Merge pull request #164 from Doha2012/master
modify reddit authentication
This commit is contained in:
commit
7208be123d
|
@ -21,7 +21,11 @@
|
|||
<artifactId>spring-security-config</artifactId>
|
||||
<version>${org.springframework.security.version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>${org.springframework.security.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security.oauth</groupId>
|
||||
<artifactId>spring-security-oauth2</artifactId>
|
||||
|
@ -152,6 +156,7 @@
|
|||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!-- marshalling -->
|
||||
|
||||
<dependency>
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
package org.baeldung.config;
|
||||
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.inMemoryAuthentication();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(WebSecurity web) throws Exception {
|
||||
web.ignoring().antMatchers("/resources/**");
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
// @formatter:off
|
||||
http.authorizeRequests()
|
||||
.antMatchers("/","/login").permitAll()
|
||||
.anyRequest().hasRole("USER")
|
||||
.and()
|
||||
.httpBasic().authenticationEntryPoint(oauth2AuthenticationEntryPoint());
|
||||
|
||||
// @formatter:on
|
||||
}
|
||||
|
||||
private LoginUrlAuthenticationEntryPoint oauth2AuthenticationEntryPoint() {
|
||||
return new LoginUrlAuthenticationEntryPoint("/login");
|
||||
}
|
||||
|
||||
}
|
|
@ -25,6 +25,7 @@ import org.springframework.web.servlet.ViewResolver;
|
|||
import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
|
||||
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
|
||||
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
|
||||
import org.springframework.web.servlet.view.InternalResourceViewResolver;
|
||||
|
||||
|
@ -42,7 +43,7 @@ public class WebConfig extends WebMvcConfigurerAdapter {
|
|||
|
||||
@Bean
|
||||
public ViewResolver viewResolver() {
|
||||
InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
|
||||
final InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
|
||||
viewResolver.setPrefix("/WEB-INF/jsp/");
|
||||
viewResolver.setSuffix(".jsp");
|
||||
return viewResolver;
|
||||
|
@ -53,13 +54,20 @@ public class WebConfig extends WebMvcConfigurerAdapter {
|
|||
configurer.enable();
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addViewControllers(final ViewControllerRegistry registry) {
|
||||
super.addViewControllers(registry);
|
||||
registry.addViewController("/home.html");
|
||||
}
|
||||
|
||||
@Bean
|
||||
public ScheduledTasks scheduledTasks(OAuth2ProtectedResourceDetails reddit) {
|
||||
ScheduledTasks s = new ScheduledTasks();
|
||||
final ScheduledTasks s = new ScheduledTasks();
|
||||
s.setRedditRestTemplate(new OAuth2RestTemplate(reddit));
|
||||
return s;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void addResourceHandlers(ResourceHandlerRegistry registry) {
|
||||
registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
|
||||
}
|
||||
|
@ -83,7 +91,7 @@ public class WebConfig extends WebMvcConfigurerAdapter {
|
|||
|
||||
@Bean
|
||||
public OAuth2ProtectedResourceDetails reddit() {
|
||||
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
|
||||
final AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
|
||||
details.setId("reddit");
|
||||
details.setClientId(clientID);
|
||||
details.setClientSecret(clientSecret);
|
||||
|
@ -92,13 +100,15 @@ public class WebConfig extends WebMvcConfigurerAdapter {
|
|||
details.setTokenName("oauth_token");
|
||||
details.setScope(Arrays.asList("identity", "read", "submit"));
|
||||
details.setGrantType("authorization_code");
|
||||
details.setPreEstablishedRedirectUri("http://localhost:8080/spring-security-oauth/login");
|
||||
details.setUseCurrentUri(false);
|
||||
return details;
|
||||
}
|
||||
|
||||
@Bean
|
||||
public OAuth2RestTemplate redditRestTemplate(OAuth2ClientContext clientContext) {
|
||||
OAuth2RestTemplate template = new OAuth2RestTemplate(reddit(), clientContext);
|
||||
AccessTokenProvider accessTokenProvider = new AccessTokenProviderChain(Arrays.<AccessTokenProvider> asList(new MyAuthorizationCodeAccessTokenProvider(), new ImplicitAccessTokenProvider(), new ResourceOwnerPasswordAccessTokenProvider(),
|
||||
final OAuth2RestTemplate template = new OAuth2RestTemplate(reddit(), clientContext);
|
||||
final AccessTokenProvider accessTokenProvider = new AccessTokenProviderChain(Arrays.<AccessTokenProvider> asList(new MyAuthorizationCodeAccessTokenProvider(), new ImplicitAccessTokenProvider(), new ResourceOwnerPasswordAccessTokenProvider(),
|
||||
new ClientCredentialsAccessTokenProvider()));
|
||||
template.setAccessTokenProvider(accessTokenProvider);
|
||||
return template;
|
||||
|
|
|
