BAEL-3569: Jersey RESTful Web Services with Spring Security OAuth2 (#9949)

* BAEL-3569 Jersey REST service with Spring Security OAuth * BAEL-3569 Fix indentation spaces
2020-09-17 09:24:28 +07:00 · 2020-09-17 09:24:28 +07:00 · 60b28c767b
parent 8928164d22
commit 60b28c767b
7 changed files with 155 additions and 1 deletions
--- a/spring-5-security-oauth/pom.xml
+++ b/spring-5-security-oauth/pom.xml
@ -32,6 +32,10 @@
            <groupId>org.thymeleaf.extras</groupId>
            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-jersey</artifactId>
+        </dependency>

        <!-- oauth2 -->
        <dependency>
@ -63,7 +67,7 @@
            <scope>test</scope>
        </dependency>
    </dependencies>
-	
+
    <properties>
        <start-class>com.baeldung.oauth2.SpringOAuthApplication</start-class>
    </properties>
--- a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyApplication.java
+++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyApplication.java
@ -0,0 +1,13 @@
+package com.baeldung.jersey;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.PropertySource;
+
+@SpringBootApplication
+@PropertySource("classpath:jersey-application.properties")
+public class JerseyApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(JerseyApplication.class, args);
+    }
+}
--- a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyResource.java
+++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyResource.java
@ -0,0 +1,30 @@
+package com.baeldung.jersey;
+
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
+
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Context;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.SecurityContext;
+
+@Path("/")
+public class JerseyResource {
+    @GET
+    @Path("login")
+    @Produces(MediaType.TEXT_HTML)
+    public String login() {
+        return "Log in with <a href=\"/oauth2/authorization/github\">GitHub</a>";
+    }
+
+    @GET
+    @Produces(MediaType.TEXT_PLAIN)
+    public String home(@Context SecurityContext securityContext) {
+        OAuth2AuthenticationToken authenticationToken = (OAuth2AuthenticationToken) securityContext.getUserPrincipal();
+        OAuth2AuthenticatedPrincipal authenticatedPrincipal = authenticationToken.getPrincipal();
+        String userName = authenticatedPrincipal.getAttribute("login");
+        return "Hello " + userName;
+    }
+}
--- a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/RestConfig.java
+++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/RestConfig.java
@ -0,0 +1,11 @@
+package com.baeldung.jersey;
+
+import org.glassfish.jersey.server.ResourceConfig;
+import org.springframework.stereotype.Component;
+
+@Component
+public class RestConfig extends ResourceConfig {
+    public RestConfig() {
+        register(JerseyResource.class);
+    }
+}
--- a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/SecurityConfig.java
+++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/SecurityConfig.java
@ -0,0 +1,21 @@
+package com.baeldung.jersey;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+          .authorizeRequests()
+          .antMatchers("/login")
+          .permitAll()
+          .anyRequest()
+          .authenticated()
+          .and()
+          .oauth2Login()
+          .loginPage("/login");
+    }
+}
--- a/spring-5-security-oauth/src/main/resources/jersey-application.properties
+++ b/spring-5-security-oauth/src/main/resources/jersey-application.properties
@ -0,0 +1,3 @@
+server.port=8083
+spring.security.oauth2.client.registration.github.client-id=<your-client-id>
+spring.security.oauth2.client.registration.github.client-secret=<your-client-secret>
--- a/spring-5-security-oauth/src/test/java/com/baeldung/jersey/JerseyResourceUnitTest.java
+++ b/spring-5-security-oauth/src/test/java/com/baeldung/jersey/JerseyResourceUnitTest.java
@ -0,0 +1,72 @@
+package com.baeldung.jersey;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.web.client.TestRestTemplate;
+import org.springframework.boot.web.server.LocalServerPort;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import java.net.URI;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT;
+import static org.springframework.http.MediaType.TEXT_HTML;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(webEnvironment = RANDOM_PORT)
+@TestPropertySource(properties = "spring.security.oauth2.client.registration.github.client-id:test-id")
+public class JerseyResourceUnitTest {
+    @Autowired
+    private TestRestTemplate restTemplate;
+
+    @LocalServerPort
+    private int port;
+
+    private String basePath;
+
+    @Before
+    public void setup() {
+        basePath = "http://localhost:" + port + "/";
+    }
+
+    @Test
+    public void whenUserIsUnauthenticated_thenTheyAreRedirectedToLoginPage() {
+        ResponseEntity<Object> response = restTemplate.getForEntity(basePath, Object.class);
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FOUND);
+        assertThat(response.getBody()).isNull();
+
+        URI redirectLocation = response.getHeaders().getLocation();
+        assertThat(redirectLocation).isNotNull();
+        assertThat(redirectLocation.toString()).isEqualTo(basePath + "login");
+    }
+
+    @Test
+    public void whenUserAttemptsToLogin_thenAuthorizationPathIsReturned() {
+        ResponseEntity<String> response = restTemplate.getForEntity(basePath + "login", String.class);
+        assertThat(response.getHeaders().getContentType()).isEqualTo(TEXT_HTML);
+        assertThat(response.getBody()).isEqualTo("Log in with <a href=\"/oauth2/authorization/github\">GitHub</a>");
+    }
+
+    @Test
+    public void whenUserAccessesAuthorizationEndpoint_thenTheyAresRedirectedToProvider() {
+        ResponseEntity<String> response = restTemplate.getForEntity(basePath + "oauth2/authorization/github", String.class);
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FOUND);
+        assertThat(response.getBody()).isNull();
+
+        URI redirectLocation = response.getHeaders().getLocation();
+        assertThat(redirectLocation).isNotNull();
+        assertThat(redirectLocation.getHost()).isEqualTo("github.com");
+        assertThat(redirectLocation.getPath()).isEqualTo("/login/oauth/authorize");
+
+        String redirectionQuery = redirectLocation.getQuery();
+        assertThat(redirectionQuery.contains("response_type=code"));
+        assertThat(redirectionQuery.contains("client_id=test-id"));
+        assertThat(redirectionQuery.contains("scope=read:user"));
+    }
+}