iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

moving the oauth code

This commit is contained in:
eugenp 2016-03-02 11:09:17 +02:00
parent 631b011f00
commit 3a901e0d56
74 changed files with 8 additions and 3648 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
spring-security-oauth/spring-security-oauth-server-demo/.classpath → persistence-jpa/.classpath
View File

@ -17,6 +17,11 @@
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
@ -25,7 +30,6 @@
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>

20
spring-security-oauth/spring-security-oauth-server/.project → persistence-jpa/.project
View File

@ -1,12 +1,12 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth-server</name>
<name>jpa-storedprocedure</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
@ -16,12 +16,7 @@
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
@ -30,19 +25,10 @@
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

17
spring-security-oauth/.project
View File

@ -1,17 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
</natures>
</projectDescription>

17
spring-security-oauth/README.md
View File

@ -1,17 +0,0 @@
## Spring Security OAuth
### Relevant Articles:
- [Spring REST API + OAuth2 + AngularJS](http://www.baeldung.com/rest-api-spring-oauth2-angularjs)
### Build the Project
```
mvn clean install
```
### Notes
- Make sure to run the project on port 8081
- Run 4 sub-modules simultaneously
- spring-security-oauth-server
- spring-security-oauth-resource
- spring-security-oauth-ui-implicit
- spring-security-oauth-ui-password

104
spring-security-oauth/pom.xml
View File

@ -1,104 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
<name>spring-security-oauth</name>
<packaging>pom</packaging>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.3.3.RELEASE</version>
</parent>
<modules>
<module>spring-security-oauth-server</module>
<module>spring-security-oauth-resource</module>
<module>spring-security-oauth-ui-implicit</module>
<module>spring-security-oauth-ui-password</module>
</modules>
<build>
<finalName>spring-security-oauth</finalName>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>${maven-compiler-plugin.version}</version>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-war-plugin</artifactId>
<version>${maven-war-plugin.version}</version>
<configuration>
<failOnMissingWebXml>false</failOnMissingWebXml>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>${maven-surefire-plugin.version}</version>
<configuration>
<testFailureIgnore>true</testFailureIgnore>
<excludes>
<exclude>**/*IntegrationTest.java</exclude>
<exclude>**/*LiveTest.java</exclude>
</excludes>
<systemPropertyVariables>
<!-- <provPersistenceTarget>h2</provPersistenceTarget> -->
</systemPropertyVariables>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<properties>
<!-- Spring -->
<org.springframework.version>4.2.5.RELEASE</org.springframework.version>
<org.springframework.security.version>4.0.4.RELEASE</org.springframework.security.version>
<oauth.version>2.0.9.RELEASE</oauth.version>
<!-- marshalling -->
<jackson.version>2.7.0</jackson.version>
<!-- logging -->
<org.slf4j.version>1.7.12</org.slf4j.version>
<logback.version>1.1.3</logback.version>
<!-- util -->
<guava.version>19.0</guava.version>
<commons-lang3.version>3.3.2</commons-lang3.version>
<!-- testing -->
<org.hamcrest.version>1.3</org.hamcrest.version>
<junit.version>4.11</junit.version>
<mockito.version>1.10.19</mockito.version>
<httpcore.version>4.4</httpcore.version>
<httpclient.version>4.4</httpclient.version>
<rest-assured.version>2.4.0</rest-assured.version>
<!-- Maven plugins -->
<maven-compiler-plugin.version>3.3</maven-compiler-plugin.version>
<maven-war-plugin.version>2.6</maven-war-plugin.version>
<maven-surefire-plugin.version>2.19</maven-surefire-plugin.version>
<cargo-maven2-plugin.version>1.4.16</cargo-maven2-plugin.version>
</properties>
</project>

32
spring-security-oauth/spring-security-oauth-resource-demo/.classpath
View File

@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

48
spring-security-oauth/spring-security-oauth-resource-demo/.project
View File

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth-resource-demo</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

50
spring-security-oauth/spring-security-oauth-resource-demo/pom.xml
View File

@ -1,50 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-resource-demo</artifactId>
<name>spring-security-oauth-resource-demo</name>
<packaging>war</packaging>
<parent>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- oauth -->
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>${oauth.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
</dependency>
<!-- utils -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
</dependency>
</dependencies>
<build>
<finalName>spring-security-oauth-resource-demo</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
</build>
</project>

18
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/MethodSecurityConfig.java
View File

@ -1,18 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler;
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
return new OAuth2MethodSecurityExpressionHandler();
}
}

31
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig1.java
View File

@ -1,31 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
//@Configuration
//@EnableResourceServer
public class OAuth2ResourceServerConfig1 extends ResourceServerConfigurerAdapter {
//
@Override
public void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and().authorizeRequests().anyRequest().authenticated();
;
// @formatter:on
}
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
}

59
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig2.java
View File

@ -1,59 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration
@EnableResourceServer
public class OAuth2ResourceServerConfig2 extends ResourceServerConfigurerAdapter {
//
@Override
public void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and().authorizeRequests().anyRequest().authenticated();
;
// @formatter:on
}
@Override
public void configure(final ResourceServerSecurityConfigurer config) {
config.tokenServices(tokenServices());
}
// JWT
@Bean
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(tokenStore());
return tokenServices;
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
}
}

14
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/ResourceServerApplication.java
View File

@ -1,14 +0,0 @@
package org.baeldung.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.web.SpringBootServletInitializer;
@SpringBootApplication
public class ResourceServerApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(ResourceServerApplication.class, args);
}
}

13
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/ResourceServerWebConfig.java
View File

@ -1,13 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
@EnableWebMvc
@ComponentScan({ "org.baeldung.web.controller" })
public class ResourceServerWebConfig extends WebMvcConfigurerAdapter {
//
}

41
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/web/controller/BarController.java
View File

@ -1,41 +0,0 @@
package org.baeldung.web.controller;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
import static org.apache.commons.lang3.RandomStringUtils.randomNumeric;
import org.baeldung.web.dto.Bar;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
@Controller
public class BarController {
public BarController() {
super();
}
// API - read
// @PreAuthorize("#oauth2.hasScope('bar') and #oauth2.hasScope('read')")
@RequestMapping(method = RequestMethod.GET, value = "/bars/{id}")
@ResponseBody
public Bar findById(@PathVariable final long id) {
return new Bar(Long.parseLong(randomNumeric(2)), randomAlphabetic(4));
}
// API - write
// @PreAuthorize("#oauth2.hasScope('bar') and #oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
@RequestMapping(method = RequestMethod.POST, value = "/bars")
@ResponseStatus(HttpStatus.CREATED)
@ResponseBody
public Bar create(@RequestBody final Bar bar) {
bar.setId(Long.parseLong(randomNumeric(2)));
return bar;
}
}

41
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/web/controller/FooController.java
View File

@ -1,41 +0,0 @@
package org.baeldung.web.controller;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
import static org.apache.commons.lang3.RandomStringUtils.randomNumeric;
import org.baeldung.web.dto.Foo;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
@Controller
public class FooController {
public FooController() {
super();
}
// API - read
// @PreAuthorize("#oauth2.hasScope('foo') and #oauth2.hasScope('read')")
@RequestMapping(method = RequestMethod.GET, value = "/foos/{id}")
@ResponseBody
public Foo findById(@PathVariable final long id) {
return new Foo(Long.parseLong(randomNumeric(2)), randomAlphabetic(4));
}
// API - write
// @PreAuthorize("#oauth2.hasScope('foo') and #oauth2.hasScope('write')")
@RequestMapping(method = RequestMethod.POST, value = "/foos")
@ResponseStatus(HttpStatus.CREATED)
@ResponseBody
public Foo create(@RequestBody final Foo foo) {
foo.setId(Long.parseLong(randomNumeric(2)));
return foo;
}
}

36
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/web/dto/Bar.java
View File

@ -1,36 +0,0 @@
package org.baeldung.web.dto;
public class Bar {
private long id;
private String name;
public Bar() {
super();
}
public Bar(final long id, final String name) {
super();
this.id = id;
this.name = name;
}
//
public long getId() {
return id;
}
public void setId(final long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(final String name) {
this.name = name;
}
}

36
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/web/dto/Foo.java
View File

@ -1,36 +0,0 @@
package org.baeldung.web.dto;
public class Foo {
private long id;
private String name;
public Foo() {
super();
}
public Foo(final long id, final String name) {
super();
this.id = id;
this.name = name;
}
//
public long getId() {
return id;
}
public void setId(final long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(final String name) {
this.name = name;
}
}

2
spring-security-oauth/spring-security-oauth-resource-demo/src/main/resources/application.properties
View File

@ -1,2 +0,0 @@
server.contextPath=/spring-security-oauth-resource
server.port=8081

32
spring-security-oauth/spring-security-oauth-resource/.classpath
View File

@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

48
spring-security-oauth/spring-security-oauth-resource/.project
View File

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth-resource</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

55
spring-security-oauth/spring-security-oauth-resource/pom.xml
View File

@ -1,55 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-resource</artifactId>
<name>spring-security-oauth-resource</name>
<packaging>war</packaging>
<parent>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<!-- oauth -->
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>${oauth.version}</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>${commons-lang3.version}</version>
</dependency>
</dependencies>
<build>
<finalName>spring-security-oauth-resource</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
</build>
</project>

18
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/MethodSecurityConfig.java
View File