@ -2,13 +2,12 @@ package org.baeldung.web;
|
|||
|
||||
import java.text.ParseException;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.Arrays;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.baeldung.persistence.dao.PostRepository;
|
||||
import org.baeldung.persistence.dao.UserRepository;
|
||||
import org.baeldung.persistence.model.Post;
|
||||
|
@ -18,6 +17,9 @@ import org.slf4j.Logger;
|
|||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
|
||||
import org.springframework.security.oauth2.common.OAuth2AccessToken;
|
||||
import org.springframework.stereotype.Controller;
|
||||
|
@ -48,13 +50,11 @@ public class RedditController {
|
|||
@Autowired
|
||||
private PostRepository postReopsitory;
|
||||
|
||||
@RequestMapping("/info")
|
||||
public final String getInfo(HttpSession session) {
|
||||
@RequestMapping("/login")
|
||||
public final String redditLogin() {
|
||||
final JsonNode node = redditRestTemplate.getForObject("https://oauth.reddit.com/api/v1/me", JsonNode.class);
|
||||
final String name = node.get("name").asText();
|
||||
addUser(name, redditRestTemplate.getAccessToken());
|
||||
session.setAttribute("username", name);
|
||||
return "reddit";
|
||||
loadAuthentication(node.get("name").asText(), redditRestTemplate.getAccessToken());
|
||||
return "redirect:home.html";
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/submit", method = RequestMethod.POST)
|
||||
|
@ -207,25 +207,26 @@ public class RedditController {
|
|||
}
|
||||
}
|
||||
|
||||
private final void addUser(final String name, final OAuth2AccessToken token) {
|
||||
private final void loadAuthentication(final String name, final OAuth2AccessToken token) {
|
||||
User user = userReopsitory.findByUsername(name);
|
||||
if (user == null) {
|
||||
user = new User();
|
||||
user.setUsername(name);
|
||||
user.setAccessToken(token.getValue());
|
||||
user.setRefreshToken(token.getRefreshToken().getValue());
|
||||
user.setTokenExpiration(token.getExpiration());
|
||||
}
|
||||
|
||||
final String needsCaptchaResult = needsCaptcha();
|
||||
if (needsCaptchaResult.equalsIgnoreCase("true")) {
|
||||
if (needsCaptcha().equalsIgnoreCase("true")) {
|
||||
user.setNeedCaptcha(true);
|
||||
} else {
|
||||
user.setNeedCaptcha(false);
|
||||
}
|
||||
|
||||
user.setAccessToken(token.getValue());
|
||||
user.setRefreshToken(token.getRefreshToken().getValue());
|
||||
user.setTokenExpiration(token.getExpiration());
|
||||
userReopsitory.save(user);
|
||||
|
||||
final UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(user, token.getValue(), Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")));
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -23,20 +23,14 @@ border-color: #ddd;
|
|||
<body>
|
||||
<nav class="navbar navbar-default">
|
||||
<div class="container-fluid">
|
||||
<!-- Brand and toggle get grouped for better mobile display -->
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="<c:url value="/info" />">Schedule to Reddit</a>
|
||||
<a class="navbar-brand" href="<c:url value="/home.html" />">Schedule to Reddit</a>
|
||||
</div>
|
||||
|
||||
<p class="navbar-text navbar-right">Logged in as <b><c:out value="${username}"/></b> </p>
|
||||
<p class="navbar-text navbar-right">Logged in as
|
||||
<b><sec:authentication property="principal.username" /></b>
|
||||
</p>
|
||||
|
||||
<!-- Collect the nav links, forms, and other content for toggling -->
|
||||
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
|
||||
<ul class="nav navbar-nav">
|
||||
<li><a href="<c:url value="/posts" />">My Scheduled Posts</a></li>
|
||||
|
|
|
@ -1,4 +1,5 @@
|
|||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
|
||||
<html>
|
||||
<head>
|
||||
|
||||
|
@ -9,20 +10,14 @@
|
|||
<body>
|
||||
<nav class="navbar navbar-default">
|
||||
<div class="container-fluid">
|
||||
<!-- Brand and toggle get grouped for better mobile display -->
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="#">Schedule to Reddit</a>
|
||||
</div>
|
||||
|
||||
<p class="navbar-text navbar-right">Logged in as <b><c:out value="${username}"/></b> </p>
|
||||
<p class="navbar-text navbar-right">Logged in as
|
||||
<b><sec:authentication property="principal.username" /></b>
|
||||
</p>
|
||||
|
||||
<!-- Collect the nav links, forms, and other content for toggling -->
|
||||
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
|
||||
<ul class="nav navbar-nav">
|
||||
<li><a href="posts">My Scheduled Posts</a></li>
|
||||
|
@ -34,12 +29,11 @@
|
|||
</div><!-- /.container-fluid -->
|
||||
</nav>
|
||||
<div class="container">
|
||||
<h1>Welcome, <small><c:out value="${username}"/></small></h1>
|
||||
<h1>Welcome, <small><sec:authentication property="principal.username" /></small></h1>
