diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java
index c2db6748f1..8fe4cda6a1 100644
--- a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java
+++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java
@@ -29,13 +29,15 @@ public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
.and()
- .requestMatchers().antMatchers("/foos/**","/bars/**")
+ .requestMatchers().antMatchers("/foos/**","/bars/**","/bazes/**")
.and()
.authorizeRequests()
- .antMatchers(HttpMethod.GET,"/foos/**").access("#oauth2.hasScope('read')")
- .antMatchers(HttpMethod.POST,"/foos/**").access("#oauth2.hasScope('write')")
- .antMatchers(HttpMethod.GET,"/bars/**").access("#oauth2.hasScope('read') and hasRole('ROLE_ADMIN')")
- .antMatchers(HttpMethod.POST,"/bars/**").access("#oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
+ .antMatchers(HttpMethod.GET,"/foos/**").access("#oauth2.hasScope('foo') and #oauth2.hasScope('read')")
+ .antMatchers(HttpMethod.POST,"/foos/**").access("#oauth2.hasScope('foo') and #oauth2.hasScope('write')")
+ .antMatchers(HttpMethod.GET,"/bars/**").access("#oauth2.hasScope('bar') and #oauth2.hasScope('read')")
+ .antMatchers(HttpMethod.POST,"/bars/**").access("#oauth2.hasScope('bar') and #oauth2.hasScope('write')")
+ .antMatchers(HttpMethod.GET,"/bazes/**").access("#oauth2.hasScope('read') and hasRole('ROLE_ADMIN')")
+ .antMatchers(HttpMethod.POST,"/bazes/**").access("#oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
;
// @formatter:on
}
diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BarController.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BarController.java
index 1f42f9dafd..938cf18129 100644
--- a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BarController.java
+++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BarController.java
@@ -21,7 +21,7 @@ public class BarController {
}
// API - read
- // @PreAuthorize("#oauth2.hasScope('read') and hasRole('ROLE_ADMIN')")
+ // @PreAuthorize("#oauth2.hasScope('bar') and #oauth2.hasScope('read')")
@RequestMapping(method = RequestMethod.GET, value = "/bars/{id}")
@ResponseBody
public Bar findById(@PathVariable final long id) {
@@ -29,7 +29,7 @@ public class BarController {
}
// API - write
- // @PreAuthorize("#oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
+ // @PreAuthorize("#oauth2.hasScope('bar') and #oauth2.hasScope('write')")
@RequestMapping(method = RequestMethod.POST, value = "/bars")
@ResponseStatus(HttpStatus.CREATED)
@ResponseBody
diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BazController.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BazController.java
new file mode 100644
index 0000000000..880f41de07
--- /dev/null
+++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/BazController.java
@@ -0,0 +1,41 @@
+package org.baeldung.web.controller;
+
+import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
+import static org.apache.commons.lang3.RandomStringUtils.randomNumeric;
+
+import org.baeldung.web.dto.Baz;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@Controller
+public class BazController {
+
+ public BazController() {
+ super();
+ }
+
+ // API - read
+ // @PreAuthorize("#oauth2.hasScope('read') and hasRole('ROLE_ADMIN')")
+ @RequestMapping(method = RequestMethod.GET, value = "/bazes/{id}")
+ @ResponseBody
+ public Baz findById(@PathVariable final long id) {
+ return new Baz(Long.parseLong(randomNumeric(2)), randomAlphabetic(4));
+ }
+
+ // API - write
+ // @PreAuthorize("#oauth2.hasScope('write') and hasRole('ROLE_ADMIN')")
+ @RequestMapping(method = RequestMethod.POST, value = "/bazes")
+ @ResponseStatus(HttpStatus.CREATED)
+ @ResponseBody
+ public Baz create(@RequestBody final Baz baz) {
+ baz.setId(Long.parseLong(randomNumeric(2)));
+ return baz;
+ }
+
+}
diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/FooController.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/FooController.java
index a1275670f0..d9ef1baa31 100644
--- a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/FooController.java
+++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/controller/FooController.java