@ -1,18 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler;
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
@Override
protected MethodSecurityExpressionHandler createExpressionHandler() {
return new OAuth2MethodSecurityExpressionHandler();
}
}

61
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java
View File

@ -1,61 +0,0 @@
package org.baeldung.config;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpMethod;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
@Configuration
@PropertySource({ "classpath:persistence.properties" })
@EnableResourceServer
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Autowired
private Environment env;
//
@Override
public void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
.requestMatchers().antMatchers("/foos/**","/bars/**")
.and()
.authorizeRequests()
.antMatchers(HttpMethod.GET,"/foos/**").access("#oauth2.hasScope('foo') and #oauth2.hasScope('read')")
.antMatchers(HttpMethod.POST,"/foos/**").access("#oauth2.hasScope('foo') and #oauth2.hasScope('write')")
.antMatchers(HttpMethod.GET,"/bars/**").access("#oauth2.hasScope('bar') and #oauth2.hasScope('read')")
.antMatchers(HttpMethod.POST,"/bars/**").access("#oauth2.hasScope('bar') and #oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
;
// @formatter:on
}
@Bean
public DataSource dataSource() {
final DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(env.getProperty("jdbc.driverClassName"));
dataSource.setUrl(env.getProperty("jdbc.url"));
dataSource.setUsername(env.getProperty("jdbc.user"));
dataSource.setPassword(env.getProperty("jdbc.pass"));
return dataSource;
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource());
}
}

14
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/ResourceServerApplication.java
View File

@ -1,14 +0,0 @@
package org.baeldung.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.web.SpringBootServletInitializer;
@SpringBootApplication
public class ResourceServerApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(ResourceServerApplication.class, args);
}
}

13
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/ResourceServerWebConfig.java
View File

@ -1,13 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
@EnableWebMvc
@ComponentScan({ "org.baeldung.web.controller" })
public class ResourceServerWebConfig extends WebMvcConfigurerAdapter {
//
}

41
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BarController.java
View File

@ -1,41 +0,0 @@
package org.baeldung.web.controller;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
import static org.apache.commons.lang3.RandomStringUtils.randomNumeric;
import org.baeldung.web.dto.Bar;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
@Controller
public class BarController {
public BarController() {
super();
}
// API - read
// @PreAuthorize("#oauth2.hasScope('bar') and #oauth2.hasScope('read')")
@RequestMapping(method = RequestMethod.GET, value = "/bars/{id}")
@ResponseBody
public Bar findById(@PathVariable final long id) {
return new Bar(Long.parseLong(randomNumeric(2)), randomAlphabetic(4));
}
// API - write
// @PreAuthorize("#oauth2.hasScope('bar') and #oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
@RequestMapping(method = RequestMethod.POST, value = "/bars")
@ResponseStatus(HttpStatus.CREATED)
@ResponseBody
public Bar create(@RequestBody final Bar bar) {
bar.setId(Long.parseLong(randomNumeric(2)));
return bar;
}
}

41
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/FooController.java
View File

@ -1,41 +0,0 @@
package org.baeldung.web.controller;
import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
import static org.apache.commons.lang3.RandomStringUtils.randomNumeric;
import org.baeldung.web.dto.Foo;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
@Controller
public class FooController {
public FooController() {
super();
}
// API - read
// @PreAuthorize("#oauth2.hasScope('foo') and #oauth2.hasScope('read')")
@RequestMapping(method = RequestMethod.GET, value = "/foos/{id}")
@ResponseBody
public Foo findById(@PathVariable final long id) {
return new Foo(Long.parseLong(randomNumeric(2)), randomAlphabetic(4));
}
// API - write
// @PreAuthorize("#oauth2.hasScope('foo') and #oauth2.hasScope('write')")
@RequestMapping(method = RequestMethod.POST, value = "/foos")
@ResponseStatus(HttpStatus.CREATED)
@ResponseBody
public Foo create(@RequestBody final Foo foo) {
foo.setId(Long.parseLong(randomNumeric(2)));
return foo;
}
}

36
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/dto/Bar.java
View File

@ -1,36 +0,0 @@
package org.baeldung.web.dto;
public class Bar {
private long id;
private String name;
public Bar() {
super();
}
public Bar(final long id, final String name) {
super();
this.id = id;
this.name = name;
}
//
public long getId() {
return id;
}
public void setId(final long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(final String name) {
this.name = name;
}
}

36
spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/dto/Foo.java
View File

@ -1,36 +0,0 @@
package org.baeldung.web.dto;
public class Foo {
private long id;
private String name;
public Foo() {
super();
}
public Foo(final long id, final String name) {
super();
this.id = id;
this.name = name;
}
//
public long getId() {
return id;
}
public void setId(final long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(final String name) {
this.name = name;
}
}

2
spring-security-oauth/spring-security-oauth-resource/src/main/resources/application.properties
View File

@ -1,2 +0,0 @@
server.contextPath=/spring-security-oauth-resource
server.port=8081

6
spring-security-oauth/spring-security-oauth-resource/src/main/resources/persistence.properties
View File

@ -1,6 +0,0 @@
################### DataSource Configuration ##########################
jdbc.driverClassName=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/oauth2?createDatabaseIfNotExist=true
jdbc.user=tutorialuser
jdbc.pass=tutorialmy5ql

48
spring-security-oauth/spring-security-oauth-server-demo/.project
View File

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth-server-demo</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

16
spring-security-oauth/spring-security-oauth-server-demo/.springBeans
View File

@ -1,16 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beansProjectDescription>
<version>1</version>
<pluginVersion><![CDATA[3.7.2.201511260958-RELEASE]]></pluginVersion>
<configSuffixes>
<configSuffix><![CDATA[xml]]></configSuffix>
</configSuffixes>
<enableImports><![CDATA[false]]></enableImports>
<configs>
<config>java:org.baeldung.config.AuthorizationServerApplication</config>
</configs>
<autoconfigs>
</autoconfigs>
<configSets>
</configSets>
</beansProjectDescription>

50
spring-security-oauth/spring-security-oauth-server-demo/pom.xml
View File

@ -1,50 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-server-demo</artifactId>
<name>spring-security-oauth-server-demo</name>
<packaging>war</packaging>
<parent>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- oauth -->
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>${oauth.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
</dependency>
</dependencies>
<build>
<finalName>spring-security-oauth-server-demo</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>

14
spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/AuthorizationServerApplication.java
View File

@ -1,14 +0,0 @@
package org.baeldung.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.web.SpringBootServletInitializer;
@SpringBootApplication
public class AuthorizationServerApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(AuthorizationServerApplication.class, args);
}
}

50
spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig1.java
View File

@ -1,50 +0,0 @@
package org.baeldung.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
//@Configuration
//@EnableAuthorizationServer
public class OAuth2AuthorizationServerConfig1 extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
//
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off
clients.inMemory()
.withClient("fooClientIdPassword")
.secret("secret")
.authorizedGrantTypes("password", "authorization_code")
.scopes("foo", "read", "write")
.accessTokenValiditySeconds(3600) // 1 hour
;
} // @formatter:on
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager);
}
@Bean
public TokenStore tokenStore() {
return new InMemoryTokenStore();
}
}

78
spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig2.java
View File

@ -1,78 +0,0 @@
package org.baeldung.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationServerConfig2 extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
//
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off
clients.inMemory()
.withClient("fooClientIdPassword")
.secret("secret")
.authorizedGrantTypes("password", "authorization_code" )
.scopes("foo", "read", "write")
.accessTokenValiditySeconds(3600) // 1 hour
;
} // @formatter:on
@Override
public void configure(final AuthorizationServerEndpointsConfigurer conf) { // @formatter:off
conf.
tokenStore(tokenStore())
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
.accessTokenConverter(accessTokenConverter())
.authenticationManager(authenticationManager)
;
} // @formatter:on
// JWT
@Bean
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(tokenStore());
return tokenServices;
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
}
}

38
spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/WebSecurityConfig.java
View File

@ -1,38 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {// @formatter:off
auth.inMemoryAuthentication().
withUser("john").password("123").roles("USER").
and().
withUser("tom").password("111").roles("ADMIN");
}// @formatter:on
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and().formLogin().permitAll()
;
// @formatter:on
}
}

2
spring-security-oauth/spring-security-oauth-server-demo/src/main/resources/application.properties
View File

@ -1,2 +0,0 @@
server.contextPath=/spring-security-oauth-server
server.port=8081

32
spring-security-oauth/spring-security-oauth-server/.classpath
View File

@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

16
spring-security-oauth/spring-security-oauth-server/.springBeans
View File

@ -1,16 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beansProjectDescription>
<version>1</version>
<pluginVersion><![CDATA[3.7.2.201511260958-RELEASE]]></pluginVersion>
<configSuffixes>
<configSuffix><![CDATA[xml]]></configSuffix>
</configSuffixes>
<enableImports><![CDATA[false]]></enableImports>
<configs>
<config>java:org.baeldung.config.AuthorizationServerApplication</config>
</configs>
<autoconfigs>
</autoconfigs>
<configSets>
</configSets>
</beansProjectDescription>

57
spring-security-oauth/spring-security-oauth-server/pom.xml
View File

@ -1,57 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-server</artifactId>
<name>spring-security-oauth-server</name>
<packaging>war</packaging>
<parent>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<!-- oauth -->
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>${oauth.version}</version>
</dependency>
</dependencies>
<build>
<finalName>spring-security-oauth-server</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>

