iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security work for new scenario

This commit is contained in:
eugenp 2016-03-01 22:31:35 +02:00
parent 03010d8f9f
commit d3bed13184
5 changed files with 100 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
spring-security-oauth/spring-security-oauth-resource-demo/pom.xml
View File

@ -1,5 +1,4 @@
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion> <modelVersion>4.0.0</modelVersion>
<artifactId>spring-security-oauth-resource-demo</artifactId> <artifactId>spring-security-oauth-resource-demo</artifactId>
<name>spring-security-oauth-resource-demo</name> <name>spring-security-oauth-resource-demo</name>
@ -24,7 +23,12 @@
<artifactId>spring-security-oauth2</artifactId> <artifactId>spring-security-oauth2</artifactId>
<version>${oauth.version}</version> <version>${oauth.version}</version>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
</dependency>
<!-- utils -->
<dependency> <dependency>
<groupId>org.apache.commons</groupId> <groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId> <artifactId>commons-lang3</artifactId>

30
spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig2.java
View File

@ -2,12 +2,16 @@ package org.baeldung.config;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration @Configuration
@EnableResourceServer @EnableResourceServer
@ -25,9 +29,31 @@ public class OAuth2ResourceServerConfig2 extends ResourceServerConfigurerAdapter
// @formatter:on // @formatter:on
} }
@Override
public void configure(final ResourceServerSecurityConfigurer config) {
config.tokenServices(tokenServices());
}
// JWT
@Bean
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(tokenStore());
return tokenServices;
}
@Bean @Bean
public TokenStore tokenStore() { public TokenStore tokenStore() {
return new InMemoryTokenStore(); return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
} }
} }

4
spring-security-oauth/spring-security-oauth-server-demo/pom.xml
View File

@ -24,6 +24,10 @@
<artifactId>spring-security-oauth2</artifactId> <artifactId>spring-security-oauth2</artifactId>
<version>${oauth.version}</version> <version>${oauth.version}</version>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
</dependency>
</dependencies> </dependencies>

3
spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig1.java
View File

@ -31,10 +31,9 @@ public class OAuth2AuthorizationServerConfig1 extends AuthorizationServerConfigu
clients.inMemory() clients.inMemory()
.withClient("fooClientIdPassword") .withClient("fooClientIdPassword")
.secret("secret") .secret("secret")
.authorizedGrantTypes("password", "authorization_code", "refresh_token") .authorizedGrantTypes("password", "authorization_code")
.scopes("foo", "read", "write") .scopes("foo", "read", "write")
.accessTokenValiditySeconds(3600) // 1 hour .accessTokenValiditySeconds(3600) // 1 hour
.refreshTokenValiditySeconds(2592000) // 30 days
; ;
} // @formatter:on } // @formatter:on

37
spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig2.java
View File

@ -4,14 +4,18 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration @Configuration
@EnableAuthorizationServer @EnableAuthorizationServer
@ -33,21 +37,42 @@ public class OAuth2AuthorizationServerConfig2 extends AuthorizationServerConfigu
clients.inMemory() clients.inMemory()
.withClient("fooClientIdPassword") .withClient("fooClientIdPassword")
.secret("secret") .secret("secret")
.authorizedGrantTypes("password", "authorization_code", "refresh_token") .authorizedGrantTypes("password", "authorization_code" )
.scopes("foo", "read", "write") .scopes("foo", "read", "write")
.accessTokenValiditySeconds(3600) // 1 hour .accessTokenValiditySeconds(3600) // 1 hour
.refreshTokenValiditySeconds(2592000) // 30 days
; ;
} // @formatter:on } // @formatter:on
@Override @Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception { public void configure(final AuthorizationServerEndpointsConfigurer conf) { // @formatter:off
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager); conf.
tokenStore(tokenStore())
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
.accessTokenConverter(accessTokenConverter())
.authenticationManager(authenticationManager)
;
} // @formatter:on
// JWT
@Bean
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(tokenStore());
return tokenServices;
} }
@Bean @Bean
public TokenStore tokenStore() { public TokenStore tokenStore() {
return new InMemoryTokenStore(); return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey("123");
return converter;
} }
} }