[JAVA-29009] Upgrade to spring-reactive-oauth module to Spring Boot 3 (#16328)
This commit is contained in:
Amit Pandey
GitHub
parent
dde9779c83
commit
5201ee6ab5
|
|
@ -11,9 +11,10 @@
|
|||
<description>WebFlux and Spring Security OAuth</description>
|
||||
|
||||
<parent>
|
||||
<groupId>com.baeldung.spring.reactive</groupId>
|
||||
<artifactId>spring-reactive-modules</artifactId>
|
||||
<version>1.0.0-SNAPSHOT</version>
|
||||
<groupId>com.baeldung</groupId>
|
||||
<artifactId>parent-boot-3</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
<relativePath>../../parent-boot-3</relativePath>
|
||||
</parent>
|
||||
|
||||
<dependencies>
|
||||
|
|
@ -62,4 +63,8 @@
|
|||
</plugins>
|
||||
</build>
|
||||
|
||||
<properties>
|
||||
<start-class>com.baeldung.reactive.oauth.Spring5ReactiveOauthApplication</start-class>
|
||||
</properties>
|
||||
|
||||
</project>
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
package com.baeldung.reactive.oauth;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
|
|
@ -10,10 +11,11 @@ public class SecurityConfig {
|
|||
|
||||
@Bean
|
||||
public SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
|
||||
return http.authorizeExchange()
|
||||
return http.authorizeExchange(auth -> auth
|
||||
.pathMatchers("/about").permitAll()
|
||||
.anyExchange().authenticated()
|
||||
.and().oauth2Login()
|
||||
.and().build();
|
||||
.anyExchange().authenticated())
|
||||
.oauth2Login(Customizer.withDefaults())
|
||||
.build();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,9 +4,12 @@ import org.springframework.boot.SpringApplication;
|
|||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
|
||||
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
||||
import org.springframework.web.reactive.function.client.WebClient;
|
||||
|
||||
@PropertySource("classpath:default-application.yml")
|
||||
|
|
@ -24,4 +27,13 @@ public class Spring5ReactiveOauthApplication {
|
|||
.filter(filter)
|
||||
.build();
|
||||
}
|
||||
|
||||
@Bean
|
||||
public ReactiveClientRegistrationRepository clientRegistrations() {
|
||||
ClientRegistration registration = ClientRegistration.withRegistrationId("bael").authorizationGrantType(
|
||||
AuthorizationGrantType.CLIENT_CREDENTIALS).clientId("bael").tokenUri("default").build();
|
||||
|
||||
return new InMemoryReactiveClientRegistrationRepository(registration);
|
||||
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ package com.baeldung.webclient.authorizationcodeclient.configuration;
|
|||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
|
||||
|
|
@ -9,13 +10,9 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
|
|||
public class WebSecurityConfig {
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
|
||||
http.authorizeExchange()
|
||||
.anyExchange()
|
||||
.authenticated()
|
||||
.and()
|
||||
.oauth2Client()
|
||||
.and()
|
||||
.formLogin();
|
||||
http.authorizeExchange(s-> s.anyExchange().authenticated())
|
||||
.oauth2Client(Customizer.withDefaults())
|
||||
.formLogin(Customizer.withDefaults());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@ package com.baeldung.webclient.authorizationcodelogin.configuration;
|
|||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.web.server.ServerHttpSecurity;
|
||||
import org.springframework.security.web.server.SecurityWebFilterChain;
|
||||
|
||||
|
|
@ -9,11 +10,8 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
|
|||
public class WebSecurityConfig {
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
|
||||
http.authorizeExchange()
|
||||
.anyExchange()
|
||||
.authenticated()
|
||||
.and()
|
||||
.oauth2Login();
|
||||
http.authorizeExchange(s-> s.anyExchange().authenticated())
|
||||
.oauth2Login(Customizer.withDefaults());
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,22 +1,60 @@
|
|||
package com.baeldung.webclient.clientcredentials.configuration;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
|
||||
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
|
||||
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
|
||||
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
|
||||
import org.springframework.security.oauth2.client.registration.ClientRegistration;
|
||||
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
|
||||
import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
|
||||
import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository;
|
||||
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
||||
import org.springframework.web.reactive.function.client.WebClient;
|
||||
|
||||
@Configuration
|
||||
public class WebClientConfig {
|
||||
|
||||
@Bean
|
||||
WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations) {
|
||||
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
|
||||
oauth.setDefaultClientRegistrationId("bael");
|
||||
return WebClient.builder()
|
||||
.filter(oauth)
|
||||
ReactiveClientRegistrationRepository clientRegistrations(
|
||||
@Value("${spring.security.oauth2.client.provider.bael.token-uri}") String token_uri,
|
||||
@Value("${spring.security.oauth2.client.registration.bael.client-id}") String client_id,
|
||||
@Value("${spring.security.oauth2.client.registration.bael.client-secret}") String client_secret,
|
||||
@Value("${spring.security.oauth2.client.registration.bael.authorization-grant-type}") String authorizationGrantType
|
||||
|
||||
) {
|
||||
ClientRegistration registration = ClientRegistration
|
||||
.withRegistrationId("keycloak")
|
||||
.tokenUri(token_uri)
|
||||
.clientId(client_id)
|
||||
.clientSecret(client_secret)
|
||||
.authorizationGrantType(new AuthorizationGrantType(authorizationGrantType))
|
||||
.build();
|
||||
return new InMemoryReactiveClientRegistrationRepository(registration);
|
||||
}
|
||||
@Bean
|
||||
public AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager(
|
||||
ReactiveClientRegistrationRepository clientRegistrationRepository) {
|
||||
InMemoryReactiveOAuth2AuthorizedClientService clientService =
|
||||
new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrationRepository);
|
||||
ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
|
||||
ReactiveOAuth2AuthorizedClientProviderBuilder.builder().clientCredentials().build();
|
||||
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager =
|
||||
new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
|
||||
clientRegistrationRepository, clientService);
|
||||
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
|
||||
return authorizedClientManager;
|
||||
}
|
||||
|
||||
@Bean
|
||||
WebClient webClient(AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager auth2AuthorizedClientManager) {
|
||||
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth2Client =
|
||||
new ServerOAuth2AuthorizedClientExchangeFilterFunction(auth2AuthorizedClientManager);
|
||||
oauth2Client.setDefaultClientRegistrationId("bael");
|
||||
return WebClient.builder()
|
||||
.filter(oauth2Client)
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,6 +11,6 @@ public class WebClientConfig {
|
|||
public WebClient configureWebClient() {
|
||||
return WebClient.builder()
|
||||
.build();
|
||||
};
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,9 +9,7 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
|
|||
public class WebSecurityConfig {
|
||||
@Bean
|
||||
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
|
||||
http.authorizeExchange()
|
||||
.anyExchange()
|
||||
.permitAll();
|
||||
http.authorizeExchange(s -> s.anyExchange().permitAll());
|
||||
return http.build();
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,12 +1,13 @@
|
|||
package com.baeldung.reactive.oauth;
|
||||
|
||||
import com.baeldung.webclient.clientcredentials.configuration.WebClientConfig;
|
||||
import org.junit.Test;
|
||||
import org.junit.runner.RunWith;
|
||||
import org.springframework.boot.test.context.SpringBootTest;
|
||||
import org.springframework.test.context.junit4.SpringRunner;
|
||||
|
||||
@RunWith(SpringRunner.class)
|
||||
@SpringBootTest
|
||||
@SpringBootTest(classes = WebClientConfig.class)
|
||||
public class Spring5ReactiveOauthIntegrationTest {
|
||||
|
||||
@Test
|
||||
|
|
|
|||
Loading…
Reference in New Issue