14
spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/AuthorizationServerApplication.java
View File

@ -1,14 +0,0 @@
package org.baeldung.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.web.SpringBootServletInitializer;
@SpringBootApplication
public class AuthorizationServerApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(AuthorizationServerApplication.class, args);
}
}

109
spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java
View File

@ -1,109 +0,0 @@
package org.baeldung.config;
import javax.sql.DataSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.core.io.Resource;
import org.springframework.jdbc.datasource.DriverManagerDataSource;
import org.springframework.jdbc.datasource.init.DataSourceInitializer;
import org.springframework.jdbc.datasource.init.DatabasePopulator;
import org.springframework.jdbc.datasource.init.ResourceDatabasePopulator;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
@Configuration
@PropertySource({ "classpath:persistence.properties" })
@EnableAuthorizationServer
public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private Environment env;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Value("classpath:schema.sql")
private Resource schemaScript;
//
@Override
public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off
clients.jdbc(dataSource())
.withClient("sampleClientId")
.authorizedGrantTypes("implicit")
.scopes("read","write","foo","bar")
.autoApprove(false)
.accessTokenValiditySeconds(3600)
.and()
.withClient("fooClientIdPassword")
.secret("secret")
.authorizedGrantTypes("password","authorization_code", "refresh_token")
.scopes("foo","read","write")
.accessTokenValiditySeconds(15) // 1 hour
.refreshTokenValiditySeconds(2592000) // 30 days
.and()
.withClient("barClientIdPassword")
.secret("secret")
.authorizedGrantTypes("password","authorization_code", "refresh_token")
.scopes("bar","read","write")
.accessTokenValiditySeconds(3600) // 1 hour
.refreshTokenValiditySeconds(2592000) // 30 days
;
} // @formatter:on
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager);
}
@Bean
public DataSourceInitializer dataSourceInitializer(final DataSource dataSource) {
final DataSourceInitializer initializer = new DataSourceInitializer();
initializer.setDataSource(dataSource);
initializer.setDatabasePopulator(databasePopulator());
return initializer;
}
private DatabasePopulator databasePopulator() {
final ResourceDatabasePopulator populator = new ResourceDatabasePopulator();
populator.addScript(schemaScript);
return populator;
}
@Bean
public DataSource dataSource() {
final DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(env.getProperty("jdbc.driverClassName"));
dataSource.setUrl(env.getProperty("jdbc.url"));
dataSource.setUsername(env.getProperty("jdbc.user"));
dataSource.setPassword(env.getProperty("jdbc.pass"));
return dataSource;
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource());
}
}

38
spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/WebSecurityConfig.java
View File

@ -1,38 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(final AuthenticationManagerBuilder auth) throws Exception {// @formatter:off
auth.inMemoryAuthentication().
withUser("john").password("123").roles("USER").
and().
withUser("tom").password("111").roles("ADMIN");
}// @formatter:on
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests()
.antMatchers("/login").permitAll()
.anyRequest().authenticated()
.and().formLogin().permitAll()
;
// @formatter:on
}
}

2
spring-security-oauth/spring-security-oauth-server/src/main/resources/application.properties
View File

@ -1,2 +0,0 @@
server.contextPath=/spring-security-oauth-server
server.port=8081

6
spring-security-oauth/spring-security-oauth-server/src/main/resources/persistence.properties
View File

@ -1,6 +0,0 @@
################### DataSource Configuration ##########################
jdbc.driverClassName=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://localhost:3306/oauth2?createDatabaseIfNotExist=true
jdbc.user=tutorialuser
jdbc.pass=tutorialmy5ql

65
spring-security-oauth/spring-security-oauth-server/src/main/resources/schema.sql
View File

@ -1,65 +0,0 @@
drop table if exists oauth_client_details;
create table oauth_client_details (
client_id VARCHAR(255) PRIMARY KEY,
resource_ids VARCHAR(255),
client_secret VARCHAR(255),
scope VARCHAR(255),
authorized_grant_types VARCHAR(255),
web_server_redirect_uri VARCHAR(255),
authorities VARCHAR(255),
access_token_validity INTEGER,
refresh_token_validity INTEGER,
additional_information VARCHAR(4096),
autoapprove VARCHAR(255)
);
create table if not exists oauth_client_token (
token_id VARCHAR(255),
token LONG VARBINARY,
authentication_id VARCHAR(255) PRIMARY KEY,
user_name VARCHAR(255),
client_id VARCHAR(255)
);
create table if not exists oauth_access_token (
token_id VARCHAR(255),
token LONG VARBINARY,
authentication_id VARCHAR(255) PRIMARY KEY,
user_name VARCHAR(255),
client_id VARCHAR(255),
authentication LONG VARBINARY,
refresh_token VARCHAR(255)
);
create table if not exists oauth_refresh_token (
token_id VARCHAR(255),
token LONG VARBINARY,
authentication LONG VARBINARY
);
create table if not exists oauth_code (
code VARCHAR(255), authentication LONG VARBINARY
);
create table if not exists oauth_approvals (
userId VARCHAR(255),
clientId VARCHAR(255),
scope VARCHAR(255),
status VARCHAR(10),
expiresAt TIMESTAMP,
lastModifiedAt TIMESTAMP
);
create table if not exists ClientDetails (
appId VARCHAR(255) PRIMARY KEY,
resourceIds VARCHAR(255),
appSecret VARCHAR(255),
scope VARCHAR(255),
grantTypes VARCHAR(255),
redirectUrl VARCHAR(255),
authorities VARCHAR(255),
access_token_validity INTEGER,
refresh_token_validity INTEGER,
additionalInformation VARCHAR(4096),
autoApproveScopes VARCHAR(255)
);

32
spring-security-oauth/spring-security-oauth-ui-implicit/.classpath
View File

@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

53
spring-security-oauth/spring-security-oauth-ui-implicit/.project
View File

@ -1,53 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth-ui-implicit</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.ui.externaltools.ExternalToolBuilder</name>
<triggers>full,incremental,</triggers>
<arguments>
<dictionary>
<key>LaunchConfigHandle</key>
<value>&lt;project&gt;/.externalToolBuilders/org.eclipse.wst.jsdt.core.javascriptValidator (1).launch</value>
</dictionary>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

36
spring-security-oauth/spring-security-oauth-ui-implicit/pom.xml
View File

@ -1,36 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-ui-implicit</artifactId>
<name>spring-security-oauth-ui-implicit</name>
<packaging>war</packaging>
<parent>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
</dependencies>
<build>
<finalName>spring-security-oauth-ui-implicit</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
</build>
</project>

13
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/java/org/baeldung/config/UiApplication.java
View File

@ -1,13 +0,0 @@
package org.baeldung.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.web.SpringBootServletInitializer;
@SpringBootApplication
public class UiApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(UiApplication.class, args);
}
}

39
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/java/org/baeldung/config/UiWebConfig.java
View File

@ -1,39 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
@EnableWebMvc
public class UiWebConfig extends WebMvcConfigurerAdapter {
@Bean
public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
@Override
public void configureDefaultServletHandling(final DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
@Override
public void addViewControllers(final ViewControllerRegistry registry) {
super.addViewControllers(registry);
registry.addViewController("/").setViewName("forward:/index");
registry.addViewController("/oauthTemp");
registry.addViewController("/index");
}
@Override
public void addResourceHandlers(final ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
}

2
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/application.properties
View File

@ -1,2 +0,0 @@
server.contextPath=/spring-security-oauth-ui-implicit
server.port=8081

539
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/oauth-ng.js
View File

@ -1,539 +0,0 @@
/* oauth-ng - v0.4.2 - 2015-08-27 */
'use strict';
// App libraries
angular.module('oauth', [
'oauth.directive', // login directive
'oauth.accessToken', // access token service
'oauth.endpoint', // oauth endpoint service
'oauth.profile', // profile model
'oauth.storage', // storage
'oauth.interceptor', // bearer token interceptor
'oauth.configuration' // token appender
])
.config(['$locationProvider','$httpProvider',
function($locationProvider, $httpProvider) {
$httpProvider.interceptors.push('ExpiredInterceptor');
}]);
'use strict';
var accessTokenService = angular.module('oauth.accessToken', []);
accessTokenService.factory('AccessToken', ['Storage', '$rootScope', '$location', '$interval', function(Storage, $rootScope, $location, $interval){
var service = {
token: null
},
oAuth2HashTokens = [ //per http://tools.ietf.org/html/rfc6749#section-4.2.2
'access_token', 'token_type', 'expires_in', 'scope', 'state',
'error','error_description'
];
/**
* Returns the access token.
*/
service.get = function(){
return this.token;
};
/**
* Sets and returns the access token. It tries (in order) the following strategies:
* - takes the token from the fragment URI
* - takes the token from the sessionStorage
*/
service.set = function(){
this.setTokenFromString($location.hash());
//If hash is present in URL always use it, cuz its coming from oAuth2 provider redirect
if(null === service.token){
setTokenFromSession();
}
return this.token;
};
/**
* Delete the access token and remove the session.
* @returns {null}
*/
service.destroy = function(){
Storage.delete('token');
this.token = null;
return this.token;
};
/**
* Tells if the access token is expired.
*/
service.expired = function(){
return (this.token && this.token.expires_at && new Date(this.token.expires_at) < new Date());
};
/**
* Get the access token from a string and save it
* @param hash
*/
service.setTokenFromString = function(hash){
var params = getTokenFromString(hash);
if(params){
removeFragment();
setToken(params);
setExpiresAt();
// We have to save it again to make sure expires_at is set
// and the expiry event is set up properly
setToken(this.token);
$rootScope.$broadcast('oauth:login', service.token);
}
};
/* * * * * * * * * *
* PRIVATE METHODS *
* * * * * * * * * */
/**
* Set the access token from the sessionStorage.
*/
var setTokenFromSession = function(){
var params = Storage.get('token');
if (params) {
setToken(params);
}
};
/**
* Set the access token.
*
* @param params
* @returns {*|{}}
*/
var setToken = function(params){
service.token = service.token || {}; // init the token
angular.extend(service.token, params); // set the access token params
setTokenInSession(); // save the token into the session
setExpiresAtEvent(); // event to fire when the token expires
return service.token;
};
/**
* Parse the fragment URI and return an object
* @param hash
* @returns {{}}
*/
var getTokenFromString = function(hash){
var params = {},
regex = /([^&=]+)=([^&]*)/g,
m;
while ((m = regex.exec(hash)) !== null) {
params[decodeURIComponent(m[1])] = decodeURIComponent(m[2]);
}
if(params.access_token || params.error){
return params;
}
};
/**
* Save the access token into the session
*/
var setTokenInSession = function(){
Storage.set('token', service.token);
};
/**
* Set the access token expiration date (useful for refresh logics)
*/
var setExpiresAt = function(){
if (!service.token) {
return;
}
if(typeof(service.token.expires_in) !== 'undefined' && service.token.expires_in !== null) {
var expires_at = new Date();
expires_at.setSeconds(expires_at.getSeconds() + parseInt(service.token.expires_in)-60); // 60 seconds less to secure browser and response latency
service.token.expires_at = expires_at;
}
else {
service.token.expires_at = null;
}
};
/**
* Set the timeout at which the expired event is fired
*/
var setExpiresAtEvent = function(){
// Don't bother if there's no expires token
if (typeof(service.token.expires_at) === 'undefined' || service.token.expires_at === null) {
return;
}
var time = (new Date(service.token.expires_at))-(new Date());
if(time && time > 0){
$interval(function(){
$rootScope.$broadcast('oauth:expired', service.token);
}, time, 1);
}
};
/**
* Remove the oAuth2 pieces from the hash fragment
*/
var removeFragment = function(){
var curHash = $location.hash();
angular.forEach(oAuth2HashTokens,function(hashKey){
var re = new RegExp('&'+hashKey+'(=[^&]*)?|^'+hashKey+'(=[^&]*)?&?');
curHash = curHash.replace(re,'');
});
$location.hash(curHash);
};
return service;
}]);
'use strict';
var endpointClient = angular.module('oauth.endpoint', []);
endpointClient.factory('Endpoint', function() {
var service = {};
/*
* Defines the authorization URL
*/
service.set = function(configuration) {
this.config = configuration;
return this.get();
};
/*
* Returns the authorization URL
*/
service.get = function( overrides ) {
var params = angular.extend( {}, service.config, overrides);
var oAuthScope = (params.scope) ? encodeURIComponent(params.scope) : '',
state = (params.state) ? encodeURIComponent(params.state) : '',
authPathHasQuery = (params.authorizePath.indexOf('?') === -1) ? false : true,
appendChar = (authPathHasQuery) ? '&' : '?', //if authorizePath has ? already append OAuth2 params
responseType = (params.responseType) ? encodeURIComponent(params.responseType) : '';
var url = params.site +
params.authorizePath +
appendChar + 'response_type=' + responseType + '&' +
'client_id=' + encodeURIComponent(params.clientId) + '&' +
'redirect_uri=' + encodeURIComponent(params.redirectUri) + '&' +
'scope=' + oAuthScope + '&' +
'state=' + state;
if( params.nonce ) {
url = url + '&nonce=' + params.nonce;
}
return url;
};
/*
* Redirects the app to the authorization URL
*/
service.redirect = function( overrides ) {
var targetLocation = this.get( overrides );
window.location.replace(targetLocation);
};
return service;
});
'use strict';
var profileClient = angular.module('oauth.profile', []);
profileClient.factory('Profile', ['$http', 'AccessToken', '$rootScope', function($http, AccessToken, $rootScope) {
var service = {};
var profile;
service.find = function(uri) {
var promise = $http.get(uri, { headers: headers() });
promise.success(function(response) {
profile = response;
$rootScope.$broadcast('oauth:profile', profile);
});
return promise;
};
service.get = function() {
return profile;
};
service.set = function(resource) {
profile = resource;
return profile;
};
var headers = function() {
return { Authorization: 'Bearer ' + AccessToken.get().access_token };
};
return service;
}]);
'use strict';
var storageService = angular.module('oauth.storage', ['ngStorage']);
storageService.factory('Storage', ['$rootScope', '$sessionStorage', '$localStorage', function($rootScope, $sessionStorage, $localStorage){
var service = {
storage: $sessionStorage // By default
};
/**
* Deletes the item from storage,
* Returns the item's previous value
*/
service.delete = function (name) {
var stored = this.get(name);
delete this.storage[name];
return stored;
};
/**
* Returns the item from storage
*/
service.get = function (name) {
return this.storage[name];
};
/**
* Sets the item in storage to the value specified
* Returns the item's value
*/
service.set = function (name, value) {
this.storage[name] = value;
return this.get(name);
};
/**
* Change the storage service being used
*/
service.use = function (storage) {
if (storage === 'sessionStorage') {
this.storage = $sessionStorage;
} else if (storage === 'localStorage') {
this.storage = $localStorage;
}
};
return service;
}]);
'use strict';
var oauthConfigurationService = angular.module('oauth.configuration', []);
oauthConfigurationService.provider('OAuthConfiguration', function() {
var _config = {};
this.init = function(config, httpProvider) {
_config.protectedResources = config.protectedResources || [];
httpProvider.interceptors.push('AuthInterceptor');
};
this.$get = function() {
return {
getConfig: function() {
return _config;
}
};
};
})
.factory('AuthInterceptor', function($q, $rootScope, OAuthConfiguration, AccessToken) {
return {
'request': function(config) {
OAuthConfiguration.getConfig().protectedResources.forEach(function(resource) {
// If the url is one of the protected resources, we want to see if there's a token and then
// add the token if it exists.
if (config.url.indexOf(resource) > -1) {
var token = AccessToken.get();
if (token) {
config.headers.Authorization = 'Bearer ' + token.access_token;
}
}
});
return config;
}
};
});
'use strict';
var interceptorService = angular.module('oauth.interceptor', []);
interceptorService.factory('ExpiredInterceptor', ['Storage', '$rootScope', function (Storage, $rootScope) {
var service = {};
service.request = function(config) {
var token = Storage.get('token');
if (token && expired(token)) {
$rootScope.$broadcast('oauth:expired', token);
}
return config;
};
var expired = function(token) {
return (token && token.expires_at && new Date(token.expires_at) < new Date());
};
return service;
}]);
'use strict';
var directives = angular.module('oauth.directive', []);
directives.directive('oauth', [
'AccessToken',
'Endpoint',
'Profile',
'Storage',
'$location',
'$rootScope',
'$compile',
'$http',
'$templateCache',
function(AccessToken, Endpoint, Profile, Storage, $location, $rootScope, $compile, $http, $templateCache) {
var definition = {
restrict: 'AE',
replace: true,
scope: {
site: '@', // (required) set the oauth server host (e.g. http://oauth.example.com)
clientId: '@', // (required) client id
redirectUri: '@', // (required) client redirect uri
responseType: '@', // (optional) response type, defaults to token (use 'token' for implicit flow and 'code' for authorization code flow
scope: '@', // (optional) scope
profileUri: '@', // (optional) user profile uri (e.g http://example.com/me)
template: '@', // (optional) template to render (e.g bower_components/oauth-ng/dist/views/templates/default.html)
text: '@', // (optional) login text
authorizePath: '@', // (optional) authorization url
state: '@', // (optional) An arbitrary unique string created by your app to guard against Cross-site Request Forgery
storage: '@' // (optional) Store token in 'sessionStorage' or 'localStorage', defaults to 'sessionStorage'
}
};
definition.link = function postLink(scope, element) {
scope.show = 'none';
scope.$watch('clientId', function() {
init();
});
var init = function() {
initAttributes(); // sets defaults
Storage.use(scope.storage);// set storage
compile(); // compiles the desired layout
Endpoint.set(scope); // sets the oauth authorization url
AccessToken.set(scope); // sets the access token object (if existing, from fragment or session)
initProfile(scope); // gets the profile resource (if existing the access token)
initView(); // sets the view (logged in or out)
};
var initAttributes = function() {
scope.authorizePath = scope.authorizePath || '/oauth/authorize';
scope.tokenPath = scope.tokenPath || '/oauth/token';
scope.template = scope.template || 'bower_components/oauth-ng/dist/views/templates/default.html';
scope.responseType = scope.responseType || 'token';
scope.text = scope.text || 'Sign In';
scope.state = scope.state || undefined;
scope.scope = scope.scope || undefined;
scope.storage = scope.storage || 'sessionStorage';
};
var compile = function() {
$http.get(scope.template, { cache: $templateCache }).success(function(html) {
element.html(html);
$compile(element.contents())(scope);
});
};
var initProfile = function(scope) {
var token = AccessToken.get();
if (token && token.access_token && scope.profileUri) {
Profile.find(scope.profileUri).success(function(response) {
scope.profile = response;
});
}
};
var initView = function() {
var token = AccessToken.get();
if (!token) {
return loggedOut(); // without access token it's logged out
}
if (token.access_token) {
return authorized(); // if there is the access token we are done
}
if (token.error) {
return denied(); // if the request has been denied we fire the denied event
}
};
scope.login = function() {
Endpoint.redirect();
};
scope.logout = function() {
AccessToken.destroy(scope);
$rootScope.$broadcast('oauth:logout');
loggedOut();
};
scope.$on('oauth:expired', function() {
AccessToken.destroy(scope);
scope.show = 'logged-out';
});
// user is authorized
var authorized = function() {
$rootScope.$broadcast('oauth:authorized', AccessToken.get());
scope.show = 'logged-in';
};
// set the oauth directive to the logged-out status
var loggedOut = function() {
$rootScope.$broadcast('oauth:loggedOut');
scope.show = 'logged-out';
};
// set the oauth directive to the denied status
var denied = function() {
scope.show = 'denied';
$rootScope.$broadcast('oauth:denied');
};
// Updates the template at runtime
scope.$on('oauth:template:update', function(event, template) {
scope.template = template;
compile(scope);
});
// Hack to update the directive content on logout
// TODO think to a cleaner solution
scope.$on('$routeChangeSuccess', function () {
init();
});
};
return definition;
}
]);

