From 54131bcb2c73163d29aa7902175ace0ae1bf16b4 Mon Sep 17 00:00:00 2001 From: eugenp Date: Tue, 1 Mar 2016 20:57:38 +0200 Subject: [PATCH] new demo classes for oauth --- .../baeldung/config/MethodSecurityConfig.java | 2 + .../config/OAuth2ResourceServerConfig.java | 5 +- .../OAuth2ResourceServerConfigDemo.java | 31 +++++++++++ .../OAuth2AuthorizationServerConfig.java | 24 +++++---- .../OAuth2AuthorizationServerConfigDemo.java | 51 +++++++++++++++++++ 5 files changed, 101 insertions(+), 12 deletions(-) create mode 100644 spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfigDemo.java create mode 100644 spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfigDemo.java diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/MethodSecurityConfig.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/MethodSecurityConfig.java index c0a7f86207..25fcab2ffd 100644 --- a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/MethodSecurityConfig.java +++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/MethodSecurityConfig.java @@ -9,8 +9,10 @@ import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecur @Configuration @EnableGlobalMethodSecurity(prePostEnabled = true) public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration { + @Override protected MethodSecurityExpressionHandler createExpressionHandler() { return new OAuth2MethodSecurityExpressionHandler(); } + } \ No newline at end of file diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java index 7809278ad8..85d75a857b 100644 --- a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java +++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java @@ -20,11 +20,14 @@ import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore; @PropertySource({ "classpath:persistence.properties" }) @EnableResourceServer public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter { + @Autowired private Environment env; + // + @Override - public void configure(HttpSecurity http) throws Exception { + public void configure(final HttpSecurity http) throws Exception { // @formatter:off http .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfigDemo.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfigDemo.java new file mode 100644 index 0000000000..0e80b7bc9c --- /dev/null +++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfigDemo.java @@ -0,0 +1,31 @@ +package org.baeldung.config; + +import org.springframework.context.annotation.Bean; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.oauth2.provider.token.TokenStore; +import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; + +//@Configuration +//@EnableResourceServer +public class OAuth2ResourceServerConfigDemo extends ResourceServerConfigurerAdapter { + + // + + @Override + public void configure(final HttpSecurity http) throws Exception { + // @formatter:off + http + .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED) + .and().authorizeRequests().anyRequest().authenticated(); + ; + // @formatter:on + } + + @Bean + public TokenStore tokenStore() { + return new InMemoryTokenStore(); + } + +} diff --git a/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java b/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java index 132dc3b699..3ada55e095 100644 --- a/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java +++ b/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java @@ -38,41 +38,42 @@ public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigur @Value("classpath:schema.sql") private Resource schemaScript; + // + @Override - public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { + public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()"); } @Override - public void configure(ClientDetailsServiceConfigurer clients) throws Exception { - // @formatter:off + public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off clients.jdbc(dataSource()) .withClient("sampleClientId") .authorizedGrantTypes("implicit") .scopes("read","write","foo","bar") .autoApprove(false) .accessTokenValiditySeconds(3600) + .and() .withClient("fooClientIdPassword") .secret("secret") .authorizedGrantTypes("password","authorization_code", "refresh_token") .scopes("foo","read","write") - .accessTokenValiditySeconds(3600) // 1hour - .refreshTokenValiditySeconds(2592000) // 30days + .accessTokenValiditySeconds(3600) // 1 hour + .refreshTokenValiditySeconds(2592000) // 30 days + .and() .withClient("barClientIdPassword") .secret("secret") .authorizedGrantTypes("password","authorization_code", "refresh_token") .scopes("bar","read","write") - .accessTokenValiditySeconds(3600) // 1hour - .refreshTokenValiditySeconds(2592000) // 30days + .accessTokenValiditySeconds(3600) // 1 hour + .refreshTokenValiditySeconds(2592000) // 30 days ; - - // @formatter:on - } + } // @formatter:on @Override - public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { + public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager); } @@ -104,4 +105,5 @@ public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigur public TokenStore tokenStore() { return new JdbcTokenStore(dataSource()); } + } diff --git a/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfigDemo.java b/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfigDemo.java new file mode 100644 index 0000000000..e37cd93e63 --- /dev/null +++ b/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfigDemo.java @@ -0,0 +1,51 @@ +package org.baeldung.config; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.context.annotation.Bean; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; +import org.springframework.security.oauth2.provider.token.TokenStore; +import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; + +//@Configuration +//@EnableAuthorizationServer +public class OAuth2AuthorizationServerConfigDemo extends AuthorizationServerConfigurerAdapter { + + @Autowired + @Qualifier("authenticationManagerBean") + private AuthenticationManager authenticationManager; + + // + + @Override + public void configure(final AuthorizationServerSecurityConfigurer oauthServer) throws Exception { + oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()"); + } + + @Override + public void configure(final ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off + clients.inMemory() + .withClient("fooClientIdPassword") + .secret("secret") + .authorizedGrantTypes("password", "authorization_code", "refresh_token") + .scopes("foo", "read", "write") + .accessTokenValiditySeconds(3600) // 1 hour + .refreshTokenValiditySeconds(2592000) // 30 days + ; + } // @formatter:on + + @Override + public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception { + endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager); + } + + @Bean + public TokenStore tokenStore() { + return new InMemoryTokenStore(); + } + +}