@@ -21,7 +21,7 @@ public class FooController {
}
// API - read
- // @PreAuthorize("#oauth2.hasScope('read')")
+ // @PreAuthorize("#oauth2.hasScope('foo') and #oauth2.hasScope('read')")
@RequestMapping(method = RequestMethod.GET, value = "/foos/{id}")
@ResponseBody
public Foo findById(@PathVariable final long id) {
@@ -29,7 +29,7 @@ public class FooController {
}
// API - write
- // @PreAuthorize("#oauth2.hasScope('write')")
+ // @PreAuthorize("#oauth2.hasScope('foo') and #oauth2.hasScope('write')")
@RequestMapping(method = RequestMethod.POST, value = "/foos")
@ResponseStatus(HttpStatus.CREATED)
@ResponseBody
diff --git a/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/dto/Baz.java b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/dto/Baz.java
new file mode 100644
index 0000000000..69a6bf2e6a
--- /dev/null
+++ b/spring-security-oauth/spring-security-oauth-resource/src/main/java/org/baeldung/web/dto/Baz.java
@@ -0,0 +1,36 @@
+package org.baeldung.web.dto;
+
+public class Baz {
+ private long id;
+ private String name;
+
+ public Baz() {
+ super();
+ }
+
+ public Baz(final long id, final String name) {
+ super();
+
+ this.id = id;
+ this.name = name;
+ }
+
+ //
+
+ public long getId() {
+ return id;
+ }
+
+ public void setId(final long id) {
+ this.id = id;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(final String name) {
+ this.name = name;
+ }
+
+}
\ No newline at end of file
diff --git a/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java b/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java
index caae7760d3..c7c90d177a 100644
--- a/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java
+++ b/spring-security-oauth/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java
@@ -49,13 +49,19 @@ public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigur
clients.jdbc(dataSource())
.withClient("sampleClientId")
.authorizedGrantTypes("implicit")
- .scopes("read","write")
+ .scopes("read","write","foo","bar")
.autoApprove(false)
.and()
- .withClient("clientIdPassword")
+ .withClient("fooClientIdPassword")
.secret("secret")
.authorizedGrantTypes("password","authorization_code", "refresh_token")
- .scopes("read","write");
+ .scopes("foo","read","write")
+ .and()
+ .withClient("barClientIdPassword")
+ .secret("secret")
+ .authorizedGrantTypes("password","authorization_code", "refresh_token")
+ .scopes("bar","read","write")
+ ;
// @formatter:on
}
diff --git a/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/header.html b/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/header.html
index 8cd7be67c3..d3cf521c0a 100644
--- a/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/header.html
+++ b/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/header.html
@@ -13,7 +13,7 @@
site="http://localhost:8081/spring-security-oauth-server"
client-id="sampleClientId"
redirect-uri="http://localhost:8081/spring-security-oauth-ui-implicit/"
- scope="read write"
+ scope="read write foo bar"
template="oauthTemp">
@@ -94,6 +94,26 @@ app.controller('mainCtrl', function($scope,$resource,$http,$rootScope) {
});
}
+ // baz
+ $scope.baz = {id:0 , name:"sample baz"};
+ $scope.bazes = $resource("http://localhost:8081/spring-security-oauth-resource/bazes/:bazId",{bazId:'@id'});
+
+ $scope.getBaz = function(){
+ $scope.baz = $scope.bazes.get({bazId:$scope.baz.id});
+ }
+
+ $scope.createBaz = function(){
+ if($scope.baz.name.length==0)
+ {
+ $rootScope.message = "Baz name can not be empty";
+ return;
+ }
+ $scope.baz.id = null;
+ $scope.baz = $scope.bazes.save($scope.baz, function(){
+ $rootScope.message = "Baz Created Successfully";
+ });
+ }
+
});
/*]]>*/
diff --git a/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/index.html b/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/index.html
index c50781caf1..0b4c7563ce 100755
--- a/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/index.html
+++ b/spring-security-oauth/spring-security-oauth-ui-implicit/src/main/resources/templates/index.html
@@ -50,8 +50,31 @@
Get Bar
Create Bar
-
+
+
+
+
+
+Baz Details
+
+
+
+
+
+
+
+
+
+
+
+
+