101
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/header.html
View File

@ -1,101 +0,0 @@
<div>
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" th:href="@{/}">Spring Security OAuth</a>
</div>
</div><!-- /.container-fluid -->
</nav>
<oauth
site="http://localhost:8081/spring-security-oauth-server"
client-id="sampleClientId"
redirect-uri="http://localhost:8081/spring-security-oauth-ui-implicit/"
scope="read write foo bar"
template="oauthTemp">
</oauth>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.3.14/angular.min.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.3.14/angular-resource.min.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.3.14/angular-route.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/ngStorage/0.3.9/ngStorage.min.js"></script>
<script th:src="@{/resources/oauth-ng.js}"></script>
<script>
/*<![CDATA[*/
var app = angular.module('myApp', ["ngResource","ngRoute","oauth"]);
app.config(function($locationProvider) {
$locationProvider.html5Mode({
enabled: true,
requireBase: false
}).hashPrefix('!');
});
app.config(['$httpProvider', function ($httpProvider) {
$httpProvider.interceptors.push(function ($q,$rootScope) {
return {
'responseError': function (responseError) {
$rootScope.message = responseError.statusText;
console.log("error here");
console.log(responseError);
return $q.reject(responseError);
}
};
});
}]);
app.controller('mainCtrl', function($scope,$resource,$http,$rootScope) {
$scope.$on('oauth:login', function(event, token) {
$http.defaults.headers.common.Authorization= 'Bearer ' + token.access_token;
console.log('Authorized third party app with token', token.access_token);
});
$scope.foo = {id:0 , name:"sample foo"};
$scope.foos = $resource("http://localhost:8081/spring-security-oauth-resource/foos/:fooId",{fooId:'@id'});
$scope.getFoo = function(){
$scope.foo = $scope.foos.get({fooId:$scope.foo.id});
}
$scope.createFoo = function(){
if($scope.foo.name.length==0)
{
$rootScope.message = "Foo name can not be empty";
return;
}
$scope.foo.id = null;
$scope.foo = $scope.foos.save($scope.foo, function(){
$rootScope.message = "Foo Created Successfully";
});
}
// bar
$scope.bar = {id:0 , name:"sample bar"};
$scope.bars = $resource("http://localhost:8081/spring-security-oauth-resource/bars/:barId",{barId:'@id'});
$scope.getBar = function(){
$scope.bar = $scope.bars.get({barId:$scope.bar.id});
}
$scope.createBar = function(){
if($scope.bar.name.length==0)
{
$rootScope.message = "Bar name can not be empty";
return;
}
$scope.bar.id = null;
$scope.bar = $scope.bars.save($scope.bar, function(){
$rootScope.message = "Bar Created Successfully";
});
}
});
/*]]>*/
</script>
</div>

58
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/index.html
View File

@ -1,58 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Spring Security OAuth</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"/>
</head>
<body ng-app="myApp" ng-controller="mainCtrl">
<div th:include="header"></div>
<div class="container">
<div class="alert alert-info" ng-show="message">{{message}}</div>
<h1>Foo Details</h1>
<div class="col-sm-6">
<div class="col-sm-12">
<label class="col-sm-2">ID</label>
<span class="col-sm-10"><input class="form-control" ng-model="foo.id"/></span>
</div>
<div class="col-sm-12">
<label class="col-sm-2">Name</label>
<span class="col-sm-10"><input class="form-control" ng-model="foo.name"/></span>
</div>
<div class="col-sm-12">
<a class="btn btn-default" href="#" ng-click="getFoo()">Get Foo</a>
<a class="btn btn-default" href="#" ng-click="createFoo()">Create Foo</a>
</div>
</div>
<br/>
<hr/>
<br/>
<br/>
<br/>
<h1>Bar Details</h1>
<div class="col-sm-6">
<div class="col-sm-12">
<label class="col-sm-2">ID</label>
<span class="col-sm-10"><input class="form-control" ng-model="bar.id"/></span>
</div>
<div class="col-sm-12">
<label class="col-sm-2">Name</label>
<span class="col-sm-10"><input class="form-control" ng-model="bar.name"/></span>
</div>
<div class="col-sm-12">
<a class="btn btn-default" href="#" ng-click="getBar()">Get Bar</a>
<a class="btn btn-default" href="#" ng-click="createBar()">Create Bar</a>
</div>
</div>
</div>
</body>
</html>

6
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/oauthTemp.html
View File

@ -1,6 +0,0 @@
<div class="container">
<span class="col-sm-12">
<a href="#" class="btn btn-primary btn-lg" ng-show="show=='logged-out'" ng-click="login()">Login</a>
<a href="#" class="btn btn-primary btn-lg" ng-show="show=='denied'" ng-click="login()">Access denied. Try again.</a>
</span>
</div>

539
spring-security-oauth/spring-security-oauth-ui-implicit/src/main/webapp/resources/oauth-ng.js
View File

