Merge pull request #5768 from Doha2012/master
customize oauth2 requests
This commit is contained in:
Loredana Crusoveanu
GitHub
commit
0ec5d24755
|
|
@ -31,7 +31,7 @@
|
|||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.thymeleaf.extras</groupId>
|
||||
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
|
||||
<artifactId>thymeleaf-extras-springsecurity5</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- oauth2 -->
|
||||
|
|
@ -66,7 +66,8 @@
|
|||
</dependencies>
|
||||
|
||||
<properties>
|
||||
<oauth-auto.version>2.0.1.RELEASE</oauth-auto.version>
|
||||
<spring-boot.version>2.1.0.RELEASE</spring-boot.version>
|
||||
<oauth-auto.version>2.1.0.RELEASE</oauth-auto.version>
|
||||
<start-class>com.baeldung.oauth2.SpringOAuthApplication</start-class>
|
||||
</properties>
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,50 @@
|
|||
package com.baeldung.oauth2;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizationRequestResolver;
|
||||
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestResolver;
|
||||
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
|
||||
|
||||
public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {
|
||||
|
||||
private OAuth2AuthorizationRequestResolver defaultResolver;
|
||||
|
||||
public CustomAuthorizationRequestResolver(ClientRegistrationRepository repo, String authorizationRequestBaseUri){
|
||||
defaultResolver = new DefaultOAuth2AuthorizationRequestResolver(repo, authorizationRequestBaseUri);
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
|
||||
OAuth2AuthorizationRequest req = defaultResolver.resolve(request);
|
||||
if(req != null){
|
||||
req = customizeAuthorizationRequest(req);
|
||||
}
|
||||
return req;
|
||||
}
|
||||
|
||||
@Override
|
||||
public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String clientRegistrationId) {
|
||||
OAuth2AuthorizationRequest req = defaultResolver.resolve(request, clientRegistrationId);
|
||||
if(req != null){
|
||||
req = customizeAuthorizationRequest(req);
|
||||
}
|
||||
return req;
|
||||
}
|
||||
|
||||
private OAuth2AuthorizationRequest customizeAuthorizationRequest(OAuth2AuthorizationRequest req) {
|
||||
Map<String,Object> extraParams = new HashMap<String,Object>();
|
||||
extraParams.putAll(req.getAdditionalParameters()); //VIP note
|
||||
extraParams.put("test", "extra");
|
||||
System.out.println("here =====================");
|
||||
return OAuth2AuthorizationRequest.from(req).additionalParameters(extraParams).build();
|
||||
}
|
||||
|
||||
private OAuth2AuthorizationRequest customizeAuthorizationRequest1(OAuth2AuthorizationRequest req) {
|
||||
return OAuth2AuthorizationRequest.from(req).state("xyz").build();
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
package com.baeldung.oauth2;
|
||||
|
||||
import org.springframework.core.convert.converter.Converter;
|
||||
import org.springframework.http.RequestEntity;
|
||||
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
|
||||
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequestEntityConverter;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
|
||||
public class CustomRequestEntityConverter implements Converter<OAuth2AuthorizationCodeGrantRequest, RequestEntity<?>> {
|
||||
|
||||
private OAuth2AuthorizationCodeGrantRequestEntityConverter defaultConverter;
|
||||
|
||||
public CustomRequestEntityConverter() {
|
||||
defaultConverter = new OAuth2AuthorizationCodeGrantRequestEntityConverter();
|
||||
}
|
||||
|
||||
@Override
|
||||
public RequestEntity<?> convert(OAuth2AuthorizationCodeGrantRequest req) {
|
||||
RequestEntity<?> entity = defaultConverter.convert(req);
|
||||
MultiValueMap<String, String> params = (MultiValueMap<String,String>) entity.getBody();
|
||||
params.add("test2", "extra2");
|
||||
System.out.println(params.entrySet());
|
||||
return new RequestEntity<>(params, entity.getHeaders(), entity.getMethod(), entity.getUrl());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,67 @@
|
|||
package com.baeldung.oauth2;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
import org.springframework.core.convert.converter.Converter;
|
||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
|
||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
public class CustomTokenResponseConverter implements Converter<Map<String, String>, OAuth2AccessTokenResponse> {
|
||||
private static final Set<String> TOKEN_RESPONSE_PARAMETER_NAMES = Stream.of(
|
||||
OAuth2ParameterNames.ACCESS_TOKEN,
|
||||
