security work for new scenario
This commit is contained in:
parent
03010d8f9f
commit
d3bed13184
|
@ -1,5 +1,4 @@
|
||||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<artifactId>spring-security-oauth-resource-demo</artifactId>
|
<artifactId>spring-security-oauth-resource-demo</artifactId>
|
||||||
<name>spring-security-oauth-resource-demo</name>
|
<name>spring-security-oauth-resource-demo</name>
|
||||||
|
@ -24,7 +23,12 @@
|
||||||
<artifactId>spring-security-oauth2</artifactId>
|
<artifactId>spring-security-oauth2</artifactId>
|
||||||
<version>${oauth.version}</version>
|
<version>${oauth.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security</groupId>
|
||||||
|
<artifactId>spring-security-jwt</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<!-- utils -->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.apache.commons</groupId>
|
<groupId>org.apache.commons</groupId>
|
||||||
<artifactId>commons-lang3</artifactId>
|
<artifactId>commons-lang3</artifactId>
|
||||||
|
|
|
@ -2,12 +2,16 @@ package org.baeldung.config;
|
||||||
|
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.context.annotation.Primary;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
||||||
|
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
|
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableResourceServer
|
@EnableResourceServer
|
||||||
|
@ -25,9 +29,31 @@ public class OAuth2ResourceServerConfig2 extends ResourceServerConfigurerAdapter
|
||||||
// @formatter:on
|
// @formatter:on
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(final ResourceServerSecurityConfigurer config) {
|
||||||
|
config.tokenServices(tokenServices());
|
||||||
|
}
|
||||||
|
|
||||||
|
// JWT
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@Primary
|
||||||
|
public DefaultTokenServices tokenServices() {
|
||||||
|
final DefaultTokenServices tokenServices = new DefaultTokenServices();
|
||||||
|
tokenServices.setTokenStore(tokenStore());
|
||||||
|
return tokenServices;
|
||||||
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public TokenStore tokenStore() {
|
public TokenStore tokenStore() {
|
||||||
return new InMemoryTokenStore();
|
return new JwtTokenStore(accessTokenConverter());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public JwtAccessTokenConverter accessTokenConverter() {
|
||||||
|
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||||
|
converter.setSigningKey("123");
|
||||||
|
return converter;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,6 +24,10 @@
|
||||||
<artifactId>spring-security-oauth2</artifactId>
|
<artifactId>spring-security-oauth2</artifactId>
|
||||||
<version>${oauth.version}</version>
|
<version>${oauth.version}</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security</groupId>
|
||||||
|
<artifactId>spring-security-jwt</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
</dependencies>
|
</dependencies>
|
||||||
|
|
||||||
|
|
|
@ -31,10 +31,9 @@ public class OAuth2AuthorizationServerConfig1 extends AuthorizationServerConfigu
|
||||||
clients.inMemory()
|
clients.inMemory()
|
||||||
.withClient("fooClientIdPassword")
|
.withClient("fooClientIdPassword")
|
||||||
.secret("secret")
|
.secret("secret")
|
||||||
.authorizedGrantTypes("password", "authorization_code", "refresh_token")
|
.authorizedGrantTypes("password", "authorization_code")
|
||||||
.scopes("foo", "read", "write")
|
.scopes("foo", "read", "write")
|
||||||
.accessTokenValiditySeconds(3600) // 1 hour
|
.accessTokenValiditySeconds(3600) // 1 hour
|
||||||
.refreshTokenValiditySeconds(2592000) // 30 days
|
|
||||||
;
|
;
|
||||||
} // @formatter:on
|
} // @formatter:on
|
||||||
|
|
||||||
|
|
|
@ -4,14 +4,18 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Qualifier;
|
import org.springframework.beans.factory.annotation.Qualifier;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.context.annotation.Primary;
|
||||||
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
||||||
|
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
|
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableAuthorizationServer
|
@EnableAuthorizationServer
|
||||||
|
@ -33,21 +37,42 @@ public class OAuth2AuthorizationServerConfig2 extends AuthorizationServerConfigu
|
||||||
clients.inMemory()
|
clients.inMemory()
|
||||||
.withClient("fooClientIdPassword")
|
.withClient("fooClientIdPassword")
|
||||||
.secret("secret")
|
.secret("secret")
|
||||||
.authorizedGrantTypes("password", "authorization_code", "refresh_token")
|
.authorizedGrantTypes("password", "authorization_code" )
|
||||||
.scopes("foo", "read", "write")
|
.scopes("foo", "read", "write")
|
||||||
.accessTokenValiditySeconds(3600) // 1 hour
|
.accessTokenValiditySeconds(3600) // 1 hour
|
||||||
.refreshTokenValiditySeconds(2592000) // 30 days
|
|
||||||
;
|
;
|
||||||
} // @formatter:on
|
} // @formatter:on
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
|
public void configure(final AuthorizationServerEndpointsConfigurer conf) { // @formatter:off
|
||||||
endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager);
|
conf.
|
||||||
|
tokenStore(tokenStore())
|
||||||
|
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
|
||||||
|
.accessTokenConverter(accessTokenConverter())
|
||||||
|
.authenticationManager(authenticationManager)
|
||||||
|
;
|
||||||
|
} // @formatter:on
|
||||||
|
|
||||||
|
// JWT
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@Primary
|
||||||
|
public DefaultTokenServices tokenServices() {
|
||||||
|
final DefaultTokenServices tokenServices = new DefaultTokenServices();
|
||||||
|
tokenServices.setTokenStore(tokenStore());
|
||||||
|
return tokenServices;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public TokenStore tokenStore() {
|
public TokenStore tokenStore() {
|
||||||
return new InMemoryTokenStore();
|
return new JwtTokenStore(accessTokenConverter());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public JwtAccessTokenConverter accessTokenConverter() {
|
||||||
|
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||||
|
converter.setSigningKey("123");
|
||||||
|
return converter;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue