java-tutorials/spring-5-security-oauth/src/main/java/com/baeldung/oauth2/SecurityConfig.java

package com.baeldung.oauth2;

import java.util.Arrays;
import java.util.List;
import java.util.stream.Collectors;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.http.converter.FormHttpMessageConverter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider;
import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient;
import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
import org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
import org.springframework.web.client.RestTemplate;

@Configuration
@PropertySource("application-oauth2.properties")
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .antMatchers("/oauth_login", "/loginFailure", "/")
            .permitAll()
            .anyRequest()
            .authenticated()
            .and()
            .oauth2Login()
            .loginPage("/oauth_login")
            .authorizationEndpoint()
                        .authorizationRequestResolver( new CustomAuthorizationRequestResolver(clientRegistrationRepository(),"/oauth2/authorize-client"))

            .baseUri("/oauth2/authorize-client")
            .authorizationRequestRepository(authorizationRequestRepository())
            .and()
            .tokenEndpoint()
            .accessTokenResponseClient(accessTokenResponseClient())
            .and()
            .defaultSuccessUrl("/loginSuccess")
            .failureUrl("/loginFailure");
    }

    @Bean
    public AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository() {
        return new HttpSessionOAuth2AuthorizationRequestRepository();
    }

    @Bean
    public OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient() {
        DefaultAuthorizationCodeTokenResponseClient accessTokenResponseClient = new DefaultAuthorizationCodeTokenResponseClient();
        accessTokenResponseClient.setRequestEntityConverter(new CustomRequestEntityConverter());
        
        OAuth2AccessTokenResponseHttpMessageConverter tokenResponseHttpMessageConverter = new OAuth2AccessTokenResponseHttpMessageConverter();
        tokenResponseHttpMessageConverter.setTokenResponseConverter(new CustomTokenResponseConverter());
        RestTemplate restTemplate = new RestTemplate(Arrays.asList(new FormHttpMessageConverter(), tokenResponseHttpMessageConverter));
        restTemplate.setErrorHandler(new OAuth2ErrorResponseErrorHandler());
        accessTokenResponseClient.setRestOperations(restTemplate);
        return accessTokenResponseClient;
    }

    
    // additional configuration for non-Spring Boot projects
    private static List<String> clients = Arrays.asList("google", "facebook");

    //@Bean
    public ClientRegistrationRepository clientRegistrationRepository() {
        List<ClientRegistration> registrations = clients.stream()
            .map(c -> getRegistration(c))
            .filter(registration -> registration != null)
            .collect(Collectors.toList());

        return new InMemoryClientRegistrationRepository(registrations);
    }

    private static String CLIENT_PROPERTY_KEY = "spring.security.oauth2.client.registration.";

    @Autowired
    private Environment env;

    private ClientRegistration getRegistration(String client) {
        String clientId = env.getProperty(CLIENT_PROPERTY_KEY + client + ".client-id");

        if (clientId == null) {
            return null;
        }

        String clientSecret = env.getProperty(CLIENT_PROPERTY_KEY + client + ".client-secret");
        if (client.equals("google")) {
            return CommonOAuth2Provider.GOOGLE.getBuilder(client)
                .clientId(clientId)
                .clientSecret(clientSecret)
                .build();
        }
        if (client.equals("facebook")) {
            return CommonOAuth2Provider.FACEBOOK.getBuilder(client)
                .clientId(clientId)
                .clientSecret(clientSecret)
                .build();
        }
        return null;
    }

}
move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00			`package com.baeldung.oauth2;`

			`import java.util.Arrays;`
			`import java.util.List;`
			`import java.util.stream.Collectors;`

			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.context.annotation.Bean;`
			`import org.springframework.context.annotation.Configuration;`
			`import org.springframework.context.annotation.PropertySource;`
			`import org.springframework.core.env.Environment;`
customise oauth2 requests 2018-11-24 13:36:14 +02:00			`import org.springframework.http.converter.FormHttpMessageConverter;`
move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00			`import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
			`import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;`
			`import org.springframework.security.config.oauth2.client.CommonOAuth2Provider;`
customise oauth2 requests 2018-11-24 13:36:14 +02:00			`import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient;`
move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00			`import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;`
			`import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;`
customise oauth2 requests 2018-11-24 13:36:14 +02:00			`import org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler;`
move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00			`import org.springframework.security.oauth2.client.registration.ClientRegistration;`
			`import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;`
			`import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;`
			`import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;`
			`import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository;`
			`import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;`
customise oauth2 requests 2018-11-24 13:36:14 +02:00			`import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;`
			`import org.springframework.web.client.RestTemplate;`
move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00
			`@Configuration`
			`@PropertySource("application-oauth2.properties")`
			`public class SecurityConfig extends WebSecurityConfigurerAdapter {`

			`@Override`
			`protected void configure(HttpSecurity http) throws Exception {`
			`http.authorizeRequests()`
			`.antMatchers("/oauth_login", "/loginFailure", "/")`
			`.permitAll()`
			`.anyRequest()`
			`.authenticated()`
			`.and()`
			`.oauth2Login()`
			`.loginPage("/oauth_login")`
			`.authorizationEndpoint()`
customise oauth2 requests 2018-11-24 13:36:14 +02:00			`.authorizationRequestResolver( new CustomAuthorizationRequestResolver(clientRegistrationRepository(),"/oauth2/authorize-client"))`

move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00			`.baseUri("/oauth2/authorize-client")`
			`.authorizationRequestRepository(authorizationRequestRepository())`
			`.and()`
			`.tokenEndpoint()`
			`.accessTokenResponseClient(accessTokenResponseClient())`
			`.and()`
			`.defaultSuccessUrl("/loginSuccess")`
			`.failureUrl("/loginFailure");`
			`}`

			`@Bean`
			`public AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository() {`
			`return new HttpSessionOAuth2AuthorizationRequestRepository();`
			`}`

			`@Bean`
			`public OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient() {`
customise oauth2 requests 2018-11-24 13:36:14 +02:00			`DefaultAuthorizationCodeTokenResponseClient accessTokenResponseClient = new DefaultAuthorizationCodeTokenResponseClient();`
			`accessTokenResponseClient.setRequestEntityConverter(new CustomRequestEntityConverter());`

			`OAuth2AccessTokenResponseHttpMessageConverter tokenResponseHttpMessageConverter = new OAuth2AccessTokenResponseHttpMessageConverter();`
			`tokenResponseHttpMessageConverter.setTokenResponseConverter(new CustomTokenResponseConverter());`
			`RestTemplate restTemplate = new RestTemplate(Arrays.asList(new FormHttpMessageConverter(), tokenResponseHttpMessageConverter));`
			`restTemplate.setErrorHandler(new OAuth2ErrorResponseErrorHandler());`
			`accessTokenResponseClient.setRestOperations(restTemplate);`
			`return accessTokenResponseClient;`
move oauth2 example to new project (#3388) * move oauth2 example to new project * formatting 2018-01-12 15:08:28 +02:00			`}`


			`// additional configuration for non-Spring Boot projects`
			`private static List<String> clients = Arrays.asList("google", "facebook");`

			`//@Bean`
			`public ClientRegistrationRepository clientRegistrationRepository() {`
			`List<ClientRegistration> registrations = clients.stream()`
			`.map(c -> getRegistration(c))`
			`.filter(registration -> registration != null)`
			`.collect(Collectors.toList());`

			`return new InMemoryClientRegistrationRepository(registrations);`
			`}`

			`private static String CLIENT_PROPERTY_KEY = "spring.security.oauth2.client.registration.";`

			`@Autowired`
			`private Environment env;`

			`private ClientRegistration getRegistration(String client) {`
			`String clientId = env.getProperty(CLIENT_PROPERTY_KEY + client + ".client-id");`

			`if (clientId == null) {`
			`return null;`
			`}`

			`String clientSecret = env.getProperty(CLIENT_PROPERTY_KEY + client + ".client-secret");`
			`if (client.equals("google")) {`
			`return CommonOAuth2Provider.GOOGLE.getBuilder(client)`
			`.clientId(clientId)`
			`.clientSecret(clientSecret)`
			`.build();`
			`}`
			`if (client.equals("facebook")) {`
			`return CommonOAuth2Provider.FACEBOOK.getBuilder(client)`
			`.clientId(clientId)`
			`.clientSecret(clientSecret)`
			`.build();`
			`}`
			`return null;`
			`}`

			`}`