From 5d2f0542fa14dbf9ec3e9a08c4d190575e7ee2c8 Mon Sep 17 00:00:00 2001
From: Loredana Crusoveanu <lore.crusoveanu@gmail.com>
Date: Fri, 12 Jan 2018 15:08:28 +0200
Subject: [PATCH] move oauth2 example to new project (#3388)

* move oauth2 example to new project

* formatting
---
 pom.xml                                       |   1 +
 spring-5-security/pom.xml                     |  95 ++++++++++++++++
 .../com/baeldung/oauth2/LoginController.java  |  75 +++++++++++++
 .../java/com/baeldung/oauth2/MvcConfig.java   |  15 +++
 .../com/baeldung/oauth2/SecurityConfig.java   | 102 ++++++++++++++++++
 .../oauth2/SpringOAuthApplication.java        |  13 +++
 .../resources/application-oauth2.properties   |   5 +
 .../src/main/resources/application.properties |   3 +
 .../src/main/resources/templates/index.html   |  11 ++
 .../resources/templates/loginFailure.html     |  10 ++
 .../resources/templates/loginSuccess.html     |  16 +++
 .../main/resources/templates/oauth_login.html |  22 ++++
 .../main/resources/templates/securedPage.html |  10 ++
 13 files changed, 378 insertions(+)
 create mode 100644 spring-5-security/pom.xml
 create mode 100644 spring-5-security/src/main/java/com/baeldung/oauth2/LoginController.java
 create mode 100644 spring-5-security/src/main/java/com/baeldung/oauth2/MvcConfig.java
 create mode 100644 spring-5-security/src/main/java/com/baeldung/oauth2/SecurityConfig.java
 create mode 100644 spring-5-security/src/main/java/com/baeldung/oauth2/SpringOAuthApplication.java
 create mode 100644 spring-5-security/src/main/resources/application-oauth2.properties
 create mode 100644 spring-5-security/src/main/resources/application.properties
 create mode 100644 spring-5-security/src/main/resources/templates/index.html
 create mode 100644 spring-5-security/src/main/resources/templates/loginFailure.html
 create mode 100644 spring-5-security/src/main/resources/templates/loginSuccess.html
 create mode 100644 spring-5-security/src/main/resources/templates/oauth_login.html
 create mode 100644 spring-5-security/src/main/resources/templates/securedPage.html

diff --git a/pom.xml b/pom.xml
index 73f1b27f7e..83cf00102e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -145,6 +145,7 @@
       <!--  <module>spring-5</module>-->
         <module>spring-5-reactive</module>
         <module>spring-5-mvc</module>
+        <module>spring-5-security</module>
         <module>spring-activiti</module>
         <module>spring-akka</module>
         <module>spring-amqp</module>
diff --git a/spring-5-security/pom.xml b/spring-5-security/pom.xml
new file mode 100644
index 0000000000..c0f73b1bdd
--- /dev/null
+++ b/spring-5-security/pom.xml
@@ -0,0 +1,95 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<groupId>com.baeldung</groupId>
+	<artifactId>spring-5-security</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<packaging>jar</packaging>
+
+	<name>spring-5-security</name>
+	<description>spring 5 security sample project</description>
+
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>2.0.0.M7</version>
+		<relativePath /> <!-- lookup parent from repository -->
+	</parent>
+
+	<dependencies>
+
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-thymeleaf</artifactId>
+		</dependency>
+
+		<!-- oauth2 -->
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-client</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-oauth2-jose</artifactId>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+
+			<plugin>
+				<groupId>org.apache.maven.plugins</groupId>
+				<artifactId>maven-surefire-plugin</artifactId>
+				<configuration>
+					<forkCount>3</forkCount>
+					<reuseForks>true</reuseForks>
+					<parallel>methods</parallel>
+					<useUnlimitedThreads>true</useUnlimitedThreads>
+					<excludes>
+						<exclude>**/*IntegrationTest.java</exclude>
+						<exclude>**/*LiveTest.java</exclude>
+					</excludes>
+				</configuration>
+			</plugin>
+		</plugins>
+	</build>
+	
+	<repositories>
+		<repository>
+			<id>spring-milestones</id>
