Created
June 23, 2018 05:22
-
-
Save nareshnaredla2424/66473b3e7644bf3fbdcf783a8e73a191 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.javabycode.security; | |
import org.springframework.beans.factory.annotation.Autowired; | |
import org.springframework.context.annotation.Bean; | |
import org.springframework.context.annotation.Configuration; | |
import org.springframework.security.authentication.AuthenticationManager; | |
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; | |
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | |
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; | |
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | |
import org.springframework.security.oauth2.provider.ClientDetailsService; | |
import org.springframework.security.oauth2.provider.approval.ApprovalStore; | |
import org.springframework.security.oauth2.provider.approval.TokenApprovalStore; | |
import org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler; | |
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory; | |
import org.springframework.security.oauth2.provider.token.TokenStore; | |
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; | |
@Configuration | |
@EnableWebSecurity | |
public class OAuth2SecurityConfig extends WebSecurityConfigurerAdapter { | |
@Autowired | |
private ClientDetailsService clientService; | |
@Autowired | |
public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception { | |
auth.inMemoryAuthentication() | |
.withUser("javabycode").password("123456").roles("USER") | |
.and() | |
.withUser("admin").password("admin123").roles("ADMIN"); | |
} | |
@Override | |
protected void configure(HttpSecurity http) throws Exception { | |
http | |
.csrf().disable() | |
.anonymous().disable() | |
.authorizeRequests() | |
.antMatchers("/oauth/token").permitAll(); | |
} | |
@Override | |
@Bean | |
public AuthenticationManager authenticationManagerBean() throws Exception { | |
return super.authenticationManagerBean(); | |
} | |
@Bean | |
public TokenStore tokenStore() { | |
return new InMemoryTokenStore(); | |
} | |
@Bean | |
@Autowired | |
public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore){ | |
TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler(); | |
handler.setTokenStore(tokenStore); | |
handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientService)); | |
handler.setClientDetailsService(clientService); | |
return handler; | |
} | |
@Bean | |
@Autowired | |
public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception { | |
TokenApprovalStore store = new TokenApprovalStore(); | |
store.setTokenStore(tokenStore); | |
return store; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment