenticationToken = new
UsernamePasswordAuthenticationToken(userPrincipal, null,
authorities) ;
OAuth2Authentication authenticationRequest = new
OAuth2Authentication(authorizationRequest, authenticationToken);
authenticationRequest.setAuthenticated(true);
NoSQLTokenStore tokenStore = new NoSQLTokenStore();
CustomTokenServices tokenServices = new CustomTokenServices();
tokenServices.setSupportRefreshToken(true);
tokenServices.setTokenStore(tokenStore);
OAuth2AccessToken accessToken =
tokenServices.createAccessTokenForUser(authenticationRequest,
user);
This is the exception being thrown:
Mobile App 17:02:21.169 [WARN] LoggerListener - Authentication event
AuthenticationFailureProviderNotFoundEvent: mobile_client; details:
remoteAddress=::1, , tokenValue=<TOKEN>; exception: No
AuthenticationProvider found for
org.springframework.security.oauth2.provider.OAuth2Authentication
Mobile App 17:02:21.169 [DEBUG] ExceptionTranslationFilter -
Authentication exception occurred; redirecting to authentication entry
point
<org.springframework.security.authentication.ProviderNotFoundException: No
AuthenticationProvider found for
org.springframework.security.oauth2.provider.OAuth2Authentication>org.springframework.security.authentication.ProviderNotFoundException:
No AuthenticationProvider found for
org.springframework.security.oauth2.provider.OAuth2Authentication
at
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:196)
at
org.springframework.security.access.intercept.AbstractSecurityInterceptor.authenticateIfRequired(AbstractSecurityInterceptor.java:316)
at
org.springframework.security.access.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:202)
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:115)
at
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:84)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:103)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter.doFilter(OAuth2AuthenticationProcessingFilter.java:131)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:342)
at
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:192)
at
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:160)
at
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:1852)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:722)
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)