+			<name>Spring Milestones</name>
+			<url>https://repo.spring.io/milestone</url>
+			<snapshots>
+				<enabled>false</enabled>
+			</snapshots>
+		</repository>
+	</repositories>
+	<pluginRepositories>
+		<pluginRepository>
+			<id>spring-milestones</id>
+			<name>Spring Milestones</name>
+			<url>https://repo.spring.io/milestone</url>
+			<snapshots>
+				<enabled>false</enabled>
+			</snapshots>
+		</pluginRepository>
+	</pluginRepositories>
+
+	<properties>
+		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
+		<java.version>1.8</java.version>
+	</properties>
+</project>
\ No newline at end of file
diff --git a/spring-5-security/src/main/java/com/baeldung/oauth2/LoginController.java b/spring-5-security/src/main/java/com/baeldung/oauth2/LoginController.java
new file mode 100644
index 0000000000..5d6c13bb0e
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/oauth2/LoginController.java
@@ -0,0 +1,75 @@
+package com.baeldung.oauth2;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.ResolvableType;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.util.StringUtils;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.client.RestTemplate;
+
+@Controller
+public class LoginController {
+
+    private static final String authorizationRequestBaseUri = "oauth2/authorize-client";
+    Map<String, String> oauth2AuthenticationUrls = new HashMap<>();
+
+    @Autowired
+    private ClientRegistrationRepository clientRegistrationRepository;
+    @Autowired
+    private OAuth2AuthorizedClientService authorizedClientService;
+
+    @GetMapping("/oauth_login")
+    public String getLoginPage(Model model) {
+        Iterable<ClientRegistration> clientRegistrations = null;
+        ResolvableType type = ResolvableType.forInstance(clientRegistrationRepository)
+            .as(Iterable.class);
+        if (type != ResolvableType.NONE && ClientRegistration.class.isAssignableFrom(type.resolveGenerics()[0])) {
+            clientRegistrations = (Iterable<ClientRegistration>) clientRegistrationRepository;
+        }
+
+        clientRegistrations.forEach(registration -> oauth2AuthenticationUrls.put(registration.getClientName(), authorizationRequestBaseUri + "/" + registration.getRegistrationId()));
+        model.addAttribute("urls", oauth2AuthenticationUrls);
+
+        return "oauth_login";
+    }
+
+    @GetMapping("/loginSuccess")
+    public String getLoginInfo(Model model, OAuth2AuthenticationToken authentication) {
+
+        OAuth2AuthorizedClient client = authorizedClientService.loadAuthorizedClient(authentication.getAuthorizedClientRegistrationId(), authentication.getName());
+
+        String userInfoEndpointUri = client.getClientRegistration()
+            .getProviderDetails()
+            .getUserInfoEndpoint()
+            .getUri();
+
+        if (!StringUtils.isEmpty(userInfoEndpointUri)) {
+            RestTemplate restTemplate = new RestTemplate();
+            HttpHeaders headers = new HttpHeaders();
+            headers.add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken()
+                .getTokenValue());
+
+            HttpEntity<String> entity = new HttpEntity<String>("", headers);
+
+            ResponseEntity<Map> response = restTemplate.exchange(userInfoEndpointUri, HttpMethod.GET, entity, Map.class);
+            Map userAttributes = response.getBody();
+            model.addAttribute("name", userAttributes.get("name"));
+        }
+
+        return "loginSuccess";
+    }
+
+}
diff --git a/spring-5-security/src/main/java/com/baeldung/oauth2/MvcConfig.java b/spring-5-security/src/main/java/com/baeldung/oauth2/MvcConfig.java
new file mode 100644
index 0000000000..07d783b63d
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/oauth2/MvcConfig.java
@@ -0,0 +1,15 @@
+package com.baeldung.oauth2;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class MvcConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("securedPage");
+        registry.addViewController("loginFailure");
+    }
+}
diff --git a/spring-5-security/src/main/java/com/baeldung/oauth2/SecurityConfig.java b/spring-5-security/src/main/java/com/baeldung/oauth2/SecurityConfig.java
new file mode 100644
index 0000000000..b45f325767
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/oauth2/SecurityConfig.java
@@ -0,0 +1,102 @@
+package com.baeldung.oauth2;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.oauth2.client.CommonOAuth2Provider;
+import org.springframework.security.oauth2.client.endpoint.NimbusAuthorizationCodeTokenResponseClient;
+import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
+import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
+import org.springframework.security.oauth2.client.web.AuthorizationRequestRepository;
+import org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository;
+import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
+
+@Configuration
+@PropertySource("application-oauth2.properties")
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+            .antMatchers("/oauth_login", "/loginFailure", "/")
+            .permitAll()
+            .anyRequest()
+            .authenticated()
+            .and()
+            .oauth2Login()
+            .loginPage("/oauth_login")
+            .authorizationEndpoint()
+            .baseUri("/oauth2/authorize-client")
+            .authorizationRequestRepository(authorizationRequestRepository())
+            .and()
+            .tokenEndpoint()
+            .accessTokenResponseClient(accessTokenResponseClient())
+            .and()
+            .defaultSuccessUrl("/loginSuccess")
+            .failureUrl("/loginFailure");
+    }
+
+    @Bean
+    public AuthorizationRequestRepository<OAuth2AuthorizationRequest> authorizationRequestRepository() {
+        return new HttpSessionOAuth2AuthorizationRequestRepository();
+    }
+
+    @Bean
+    public OAuth2AccessTokenResponseClient<OAuth2AuthorizationCodeGrantRequest> accessTokenResponseClient() {
+        return new NimbusAuthorizationCodeTokenResponseClient();
+    }
+
+    
+    // additional configuration for non-Spring Boot projects
+    private static List<String> clients = Arrays.asList("google", "facebook");
+
+    //@Bean
+    public ClientRegistrationRepository clientRegistrationRepository() {
+        List<ClientRegistration> registrations = clients.stream()
+            .map(c -> getRegistration(c))
+            .filter(registration -> registration != null)
+            .collect(Collectors.toList());
+
+        return new InMemoryClientRegistrationRepository(registrations);
+    }
+
+    private static String CLIENT_PROPERTY_KEY = "spring.security.oauth2.client.registration.";
+
+    @Autowired
+    private Environment env;
+
+    private ClientRegistration getRegistration(String client) {
+        String clientId = env.getProperty(CLIENT_PROPERTY_KEY + client + ".client-id");
+
+        if (clientId == null) {
+            return null;
+        }
+
+        String clientSecret = env.getProperty(CLIENT_PROPERTY_KEY + client + ".client-secret");
+        if (client.equals("google")) {
+            return CommonOAuth2Provider.GOOGLE.getBuilder(client)
+                .clientId(clientId)
+                .clientSecret(clientSecret)
+                .build();
+        }
+        if (client.equals("facebook")) {
+            return CommonOAuth2Provider.FACEBOOK.getBuilder(client)
+                .clientId(clientId)
+                .clientSecret(clientSecret)
+                .build();
+        }
+        return null;
+    }
+
+}
diff --git a/spring-5-security/src/main/java/com/baeldung/oauth2/SpringOAuthApplication.java b/spring-5-security/src/main/java/com/baeldung/oauth2/SpringOAuthApplication.java
new file mode 100644
index 0000000000..557c23b368
--- /dev/null
+++ b/spring-5-security/src/main/java/com/baeldung/oauth2/SpringOAuthApplication.java
@@ -0,0 +1,13 @@
+package com.baeldung.oauth2;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class SpringOAuthApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(SpringOAuthApplication.class, args);
