iSharkFly-Docs/java-tutorials
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

JAVA-13321 Removed code unrelated to spring-cloud-gateway article topics

Browse Source
This commit is contained in:
Anastasios Ioannidis 2023-08-18 11:30:56 +03:00
parent 2c75cd99ce
commit f1b3f233dc
10 changed files with 0 additions and 332 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/README-OAuth.md
View File

@ -1,40 +0,0 @@
# OAuth Test Setup
In order to test the OAuth-secured gateway configurations, please follow the steps below
## Keycloak setup
1. Clone or download the https://github.com/Baeldung/spring-security-oauth project
2. Replace the file `oauth-rest/oauth-authorization-server/src/main/resources/baeldung-realm.json`
with the one provider here
3. Go to the oauth-rest/oauth-authorization-server folder and use maven to build the project
4. Run the Keycloack service with `mvn spring-boot:run`
5. Once Keycloak is up and running, go to `http://localhost:8083/auth/admin/master/console/#/realms/baeldung` and
log in with using `bael-admin/pass` as credentials
6. Create two test users, so that one belongs to the *Golden Customers* group and the other doesn't.
## Quotes backend
Use the provided maven profile:
```
$ mvn spring-boot:run -Pquotes-application
```
## Gateway as Resource Server
Use the provided maven profile:
```
$ mvn spring-boot:run -Pgateway-as-resource-server
```
## Gateway as OAuth 2.0 Client
Use the provided maven profile:
```
$ mvn spring-boot:run -Pgateway-as-oauth-client
```

44
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/pom.xml
View File

@ -121,50 +121,6 @@
</build> </build>
<profiles> <profiles>
<profile>
<id>quotes-application</id>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<mainClass>com.baeldung.springcloudgateway.oauth.backend.QuotesApplication</mainClass>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>gateway-as-resource-server</id>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<mainClass>com.baeldung.springcloudgateway.oauth.server.ResourceServerGatewayApplication</mainClass>
<jvmArguments>-Dspring.profiles.active=resource-server</jvmArguments>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>gateway-as-oauth-client</id>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<configuration>
<mainClass>com.baeldung.springcloudgateway.oauth.server.ResourceServerGatewayApplication</mainClass>
<jvmArguments>-Dspring.profiles.active=oauth-client</jvmArguments>
</configuration>
</plugin>
</plugins>
</build>
</profile>
<profile> <profile>
<id>gateway-url-rewrite</id> <id>gateway-url-rewrite</id>
<build> <build>

44
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/java/com/baeldung/springcloudgateway/oauth/backend/QuotesApplication.java
View File

@ -1,44 +0,0 @@
/**
*
*/
package com.baeldung.springcloudgateway.oauth.backend;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.PropertySource;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.oauth2.server.resource.introspection.NimbusReactiveOpaqueTokenIntrospector;
import org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector;
import com.baeldung.springcloudgateway.oauth.shared.KeycloakReactiveTokenInstrospector;
/**
* @author Philippe
*
*/
@SpringBootApplication
@PropertySource("classpath:quotes-application.properties")
@EnableWebFluxSecurity
public class QuotesApplication {
public static void main(String[] args) {
SpringApplication.run(QuotesApplication.class);
}
@Bean
public ReactiveOpaqueTokenIntrospector keycloakIntrospector(OAuth2ResourceServerProperties props) {
NimbusReactiveOpaqueTokenIntrospector delegate = new NimbusReactiveOpaqueTokenIntrospector(
props.getOpaquetoken().getIntrospectionUri(),
props.getOpaquetoken().getClientId(),
props.getOpaquetoken().getClientSecret());
return new KeycloakReactiveTokenInstrospector(delegate);
}
}

35
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/java/com/baeldung/springcloudgateway/oauth/backend/domain/Quote.java
View File

@ -1,35 +0,0 @@
package com.baeldung.springcloudgateway.oauth.backend.domain;
public class Quote {
private String symbol;
private double price;
/**
* @return the symbol
*/
public String getSymbol() {
return symbol;
}
/**
* @param symbol the symbol to set
*/
public void setSymbol(String symbol) {
this.symbol = symbol;
}
/**
* @return the price
*/
public double getPrice() {
return price;
}
/**
* @param price the price to set
*/
public void setPrice(double price) {
this.price = price;
}
}

34
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/java/com/baeldung/springcloudgateway/oauth/backend/web/QuoteApi.java
View File

@ -1,34 +0,0 @@
package com.baeldung.springcloudgateway.oauth.backend.web;
import javax.annotation.PostConstruct;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RestController;
import com.baeldung.springcloudgateway.oauth.backend.domain.Quote;
import reactor.core.publisher.Mono;
@RestController
public class QuoteApi {
private static final GrantedAuthority GOLD_CUSTOMER = new SimpleGrantedAuthority("gold");
@GetMapping("/quotes/{symbol}")
public Mono<Quote> getQuote(@PathVariable("symbol") String symbol, BearerTokenAuthentication auth ) {
Quote q = new Quote();
q.setSymbol(symbol);
if ( auth.getAuthorities().contains(GOLD_CUSTOMER)) {
q.setPrice(10.0);
}
else {
q.setPrice(12.0);
}
return Mono.just(q);
}
}

13
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/java/com/baeldung/springcloudgateway/oauth/server/ResourceServerGatewayApplication.java
View File

@ -1,13 +0,0 @@
package com.baeldung.springcloudgateway.oauth.server;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
@SpringBootApplication
@EnableWebFluxSecurity
public class ResourceServerGatewayApplication {
public static void main(String[] args) {
SpringApplication.run(ResourceServerGatewayApplication.class,args);
}
}

65
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/java/com/baeldung/springcloudgateway/oauth/shared/KeycloakReactiveTokenInstrospector.java
View File

@ -1,65 +0,0 @@
/**
*
*/
package com.baeldung.springcloudgateway.oauth.shared;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal;
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
import org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenIntrospector;
import reactor.core.publisher.Mono;
/**
* Custom ReactiveTokenIntrospector to map realm roles into Spring GrantedAuthorities
*
*/
public class KeycloakReactiveTokenInstrospector implements ReactiveOpaqueTokenIntrospector {
private final ReactiveOpaqueTokenIntrospector delegate;
public KeycloakReactiveTokenInstrospector(ReactiveOpaqueTokenIntrospector delegate) {
this.delegate = delegate;
}
@Override
public Mono<OAuth2AuthenticatedPrincipal> introspect(String token) {
return delegate.introspect(token)
.map( this::mapPrincipal);
}
protected OAuth2AuthenticatedPrincipal mapPrincipal(OAuth2AuthenticatedPrincipal principal) {
return new DefaultOAuth2AuthenticatedPrincipal(
principal.getName(),
principal.getAttributes(),
extractAuthorities(principal));
}
protected Collection<GrantedAuthority> extractAuthorities(OAuth2AuthenticatedPrincipal principal) {
//
Map<String,List<String>> realm_access = principal.getAttribute("realm_access");
List<String> roles = realm_access.getOrDefault("roles", Collections.emptyList());
List<GrantedAuthority> rolesAuthorities = roles.stream()
.map(SimpleGrantedAuthority::new)
.collect(Collectors.toList());
Set<GrantedAuthority> allAuthorities = new HashSet<>();
allAuthorities.addAll(principal.getAuthorities());
allAuthorities.addAll(rolesAuthorities);
return allAuthorities;
}
}

26
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/resources/application-oauth-client.yml
View File

@ -1,26 +0,0 @@
server:
port: 8087
spring:
cloud:
gateway:
redis:
enabled: false
routes:
- id: quotes
uri: http://localhost:8085
predicates:
- Path=/quotes/**
filters: - TokenRelay=
security:
oauth2:
client: provider: keycloak:
issuer-uri: http://localhost:8083/auth/realms/baeldung
registration: quotes-client:
provider: keycloak
client-id: quotes-client
client-secret: 0e082231-a70d-48e8-b8a5-fbfb743041b6
scope: - email
- profile
- roles

19
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/resources/application-resource-server.yml
View File

@ -1,19 +0,0 @@
server:
port: 8086
spring:
security:
oauth2:
resourceserver:
opaquetoken:
introspection-uri: http://localhost:8083/auth/realms/baeldung/protocol/openid-connect/token/introspect
client-id: quotes-client
client-secret: 0e082231-a70d-48e8-b8a5-fbfb743041b6
cloud:
gateway:
redis:
enabled: false
routes:
- id: quotes
uri: http://localhost:8085
predicates:
- Path=/quotes/**

12
spring-cloud-modules/spring-cloud-bootstrap/gateway-2/src/main/resources/quotes-application.properties
View File

@ -1,12 +0,0 @@
server.port=8085
# Disable gateway & redis as we don't need them in this application
spring.cloud.gateway.enabled=false
spring.cloud.gateway.redis.enabled=false
# Resource server settings
spring.security.oauth2.resourceserver.opaquetoken.introspection-uri=http://localhost:8083/auth/realms/baeldung/protocol/openid-connect/token/introspect
spring.security.oauth2.resourceserver.opaquetoken.client-id=quotes-client
spring.security.oauth2.resourceserver.opaquetoken.client-secret=0e082231-a70d-48e8-b8a5-fbfb743041b6