[JAVA-29009] Upgrade to spring-reactive-oauth module to Spring Boot 3 (#16328)

This commit is contained in:
Amit Pandey 2024-04-14 18:37:36 +05:30 committed by GitHub
parent dde9779c83
commit 5201ee6ab5
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 81 additions and 30 deletions

View File

@ -11,9 +11,10 @@
<description>WebFlux and Spring Security OAuth</description> <description>WebFlux and Spring Security OAuth</description>
<parent> <parent>
<groupId>com.baeldung.spring.reactive</groupId> <groupId>com.baeldung</groupId>
<artifactId>spring-reactive-modules</artifactId> <artifactId>parent-boot-3</artifactId>
<version>1.0.0-SNAPSHOT</version> <version>0.0.1-SNAPSHOT</version>
<relativePath>../../parent-boot-3</relativePath>
</parent> </parent>
<dependencies> <dependencies>
@ -62,4 +63,8 @@
</plugins> </plugins>
</build> </build>
<properties>
<start-class>com.baeldung.reactive.oauth.Spring5ReactiveOauthApplication</start-class>
</properties>
</project> </project>

View File

@ -1,6 +1,7 @@
package com.baeldung.reactive.oauth; package com.baeldung.reactive.oauth;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity; import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.SecurityWebFilterChain;
@ -10,10 +11,11 @@ public class SecurityConfig {
@Bean @Bean
public SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception { public SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
return http.authorizeExchange() return http.authorizeExchange(auth -> auth
.pathMatchers("/about").permitAll() .pathMatchers("/about").permitAll()
.anyExchange().authenticated() .anyExchange().authenticated())
.and().oauth2Login() .oauth2Login(Customizer.withDefaults())
.and().build(); .build();
} }
} }

View File

@ -4,9 +4,12 @@ import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.PropertySource; import org.springframework.context.annotation.PropertySource;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction; import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.web.reactive.function.client.WebClient; import org.springframework.web.reactive.function.client.WebClient;
@PropertySource("classpath:default-application.yml") @PropertySource("classpath:default-application.yml")
@ -24,4 +27,13 @@ public class Spring5ReactiveOauthApplication {
.filter(filter) .filter(filter)
.build(); .build();
} }
@Bean
public ReactiveClientRegistrationRepository clientRegistrations() {
ClientRegistration registration = ClientRegistration.withRegistrationId("bael").authorizationGrantType(
AuthorizationGrantType.CLIENT_CREDENTIALS).clientId("bael").tokenUri("default").build();
return new InMemoryReactiveClientRegistrationRepository(registration);
}
} }

View File

@ -2,6 +2,7 @@ package com.baeldung.webclient.authorizationcodeclient.configuration;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.web.server.ServerHttpSecurity; import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.SecurityWebFilterChain;
@ -9,13 +10,9 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
public class WebSecurityConfig { public class WebSecurityConfig {
@Bean @Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange() http.authorizeExchange(s-> s.anyExchange().authenticated())
.anyExchange() .oauth2Client(Customizer.withDefaults())
.authenticated() .formLogin(Customizer.withDefaults());
.and()
.oauth2Client()
.and()
.formLogin();
return http.build(); return http.build();
} }

View File

@ -2,6 +2,7 @@ package com.baeldung.webclient.authorizationcodelogin.configuration;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.web.server.ServerHttpSecurity; import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.SecurityWebFilterChain;
@ -9,11 +10,8 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
public class WebSecurityConfig { public class WebSecurityConfig {
@Bean @Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange() http.authorizeExchange(s-> s.anyExchange().authenticated())
.anyExchange() .oauth2Login(Customizer.withDefaults());
.authenticated()
.and()
.oauth2Login();
return http.build(); return http.build();
} }

View File

@ -1,22 +1,60 @@
package com.baeldung.webclient.clientcredentials.configuration; package com.baeldung.webclient.clientcredentials.configuration;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProvider;
import org.springframework.security.oauth2.client.ReactiveOAuth2AuthorizedClientProviderBuilder;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository; import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction; import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
import org.springframework.security.oauth2.client.web.server.UnAuthenticatedServerOAuth2AuthorizedClientRepository; import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.web.reactive.function.client.WebClient; import org.springframework.web.reactive.function.client.WebClient;
@Configuration @Configuration
public class WebClientConfig { public class WebClientConfig {
@Bean @Bean
WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations) { ReactiveClientRegistrationRepository clientRegistrations(
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, new UnAuthenticatedServerOAuth2AuthorizedClientRepository()); @Value("${spring.security.oauth2.client.provider.bael.token-uri}") String token_uri,
oauth.setDefaultClientRegistrationId("bael"); @Value("${spring.security.oauth2.client.registration.bael.client-id}") String client_id,
return WebClient.builder() @Value("${spring.security.oauth2.client.registration.bael.client-secret}") String client_secret,
.filter(oauth) @Value("${spring.security.oauth2.client.registration.bael.authorization-grant-type}") String authorizationGrantType
) {
ClientRegistration registration = ClientRegistration
.withRegistrationId("keycloak")
.tokenUri(token_uri)
.clientId(client_id)
.clientSecret(client_secret)
.authorizationGrantType(new AuthorizationGrantType(authorizationGrantType))
.build(); .build();
return new InMemoryReactiveClientRegistrationRepository(registration);
}
@Bean
public AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager(
ReactiveClientRegistrationRepository clientRegistrationRepository) {
InMemoryReactiveOAuth2AuthorizedClientService clientService =
new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrationRepository);
ReactiveOAuth2AuthorizedClientProvider authorizedClientProvider =
ReactiveOAuth2AuthorizedClientProviderBuilder.builder().clientCredentials().build();
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager =
new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(
clientRegistrationRepository, clientService);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
return authorizedClientManager;
} }
@Bean
WebClient webClient(AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager auth2AuthorizedClientManager) {
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth2Client =
new ServerOAuth2AuthorizedClientExchangeFilterFunction(auth2AuthorizedClientManager);
oauth2Client.setDefaultClientRegistrationId("bael");
return WebClient.builder()
.filter(oauth2Client)
.build();
}
} }

View File

@ -11,6 +11,6 @@ public class WebClientConfig {
public WebClient configureWebClient() { public WebClient configureWebClient() {
return WebClient.builder() return WebClient.builder()
.build(); .build();
}; }
} }

View File

@ -9,9 +9,7 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
public class WebSecurityConfig { public class WebSecurityConfig {
@Bean @Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) { public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange() http.authorizeExchange(s -> s.anyExchange().permitAll());
.anyExchange()
.permitAll();
return http.build(); return http.build();
} }
} }

View File

@ -1,12 +1,13 @@
package com.baeldung.reactive.oauth; package com.baeldung.reactive.oauth;
import com.baeldung.webclient.clientcredentials.configuration.WebClientConfig;
import org.junit.Test; import org.junit.Test;
import org.junit.runner.RunWith; import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.junit4.SpringRunner; import org.springframework.test.context.junit4.SpringRunner;
@RunWith(SpringRunner.class) @RunWith(SpringRunner.class)
@SpringBootTest @SpringBootTest(classes = WebClientConfig.class)
public class Spring5ReactiveOauthIntegrationTest { public class Spring5ReactiveOauthIntegrationTest {
@Test @Test