|
||||
<br>
|
||||
<a href="posts" class="btn btn-primary">My Scheduled Posts</a>
|
||||
<a href="post" class="btn btn-primary">Post to Reddit</a>
|
||||
<a href="postSchedule" class="btn btn-primary">Schedule Post to Reddit</a>
|
||||
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -1,5 +1,6 @@
|
|||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
|
||||
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
|
@ -11,20 +12,14 @@
|
|||
<body>
|
||||
<nav class="navbar navbar-default">
|
||||
<div class="container-fluid">
|
||||
<!-- Brand and toggle get grouped for better mobile display -->
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="info">Schedule to Reddit</a>
|
||||
<a class="navbar-brand" href="home.html">Schedule to Reddit</a>
|
||||
</div>
|
||||
|
||||
<p class="navbar-text navbar-right">Logged in as <b><c:out value="${username}"/></b> </p>
|
||||
<p class="navbar-text navbar-right">Logged in as
|
||||
<b><sec:authentication property="principal.username" /></b>
|
||||
</p>
|
||||
|
||||
<!-- Collect the nav links, forms, and other content for toggling -->
|
||||
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
|
||||
<ul class="nav navbar-nav">
|
||||
<li class="active"><a href="posts">My Scheduled Posts</a></li>
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
|
||||
|
@ -23,20 +25,14 @@ border-color: #ddd;
|
|||
<body>
|
||||
<nav class="navbar navbar-default">
|
||||
<div class="container-fluid">
|
||||
<!-- Brand and toggle get grouped for better mobile display -->
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="info">Schedule to Reddit</a>
|
||||
<a class="navbar-brand" href="home.html">Schedule to Reddit</a>
|
||||
</div>
|
||||
|
||||
<p class="navbar-text navbar-right">Logged in as <b><c:out value="${username}"/></b> </p>
|
||||
<p class="navbar-text navbar-right">Logged in as
|
||||
<b><sec:authentication property="principal.username" /></b>
|
||||
</p>
|
||||
|
||||
<!-- Collect the nav links, forms, and other content for toggling -->
|
||||
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
|
||||
<ul class="nav navbar-nav">
|
||||
<li><a href="posts">My Scheduled Posts</a></li>
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
|
||||
|
@ -21,20 +23,14 @@ border-color: #ddd;
|
|||
<body>
|
||||
<nav class="navbar navbar-default">
|
||||
<div class="container-fluid">
|
||||
<!-- Brand and toggle get grouped for better mobile display -->
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="info">Schedule to Reddit</a>
|
||||
<a class="navbar-brand" href="home.html">Schedule to Reddit</a>
|
||||
</div>
|
||||
|
||||
<p class="navbar-text navbar-right">Logged in as <b><c:out value="${username}"/></b> </p>
|
||||
<p class="navbar-text navbar-right">Logged in as
|
||||
<b><sec:authentication property="principal.username" /></b>
|
||||
</p>
|
||||
|
||||
<!-- Collect the nav links, forms, and other content for toggling -->
|
||||
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
|
||||
<ul class="nav navbar-nav">
|
||||
<li><a href="posts">My Scheduled Posts</a></li>
|
||||
|
|
|
@ -1,4 +1,6 @@
|
|||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||
<%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags"%>
|
||||
|
||||
<html>
|
||||
<head>
|
||||
|
||||
|
@ -9,20 +11,14 @@
|
|||
<body>
|
||||
<nav class="navbar navbar-default">
|
||||
<div class="container-fluid">
|
||||
<!-- Brand and toggle get grouped for better mobile display -->
|
||||
<div class="navbar-header">
|
||||
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1">
|
||||
<span class="sr-only">Toggle navigation</span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
<span class="icon-bar"></span>
|
||||
</button>
|
||||
<a class="navbar-brand" href="info">Schedule to Reddit</a>
|
||||
<a class="navbar-brand" href="home.html">Schedule to Reddit</a>
|
||||
</div>
|
||||
|
||||
<p class="navbar-text navbar-right">Logged in as <b><c:out value="${username}"/></b> </p>
|
||||
<p class="navbar-text navbar-right">Logged in as
|
||||
<b><sec:authentication property="principal.username" /></b>
|
||||
</p>
|
||||
|
||||
<!-- Collect the nav links, forms, and other content for toggling -->
|
||||
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
|
||||
<ul class="nav navbar-nav">
|
||||
<li><a href="posts">My Scheduled Posts</a></li>
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<body>
|
||||
<div class="container">
|
||||
<h1>Schedule to Reddit</h1>
|
||||
<a href="info" class="btn btn-primary">Login with Reddit</a>
|
||||
<a href="login" class="btn btn-primary">Login with Reddit</a>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
Loading…
Reference in New Issue