+    }
+
+}
diff --git a/spring-5-security/src/main/resources/application-oauth2.properties b/spring-5-security/src/main/resources/application-oauth2.properties
new file mode 100644
index 0000000000..5365bf8542
--- /dev/null
+++ b/spring-5-security/src/main/resources/application-oauth2.properties
@@ -0,0 +1,5 @@
+spring.security.oauth2.client.registration.google.client-id=368238083842-3d4gc7p54rs6bponn0qhn4nmf6apf24a.apps.googleusercontent.com
+spring.security.oauth2.client.registration.google.client-secret=2RM2QkEaf3A8-iCNqSfdG8wP
+
+spring.security.oauth2.client.registration.facebook.client-id=151640435578187
+spring.security.oauth2.client.registration.facebook.client-secret=3724fb293d401245b1ce7b2d70e97571
\ No newline at end of file
diff --git a/spring-5-security/src/main/resources/application.properties b/spring-5-security/src/main/resources/application.properties
new file mode 100644
index 0000000000..ccec014c2b
--- /dev/null
+++ b/spring-5-security/src/main/resources/application.properties
@@ -0,0 +1,3 @@
+server.port=8081
+
+logging.level.root=INFO
\ No newline at end of file
diff --git a/spring-5-security/src/main/resources/templates/index.html b/spring-5-security/src/main/resources/templates/index.html
new file mode 100644
index 0000000000..4216d74037
--- /dev/null
+++ b/spring-5-security/src/main/resources/templates/index.html
@@ -0,0 +1,11 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+    <title>Home</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+</head>
+<body>
+   Home
+   Welcome!
+</body>
+</html>
\ No newline at end of file
diff --git a/spring-5-security/src/main/resources/templates/loginFailure.html b/spring-5-security/src/main/resources/templates/loginFailure.html
new file mode 100644
index 0000000000..75007a9aec
--- /dev/null
+++ b/spring-5-security/src/main/resources/templates/loginFailure.html
@@ -0,0 +1,10 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+    <title>Login Failure</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+</head>
+<body>
+   Login Failure
+</body>
+</html>
\ No newline at end of file
diff --git a/spring-5-security/src/main/resources/templates/loginSuccess.html b/spring-5-security/src/main/resources/templates/loginSuccess.html
new file mode 100644
index 0000000000..3923297d03
--- /dev/null
+++ b/spring-5-security/src/main/resources/templates/loginSuccess.html
@@ -0,0 +1,16 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+    <title>Login Success</title>
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <link rel="stylesheet"
+	href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css" />
+</head>
+<body>
+<h3>
+<div class="label label-info">
+   Welcome, <span th:text="${name}">user</span>!
+   </div>
+   </h3>
+</body>
+</html>
\ No newline at end of file
diff --git a/spring-5-security/src/main/resources/templates/oauth_login.html b/spring-5-security/src/main/resources/templates/oauth_login.html
new file mode 100644
index 0000000000..7017d2a75c
--- /dev/null
+++ b/spring-5-security/src/main/resources/templates/oauth_login.html
@@ -0,0 +1,22 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>Oauth2 Login</title>
+<link rel="stylesheet"
+	href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css" />
+</head>
+
+<body>
+<div class="container">
+	<div class="col-sm-3 well">
+		<h3>Login with:</h3>
+		<div class="list-group">
+			<p th:each="url : ${urls}">
+				<a th:text="${url.key}" th:href="${url.value}" class="list-group-item active">Client</a>
+			</p>
+		</div>
+	</div>
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/spring-5-security/src/main/resources/templates/securedPage.html b/spring-5-security/src/main/resources/templates/securedPage.html
new file mode 100644
index 0000000000..8fb5986a36
--- /dev/null
+++ b/spring-5-security/src/main/resources/templates/securedPage.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="ISO-8859-1">
+<title>Secured Page</title>
+</head>
+<body>
+Secured Page - Welcome
+</body>
+</html>
\ No newline at end of file