@ -1,539 +0,0 @@
/* oauth-ng - v0.4.2 - 2015-08-27 */
'use strict';
// App libraries
angular.module('oauth', [
'oauth.directive', // login directive
'oauth.accessToken', // access token service
'oauth.endpoint', // oauth endpoint service
'oauth.profile', // profile model
'oauth.storage', // storage
'oauth.interceptor', // bearer token interceptor
'oauth.configuration' // token appender
])
.config(['$locationProvider','$httpProvider',
function($locationProvider, $httpProvider) {
$httpProvider.interceptors.push('ExpiredInterceptor');
}]);
'use strict';
var accessTokenService = angular.module('oauth.accessToken', []);
accessTokenService.factory('AccessToken', ['Storage', '$rootScope', '$location', '$interval', function(Storage, $rootScope, $location, $interval){
var service = {
token: null
},
oAuth2HashTokens = [ //per http://tools.ietf.org/html/rfc6749#section-4.2.2
'access_token', 'token_type', 'expires_in', 'scope', 'state',
'error','error_description'
];
/**
* Returns the access token.
*/
service.get = function(){
return this.token;
};
/**
* Sets and returns the access token. It tries (in order) the following strategies:
* - takes the token from the fragment URI
* - takes the token from the sessionStorage
*/
service.set = function(){
this.setTokenFromString($location.hash());
//If hash is present in URL always use it, cuz its coming from oAuth2 provider redirect
if(null === service.token){
setTokenFromSession();
}
return this.token;
};
/**
* Delete the access token and remove the session.
* @returns {null}
*/
service.destroy = function(){
Storage.delete('token');
this.token = null;
return this.token;
};
/**
* Tells if the access token is expired.
*/
service.expired = function(){
return (this.token && this.token.expires_at && new Date(this.token.expires_at) < new Date());
};
/**
* Get the access token from a string and save it
* @param hash
*/
service.setTokenFromString = function(hash){
var params = getTokenFromString(hash);
if(params){
removeFragment();
setToken(params);
setExpiresAt();
// We have to save it again to make sure expires_at is set
// and the expiry event is set up properly
setToken(this.token);
$rootScope.$broadcast('oauth:login', service.token);
}
};
/* * * * * * * * * *
* PRIVATE METHODS *
* * * * * * * * * */
/**
* Set the access token from the sessionStorage.
*/
var setTokenFromSession = function(){
var params = Storage.get('token');
if (params) {
setToken(params);
}
};
/**
* Set the access token.
*
* @param params
* @returns {*|{}}
*/
var setToken = function(params){
service.token = service.token || {}; // init the token
angular.extend(service.token, params); // set the access token params
setTokenInSession(); // save the token into the session
setExpiresAtEvent(); // event to fire when the token expires
return service.token;
};
/**
* Parse the fragment URI and return an object
* @param hash
* @returns {{}}
*/
var getTokenFromString = function(hash){
var params = {},
regex = /([^&=]+)=([^&]*)/g,
m;
while ((m = regex.exec(hash)) !== null) {
params[decodeURIComponent(m[1])] = decodeURIComponent(m[2]);
}
if(params.access_token || params.error){
return params;
}
};
/**
* Save the access token into the session
*/
var setTokenInSession = function(){
Storage.set('token', service.token);
};
/**
* Set the access token expiration date (useful for refresh logics)
*/
var setExpiresAt = function(){
if (!service.token) {
return;
}
if(typeof(service.token.expires_in) !== 'undefined' && service.token.expires_in !== null) {
var expires_at = new Date();
expires_at.setSeconds(expires_at.getSeconds() + parseInt(service.token.expires_in)-60); // 60 seconds less to secure browser and response latency
service.token.expires_at = expires_at;
}
else {
service.token.expires_at = null;
}
};
/**
* Set the timeout at which the expired event is fired
*/
var setExpiresAtEvent = function(){
// Don't bother if there's no expires token
if (typeof(service.token.expires_at) === 'undefined' || service.token.expires_at === null) {
return;
}
var time = (new Date(service.token.expires_at))-(new Date());
if(time && time > 0){
$interval(function(){
$rootScope.$broadcast('oauth:expired', service.token);
}, time, 1);
}
};
/**
* Remove the oAuth2 pieces from the hash fragment
*/
var removeFragment = function(){
var curHash = $location.hash();
angular.forEach(oAuth2HashTokens,function(hashKey){
var re = new RegExp('&'+hashKey+'(=[^&]*)?|^'+hashKey+'(=[^&]*)?&?');
curHash = curHash.replace(re,'');
});
$location.hash(curHash);
};
return service;
}]);
'use strict';
var endpointClient = angular.module('oauth.endpoint', []);
endpointClient.factory('Endpoint', function() {
var service = {};
/*
* Defines the authorization URL
*/
service.set = function(configuration) {
this.config = configuration;
return this.get();
};
/*
* Returns the authorization URL
*/
service.get = function( overrides ) {
var params = angular.extend( {}, service.config, overrides);
var oAuthScope = (params.scope) ? encodeURIComponent(params.scope) : '',
state = (params.state) ? encodeURIComponent(params.state) : '',
authPathHasQuery = (params.authorizePath.indexOf('?') === -1) ? false : true,
appendChar = (authPathHasQuery) ? '&' : '?', //if authorizePath has ? already append OAuth2 params
responseType = (params.responseType) ? encodeURIComponent(params.responseType) : '';
var url = params.site +
params.authorizePath +
appendChar + 'response_type=' + responseType + '&' +
'client_id=' + encodeURIComponent(params.clientId) + '&' +
'redirect_uri=' + encodeURIComponent(params.redirectUri) + '&' +
'scope=' + oAuthScope + '&' +
'state=' + state;
if( params.nonce ) {
url = url + '&nonce=' + params.nonce;
}
return url;
};
/*
* Redirects the app to the authorization URL
*/
service.redirect = function( overrides ) {
var targetLocation = this.get( overrides );
window.location.replace(targetLocation);
};
return service;
});
'use strict';
var profileClient = angular.module('oauth.profile', []);
profileClient.factory('Profile', ['$http', 'AccessToken', '$rootScope', function($http, AccessToken, $rootScope) {
var service = {};
var profile;
service.find = function(uri) {
var promise = $http.get(uri, { headers: headers() });
promise.success(function(response) {
profile = response;
$rootScope.$broadcast('oauth:profile', profile);
});
return promise;
};
service.get = function() {
return profile;
};
service.set = function(resource) {
profile = resource;
return profile;
};
var headers = function() {
return { Authorization: 'Bearer ' + AccessToken.get().access_token };
};
return service;
}]);
'use strict';
var storageService = angular.module('oauth.storage', ['ngStorage']);
storageService.factory('Storage', ['$rootScope', '$sessionStorage', '$localStorage', function($rootScope, $sessionStorage, $localStorage){
var service = {
storage: $sessionStorage // By default
};
/**
* Deletes the item from storage,
* Returns the item's previous value
*/
service.delete = function (name) {
var stored = this.get(name);
delete this.storage[name];
return stored;
};
/**
* Returns the item from storage
*/
service.get = function (name) {
return this.storage[name];
};
/**
* Sets the item in storage to the value specified
* Returns the item's value
*/
service.set = function (name, value) {
this.storage[name] = value;
return this.get(name);
};
/**
* Change the storage service being used
*/
service.use = function (storage) {
if (storage === 'sessionStorage') {
this.storage = $sessionStorage;
} else if (storage === 'localStorage') {
this.storage = $localStorage;
}
};
return service;
}]);
'use strict';
var oauthConfigurationService = angular.module('oauth.configuration', []);
oauthConfigurationService.provider('OAuthConfiguration', function() {
var _config = {};
this.init = function(config, httpProvider) {
_config.protectedResources = config.protectedResources || [];
httpProvider.interceptors.push('AuthInterceptor');
};
this.$get = function() {
return {
getConfig: function() {
return _config;
}
};
};
})
.factory('AuthInterceptor', function($q, $rootScope, OAuthConfiguration, AccessToken) {
return {
'request': function(config) {
OAuthConfiguration.getConfig().protectedResources.forEach(function(resource) {
// If the url is one of the protected resources, we want to see if there's a token and then
// add the token if it exists.
if (config.url.indexOf(resource) > -1) {
var token = AccessToken.get();
if (token) {
config.headers.Authorization = 'Bearer ' + token.access_token;
}
}
});
return config;
}
};
});
'use strict';
var interceptorService = angular.module('oauth.interceptor', []);
interceptorService.factory('ExpiredInterceptor', ['Storage', '$rootScope', function (Storage, $rootScope) {
var service = {};
service.request = function(config) {
var token = Storage.get('token');
if (token && expired(token)) {
$rootScope.$broadcast('oauth:expired', token);
}
return config;
};
var expired = function(token) {
return (token && token.expires_at && new Date(token.expires_at) < new Date());
};
return service;
}]);
'use strict';
var directives = angular.module('oauth.directive', []);
directives.directive('oauth', [
'AccessToken',
'Endpoint',
'Profile',
'Storage',
'$location',
'$rootScope',
'$compile',
'$http',
'$templateCache',
function(AccessToken, Endpoint, Profile, Storage, $location, $rootScope, $compile, $http, $templateCache) {
var definition = {
restrict: 'AE',
replace: true,
scope: {
site: '@', // (required) set the oauth server host (e.g. http://oauth.example.com)
clientId: '@', // (required) client id
redirectUri: '@', // (required) client redirect uri
responseType: '@', // (optional) response type, defaults to token (use 'token' for implicit flow and 'code' for authorization code flow
scope: '@', // (optional) scope
profileUri: '@', // (optional) user profile uri (e.g http://example.com/me)
template: '@', // (optional) template to render (e.g bower_components/oauth-ng/dist/views/templates/default.html)
text: '@', // (optional) login text
authorizePath: '@', // (optional) authorization url
state: '@', // (optional) An arbitrary unique string created by your app to guard against Cross-site Request Forgery
storage: '@' // (optional) Store token in 'sessionStorage' or 'localStorage', defaults to 'sessionStorage'
}
};
definition.link = function postLink(scope, element) {
scope.show = 'none';
scope.$watch('clientId', function() {
init();
});
var init = function() {
initAttributes(); // sets defaults
Storage.use(scope.storage);// set storage
compile(); // compiles the desired layout
Endpoint.set(scope); // sets the oauth authorization url
AccessToken.set(scope); // sets the access token object (if existing, from fragment or session)
initProfile(scope); // gets the profile resource (if existing the access token)
initView(); // sets the view (logged in or out)
};
var initAttributes = function() {
scope.authorizePath = scope.authorizePath || '/oauth/authorize';
scope.tokenPath = scope.tokenPath || '/oauth/token';
scope.template = scope.template || 'bower_components/oauth-ng/dist/views/templates/default.html';
scope.responseType = scope.responseType || 'token';
scope.text = scope.text || 'Sign In';
scope.state = scope.state || undefined;
scope.scope = scope.scope || undefined;
scope.storage = scope.storage || 'sessionStorage';
};
var compile = function() {
$http.get(scope.template, { cache: $templateCache }).success(function(html) {
element.html(html);
$compile(element.contents())(scope);
});
};
var initProfile = function(scope) {
var token = AccessToken.get();
if (token && token.access_token && scope.profileUri) {
Profile.find(scope.profileUri).success(function(response) {
scope.profile = response;
});
}
};
var initView = function() {
var token = AccessToken.get();
if (!token) {
return loggedOut(); // without access token it's logged out
}
if (token.access_token) {
return authorized(); // if there is the access token we are done
}
if (token.error) {
return denied(); // if the request has been denied we fire the denied event
}
};
scope.login = function() {
Endpoint.redirect();
};
scope.logout = function() {
AccessToken.destroy(scope);
$rootScope.$broadcast('oauth:logout');
loggedOut();
};
scope.$on('oauth:expired', function() {
AccessToken.destroy(scope);
scope.show = 'logged-out';
});
// user is authorized
var authorized = function() {
$rootScope.$broadcast('oauth:authorized', AccessToken.get());
scope.show = 'logged-in';
};
// set the oauth directive to the logged-out status
var loggedOut = function() {
$rootScope.$broadcast('oauth:loggedOut');
scope.show = 'logged-out';
};
// set the oauth directive to the denied status
var denied = function() {
scope.show = 'denied';
$rootScope.$broadcast('oauth:denied');
};
// Updates the template at runtime
scope.$on('oauth:template:update', function(event, template) {
scope.template = template;
compile(scope);
});
// Hack to update the directive content on logout
// TODO think to a cleaner solution
scope.$on('$routeChangeSuccess', function () {
init();
});
};
return definition;
}
]);