OAuth2ParameterNames.TOKEN_TYPE,
|
||||
OAuth2ParameterNames.EXPIRES_IN,
|
||||
OAuth2ParameterNames.REFRESH_TOKEN,
|
||||
OAuth2ParameterNames.SCOPE) .collect(Collectors.toSet());
|
||||
|
||||
@Override
|
||||
public OAuth2AccessTokenResponse convert(Map<String, String> tokenResponseParameters) {
|
||||
String accessToken = tokenResponseParameters.get(OAuth2ParameterNames.ACCESS_TOKEN);
|
||||
|
||||
OAuth2AccessToken.TokenType accessTokenType = null;
|
||||
if (OAuth2AccessToken.TokenType.BEARER.getValue()
|
||||
.equalsIgnoreCase(tokenResponseParameters.get(OAuth2ParameterNames.TOKEN_TYPE))) {
|
||||
accessTokenType = OAuth2AccessToken.TokenType.BEARER;
|
||||
}
|
||||
|
||||
long expiresIn = 0;
|
||||
if (tokenResponseParameters.containsKey(OAuth2ParameterNames.EXPIRES_IN)) {
|
||||
try {
|
||||
expiresIn = Long.valueOf(tokenResponseParameters.get(OAuth2ParameterNames.EXPIRES_IN));
|
||||
} catch (NumberFormatException ex) {
|
||||
}
|
||||
}
|
||||
|
||||
Set<String> scopes = Collections.emptySet();
|
||||
if (tokenResponseParameters.containsKey(OAuth2ParameterNames.SCOPE)) {
|
||||
String scope = tokenResponseParameters.get(OAuth2ParameterNames.SCOPE);
|
||||
scopes = Arrays.stream(StringUtils.delimitedListToStringArray(scope, " "))
|
||||
.collect(Collectors.toSet());
|
||||
}
|
||||
|
||||
String refreshToken = tokenResponseParameters.get(OAuth2ParameterNames.REFRESH_TOKEN);
|
||||
|
||||
Map<String, Object> additionalParameters = new LinkedHashMap<>();
|
||||
tokenResponseParameters.entrySet()
|
||||
.stream()
|
||||
.filter(e -> !TOKEN_RESPONSE_PARAMETER_NAMES.contains(e.getKey()))
|
||||
.forEach(e -> additionalParameters.put(e.getKey(), e.getValue()));
|
||||
|
||||
return OAuth2AccessTokenResponse.withToken(accessToken)
|
||||
.tokenType(accessTokenType)
|
||||
.expiresIn(expiresIn)
|
||||
.scopes(scopes)
|
||||
.refreshToken(refreshToken)
|
||||
.additionalParameters(additionalParameters)
|
||||
.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -9,18 +9,22 @@ import org.springframework.context.annotation.Bean;
|
|||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.http.converter.FormHttpMessageConverter;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.oauth2.client.CommonOAuth2Provider;
|
||||
import org.springframework.security.oauth2.client.endpoint.NimbusAuthorizationCodeTokenResponseClient;
|
||||
import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient;
|
||||
import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
|
||||
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
|
||||
import org.springframework.security.oauth2.client.http.OAuth2ErrorResponseErrorHandler;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
|
||||
import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository;
|
||||
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
|
||||
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
@Configuration
|
||||
@PropertySource("application-oauth2.properties")
|
||||
|
|
@ -37,6 +41,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
.oauth2Login()
|
||||
.loginPage("/oauth_login")
|
||||
.authorizationEndpoint()
|
||||
.authorizationRequestResolver( new CustomAuthorizationRequestResolver(clientRegistrationRepository(),"/oauth2/authorize-client"))
|
||||
|
||||
.baseUri("/oauth2/authorize-client")
|
||||
.authorizationRequestRepository(authorizationRequestRepository())
|
||||
.and()
|
||||
|
|
@ -54,7 +60,15 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
|
||||
@Bean
|
||||
public OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient() {
|
||||
return new NimbusAuthorizationCodeTokenResponseClient();
|
||||
DefaultAuthorizationCodeTokenResponseClient accessTokenResponseClient = new DefaultAuthorizationCodeTokenResponseClient();
|
||||
accessTokenResponseClient.setRequestEntityConverter(new CustomRequestEntityConverter());
|
||||
|
||||
OAuth2AccessTokenResponseHttpMessageConverter tokenResponseHttpMessageConverter = new OAuth2AccessTokenResponseHttpMessageConverter();
|
||||
tokenResponseHttpMessageConverter.setTokenResponseConverter(new CustomTokenResponseConverter());
|
||||
RestTemplate restTemplate = new RestTemplate(Arrays.asList(new FormHttpMessageConverter(), tokenResponseHttpMessageConverter));
|
||||
restTemplate.setErrorHandler(new OAuth2ErrorResponseErrorHandler());
|
||||
accessTokenResponseClient.setRestOperations(restTemplate);
|
||||
return accessTokenResponseClient;
|
||||
}
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue