Cwikius-Spring
/
Spring-Security-Samples
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to Spring Authorization Server 0.2.0 

Closes gh-39
This commit is contained in:
Steve Riesenberg 2021-09-21 11:16:43 -05:00 committed by Steve Riesenberg
parent cbd87c4e04
commit aae31aee16
3 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
servlet/spring-boot/java/oauth2/authorization-server/build.gradle
View File

@ -12,7 +12,7 @@ repositories {
dependencies {
implementation 'org.springframework.boot:spring-boot-starter-web'
implementation 'org.springframework.security.experimental:spring-security-oauth2-authorization-server:0.1.2'
implementation 'org.springframework.security:spring-security-oauth2-authorization-server:0.2.0'
testImplementation 'org.springframework.boot:spring-boot-starter-test'
testImplementation 'org.springframework.security:spring-security-test'

1
servlet/spring-boot/java/oauth2/authorization-server/src/integTest/java/example/OAuth2AuthorizationServerApplicationITests.java
View File

@ -119,7 +119,6 @@ public class OAuth2AuthorizationServerApplicationITests {
.andExpect(jsonPath("$.exp").isNumber())
.andExpect(jsonPath("$.iat").isNumber())
.andExpect(jsonPath("$.iss").value("http://localhost:9000"))
.andExpect(jsonPath("$.jti").isString())
.andExpect(jsonPath("$.nbf").isNumber())
.andExpect(jsonPath("$.scope").value("message:read"))
.andExpect(jsonPath("$.sub").value(CLIENT_ID))

7
servlet/spring-boot/java/oauth2/authorization-server/src/main/java/example/OAuth2AuthorizationServerSecurityConfiguration.java
View File

@ -43,6 +43,7 @@ import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
import org.springframework.security.web.SecurityFilterChain;
@ -75,11 +76,11 @@ public class OAuth2AuthorizationServerSecurityConfiguration {
RegisteredClient registeredClient = RegisteredClient.withId(UUID.randomUUID().toString())
.clientId("messaging-client")
.clientSecret("{noop}secret")
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.scope("message:read")
.scope("message:write")
.clientSettings((clientSettings) -> clientSettings.requireUserConsent(true))
.clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build())
.build();
// @formatter:on
@ -111,7 +112,7 @@ public class OAuth2AuthorizationServerSecurityConfiguration {
@Bean
public ProviderSettings providerSettings() {
return new ProviderSettings().issuer("http://localhost:9000");
return ProviderSettings.builder().issuer("http://localhost:9000").build();
}
}