32
spring-security-oauth/spring-security-oauth-ui-password/.classpath
View File

@ -1,32 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" output="target/classes" path="src/main/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
<attributes>
<attribute name="optional" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
<attributes>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
<attributes>
<attribute name="maven.pomderived" value="true"/>
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
</attributes>
</classpathentry>
<classpathentry kind="output" path="target/classes"/>
</classpath>

48
spring-security-oauth/spring-security-oauth-ui-password/.project
View File

@ -1,48 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>spring-security-oauth-ui-password</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.springframework.ide.eclipse.core.springbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.m2e.core.maven2Builder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.springframework.ide.eclipse.core.springnature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.m2e.core.maven2Nature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>

82
spring-security-oauth/spring-security-oauth-ui-password/pom.xml
View File

@ -1,82 +0,0 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-ui-password</artifactId>
<name>spring-security-oauth-ui-password</name>
<packaging>war</packaging>
<parent>
<groupId>org.baeldung</groupId>
<artifactId>spring-security-oauth</artifactId>
<version>1.0.0-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zuul</artifactId>
<version>1.0.4.RELEASE</version>
</dependency>
<!-- test -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-core</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.hamcrest</groupId>
<artifactId>hamcrest-library</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.jayway.restassured</groupId>
<artifactId>rest-assured</artifactId>
<version>${rest-assured.version}</version>
<scope>test</scope>
<exclusions>
<exclusion>
<artifactId>commons-logging</artifactId>
<groupId>commons-logging</groupId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
<build>
<finalName>spring-security-oauth-ui-password</finalName>
<resources>
<resource>
<directory>src/main/resources</directory>
<filtering>true</filtering>
</resource>
</resources>
</build>
</project>

28
spring-security-oauth/spring-security-oauth-ui-password/src/main/java/org/baeldung/config/CustomHttpServletRequest.java
View File

@ -1,28 +0,0 @@
package org.baeldung.config;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
public class CustomHttpServletRequest extends HttpServletRequestWrapper {
private final Map<String, String[]> additionalParams;
private final HttpServletRequest request;
public CustomHttpServletRequest(final HttpServletRequest request, final Map<String, String[]> additionalParams) {
super(request);
this.request = request;
this.additionalParams = additionalParams;
}
@Override
public Map<String, String[]> getParameterMap() {
final Map<String, String[]> map = request.getParameterMap();
final Map<String, String[]> param = new HashMap<String, String[]>();
param.putAll(map);
param.putAll(additionalParams);
return param;
}
}

69
spring-security-oauth/spring-security-oauth-ui-password/src/main/java/org/baeldung/config/CustomPostZuulFilter.java
View File

@ -1,69 +0,0 @@
package org.baeldung.config;
import java.io.InputStream;
import javax.servlet.http.Cookie;
import org.apache.commons.io.IOUtils;
import org.codehaus.jackson.JsonNode;
import org.codehaus.jackson.map.ObjectMapper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
@Component
public class CustomPostZuulFilter extends ZuulFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
private final ObjectMapper mapper = new ObjectMapper();
@Override
public Object run() {
final RequestContext ctx = RequestContext.getCurrentContext();
logger.info("in zuul filter " + ctx.getRequest().getRequestURI());
JsonNode json;
try {
final InputStream is = ctx.getResponseDataStream();
final String responseBody = IOUtils.toString(is, "UTF-8");
ctx.setResponseBody(responseBody);
if (responseBody.contains("refresh_token")) {
json = mapper.readTree(responseBody);
final String refreshToken = json.get("refresh_token").getTextValue();
final Cookie cookie = new Cookie("refreshToken", refreshToken);
cookie.setHttpOnly(true);
// cookie.setSecure(true);
cookie.setPath(ctx.getRequest().getContextPath() + "/oauth/token");
cookie.setMaxAge(2592000); // 30 days
ctx.getResponse().addCookie(cookie);
logger.info("refresh token = " + refreshToken);
}
} catch (final Exception e) {
logger.error("Error occured in zuul post filter", e);
}
return null;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public int filterOrder() {
return 10;
}
@Override
public String filterType() {
return "post";
}
}

82
spring-security-oauth/spring-security-oauth-ui-password/src/main/java/org/baeldung/config/CustomPreZuulFilter.java
View File

@ -1,82 +0,0 @@
package org.baeldung.config;
import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.stereotype.Component;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
@Component
public class CustomPreZuulFilter extends ZuulFilter {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@Override
public Object run() {
final RequestContext ctx = RequestContext.getCurrentContext();
logger.info("in zuul filter " + ctx.getRequest().getRequestURI());
byte[] encoded;
try {
encoded = Base64.encode("fooClientIdPassword:secret".getBytes("UTF-8"));
ctx.addZuulRequestHeader("Authorization", "Basic " + new String(encoded));
logger.info("pre filter");
logger.info(ctx.getRequest().getHeader("Authorization"));
//
final HttpServletRequest req = ctx.getRequest();
final String refreshToken = extractRefreshToken(req);
if (refreshToken != null) {
final Map<String, String[]> param = new HashMap<String, String[]>();
param.put("refresh_token", new String[] { refreshToken });
param.put("grant_type", new String[] { "refresh_token" });
ctx.setRequest(new CustomHttpServletRequest(req, param));
}
} catch (final UnsupportedEncodingException e) {
logger.error("Error occured in pre filter", e);
}
//
return null;
}
private String extractRefreshToken(HttpServletRequest req) {
final Cookie[] cookies = req.getCookies();
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
if (cookies[i].getName().equalsIgnoreCase("refreshToken")) {
return cookies[i].getValue();
}
}
}
return null;
}
@Override
public boolean shouldFilter() {
return true;
}
@Override
public int filterOrder() {
return -2;
}
@Override
public String filterType() {
return "pre";
}
}

15
spring-security-oauth/spring-security-oauth-ui-password/src/main/java/org/baeldung/config/UiApplication.java
View File

@ -1,15 +0,0 @@
package org.baeldung.config;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.context.web.SpringBootServletInitializer;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
@EnableZuulProxy
@SpringBootApplication
public class UiApplication extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(UiApplication.class, args);
}
}

39
spring-security-oauth/spring-security-oauth-ui-password/src/main/java/org/baeldung/config/UiWebConfig.java
View File

@ -1,39 +0,0 @@
package org.baeldung.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@Configuration
@EnableWebMvc
public class UiWebConfig extends WebMvcConfigurerAdapter {
@Bean
public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
return new PropertySourcesPlaceholderConfigurer();
}
@Override
public void configureDefaultServletHandling(final DefaultServletHandlerConfigurer configurer) {
configurer.enable();
}
@Override
public void addViewControllers(final ViewControllerRegistry registry) {
super.addViewControllers(registry);
registry.addViewController("/").setViewName("forward:/index");
registry.addViewController("/index");
registry.addViewController("/login");
}
@Override
public void addResourceHandlers(final ResourceHandlerRegistry registry) {
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
}
}

1
spring-security-oauth/spring-security-oauth-ui-password/src/main/resources/application.properties
View File

@ -1 +0,0 @@
zuul.Servlet30WrapperFilter.pre.disable=true

7
spring-security-oauth/spring-security-oauth-ui-password/src/main/resources/application.yml
View File

@ -1,7 +0,0 @@
server:
port: 8081
zuul:
routes:
oauth:
path: /oauth/**
url: http://localhost:8081/spring-security-oauth-server/oauth

76
spring-security-oauth/spring-security-oauth-ui-password/src/main/resources/templates/header.html
View File

@ -1,76 +0,0 @@
<div>
<nav class="navbar navbar-default">
<div class="container-fluid">
<div class="navbar-header">
<a class="navbar-brand" th:href="@{/}">Spring Security OAuth</a>
</div>
</div><!-- /.container-fluid -->
</nav>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.4.7/angular.min.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.4.7/angular-resource.min.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.4.7/angular-cookies.min.js"></script>
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.3.14/angular-route.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/ngStorage/0.3.9/ngStorage.min.js"></script>
<script th:src="@{/resources/angular-utf8-base64.min.js}"></script>
<script>
/*<![CDATA[*/
var app = angular.module('myApp', ["ngResource","ngRoute","ngCookies"]);
app.controller('mainCtrl', function($scope,$resource,$http,$httpParamSerializer,$cookies) {
$scope.foo = {id:0 , name:"sample foo"};
$scope.foos = $resource("http://localhost:8081/spring-security-oauth-resource/foos/:fooId",{fooId:'@id'});
$scope.getFoo = function(){
$scope.foo = $scope.foos.get({fooId:$scope.foo.id});
}
$scope.loginData = {grant_type:"password", username: "", password: "", client_id: "fooClientIdPassword"};
$scope.refreshData = {grant_type:"refresh_token"};
var isLoginPage = window.location.href.indexOf("login") != -1;
if(isLoginPage){
if($cookies.get("access_token")){
window.location.href = "index";
}
}else{
if($cookies.get("access_token")){
$http.defaults.headers.common.Authorization= 'Bearer ' + $cookies.get("access_token");
}else{
obtainAccessToken($scope.refreshData);
}
}
$scope.login = function() {
obtainAccessToken($scope.loginData);
}
function obtainAccessToken(params){
var req = {
method: 'POST',
url: "oauth/token",
headers: {"Content-type": "application/x-www-form-urlencoded; charset=utf-8"},
data: $httpParamSerializer(params)
}
$http(req).then(
function(data){
$http.defaults.headers.common.Authorization= 'Bearer ' + data.data.access_token;
var expireDate = new Date (new Date().getTime() + (1000 * data.data.expires_in));
$cookies.put("access_token", data.data.access_token, {'expires': expireDate});
window.location.href="index";
},function(){
console.log("error");
window.location.href = "login";
}
);
}
});
/*]]>*/
</script>
</div>

30
spring-security-oauth/spring-security-oauth-ui-password/src/main/resources/templates/index.html
View File

@ -1,30 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Spring Security OAuth</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"/>
</head>
<body ng-app="myApp" ng-controller="mainCtrl">
<div th:include="header"></div>
<div class="container">
<h1 class="col-sm-12">Foo Details</h1>
<div class="col-sm-12">
<label class="col-sm-3">ID</label>
<span>{{foo.id}}</span>
</div>
<div class="col-sm-12">
<label class="col-sm-3">Name</label>
<span>{{foo.name}}</span>
</div>
<div class="col-sm-12">
<a class="btn btn-default" href="#" ng-click="getFoo()">New Foo</a>
</div>
</div>
</body>
</html>

35
spring-security-oauth/spring-security-oauth-ui-password/src/main/resources/templates/login.html
View File

@ -1,35 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Spring Security OAuth</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"/>
</head>
<body ng-app="myApp" ng-controller="mainCtrl">
<div th:include="header"></div>
<div class="container">
<h1 class="col-sm-12">Login</h1>
<div class="col-sm-6">
<div class="col-sm-12">
<label class="col-sm-3">Username</label>
<input class="form-control" type="text" ng-model="loginData.username"/>
</div>
<div class="col-sm-12">
<label class="col-sm-3">Password</label>
<input class="form-control" type="password" ng-model="loginData.password"/>
</div>
<div class="col-sm-12">
<a class="btn btn-default" href="#" ng-click="login()">Login</a>
</div>
</div>
</div>
</body>
</html>

1
spring-security-oauth/spring-security-oauth-ui-password/src/main/webapp/resources/angular-utf8-base64.min.js vendored
View File

@ -1 +0,0 @@
"use strict";angular.module("ab-base64",[]).constant("base64",function(){var a={alphabet:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",lookup:null,ie:/MSIE /.test(navigator.userAgent),ieo:/MSIE [67]/.test(navigator.userAgent),encode:function(b){var c,d,e,f,g=a.toUtf8(b),h=-1,i=g.length,j=[,,,];if(a.ie){for(c=[];++h<i;)d=g[h],e=g[++h],j[0]=d>>2,j[1]=(3&d)<<4|e>>4,isNaN(e)?j[2]=j[3]=64:(f=g[++h],j[2]=(15&e)<<2|f>>6,j[3]=isNaN(f)?64:63&f),c.push(a.alphabet.charAt(j[0]),a.alphabet.charAt(j[1]),a.alphabet.charAt(j[2]),a.alphabet.charAt(j[3]));return c.join("")}for(c="";++h<i;)d=g[h],e=g[++h],j[0]=d>>2,j[1]=(3&d)<<4|e>>4,isNaN(e)?j[2]=j[3]=64:(f=g[++h],j[2]=(15&e)<<2|f>>6,j[3]=isNaN(f)?64:63&f),c+=a.alphabet[j[0]]+a.alphabet[j[1]]+a.alphabet[j[2]]+a.alphabet[j[3]];return c},decode:function(b){if(b=b.replace(/\s/g,""),b.length%4)throw new Error("InvalidLengthError: decode failed: The string to be decoded is not the correct length for a base64 encoded string.");if(/[^A-Za-z0-9+\/=\s]/g.test(b))throw new Error("InvalidCharacterError: decode failed: The string contains characters invalid in a base64 encoded string.");var c,d=a.fromUtf8(b),e=0,f=d.length;if(a.ieo){for(c=[];f>e;)c.push(d[e]<128?String.fromCharCode(d[e++]):d[e]>191&&d[e]<224?String.fromCharCode((31&d[e++])<<6|63&d[e++]):String.fromCharCode((15&d[e++])<<12|(63&d[e++])<<6|63&d[e++]));return c.join("")}for(c="";f>e;)c+=String.fromCharCode(d[e]<128?d[e++]:d[e]>191&&d[e]<224?(31&d[e++])<<6|63&d[e++]:(15&d[e++])<<12|(63&d[e++])<<6|63&d[e++]);return c},toUtf8:function(a){var b,c=-1,d=a.length,e=[];if(/^[\x00-\x7f]*$/.test(a))for(;++c<d;)e.push(a.charCodeAt(c));else for(;++c<d;)b=a.charCodeAt(c),128>b?e.push(b):2048>b?e.push(b>>6|192,63&b|128):e.push(b>>12|224,b>>6&63|128,63&b|128);return e},fromUtf8:function(b){var c,d=-1,e=[],f=[,,,];if(!a.lookup){for(c=a.alphabet.length,a.lookup={};++d<c;)a.lookup[a.alphabet.charAt(d)]=d;d=-1}for(c=b.length;++d<c&&(f[0]=a.lookup[b.charAt(d)],f[1]=a.lookup[b.charAt(++d)],e.push(f[0]<<2|f[1]>>4),f[2]=a.lookup[b.charAt(++d)],64!==f[2])&&(e.push((15&f[1])<<4|f[2]>>2),f[3]=a.lookup[b.charAt(++d)],64!==f[3]);)e.push((3&f[2])<<6|f[3]);return e}},b={decode:function(b){b=b.replace(/-/g,"+").replace(/_/g,"/");var c=b.length%4;if(c){if(1===c)throw new Error("InvalidLengthError: Input base64url string is the wrong length to determine padding");b+=new Array(5-c).join("=")}return a.decode(b)},encode:function(b){var c=a.encode(b);return c.replace(/\+/g,"-").replace(/\//g,"_").split("=",1)[0]}};return{decode:a.decode,encode:a.encode,urldecode:b.decode,urlencode:b.encode}}());

70
spring-security-oauth/spring-security-oauth-ui-password/src/test/java/org/baeldung/live/AuthorizationLiveTest.java
View File

@ -1,70 +0,0 @@
package org.baeldung.live;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import java.util.HashMap;
import java.util.Map;
import org.junit.Test;
import org.springframework.http.MediaType;
import com.jayway.restassured.RestAssured;
import com.jayway.restassured.response.Response;
public class AuthorizationLiveTest {
private String obtainAccessToken(String clientId, String username, String password) {
final Map<String, String> params = new HashMap<String, String>();
params.put("grant_type", "password");
params.put("client_id", clientId);
params.put("username", username);
params.put("password", password);
final Response response = RestAssured.given().auth().preemptive().basic(clientId, "secret").and().with().params(params).when().post("http://localhost:8081/spring-security-oauth-server/oauth/token");
return response.jsonPath().getString("access_token");
}
@Test
public void givenUser_whenUseFooClient_thenOkForFooResourceOnly() {
final String accessToken = obtainAccessToken("fooClientIdPassword", "john", "123");
final Response fooResponse = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/foos/1");
assertEquals(200, fooResponse.getStatusCode());
assertNotNull(fooResponse.jsonPath().get("name"));
final Response barResponse = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/bars/1");
assertEquals(403, barResponse.getStatusCode());
}
@Test
public void givenUser_whenUseBarClient_thenOkForBarResourceReadOnly() {
final String accessToken = obtainAccessToken("barClientIdPassword", "john", "123");
final Response fooResponse = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/foos/1");
assertEquals(403, fooResponse.getStatusCode());
final Response barReadResponse = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/bars/1");
assertEquals(200, barReadResponse.getStatusCode());
assertNotNull(barReadResponse.jsonPath().get("name"));
final Response barWritResponse = RestAssured.given().contentType(MediaType.APPLICATION_JSON_VALUE).header("Authorization", "Bearer " + accessToken).body("{\"id\":1,\"name\":\"MyBar\"}").post("http://localhost:8081/spring-security-oauth-resource/bars");
assertEquals(403, barWritResponse.getStatusCode());
}
@Test
public void givenAdmin_whenUseBarClient_thenOkForBarResourceReadWrite() {
final String accessToken = obtainAccessToken("barClientIdPassword", "tom", "111");
final Response fooResponse = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/foos/1");
assertEquals(403, fooResponse.getStatusCode());
final Response barResponse = RestAssured.given().header("Authorization", "Bearer " + accessToken).get("http://localhost:8081/spring-security-oauth-resource/bars/1");
assertEquals(200, barResponse.getStatusCode());
assertNotNull(barResponse.jsonPath().get("name"));
final Response barWritResponse = RestAssured.given().contentType(MediaType.APPLICATION_JSON_VALUE).header("Authorization", "Bearer " + accessToken).body("{\"id\":1,\"name\":\"MyBar\"}").post("http://localhost:8081/spring-security-oauth-resource/bars");
assertEquals(201, barWritResponse.getStatusCode());
assertEquals("MyBar", barWritResponse.jsonPath().get("name"));
}
}