Forked from osgafarov/gist:ef432de739f0e8dd2eb595c0c75aff1d
Created
November 9, 2018 22:08
-
-
Save sffej/6e5c7245a4ec6d028e0a59e2438ba5e0 to your computer and use it in GitHub Desktop.
Spring Boot OAuth2 implementation.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// ---- SAMPLE ENDPOINT ---- // | |
@RequestMapping(method = RequestMethod.GET, value = "users/{userId}") | |
Bookmark readUser(Principal principal, @PathVariable Long userId) { | |
return this.usersRepository.findOne(userId); | |
} | |
} | |
// ---- Configuration ---- // | |
@Configuration | |
@EnableResourceServer | |
@EnableAuthorizationServer | |
class OAuth2Configuration extends AuthorizationServerConfigurerAdapter { | |
// This is required for password grants, which we specify below as one of the | |
// {@literal authorizedGrantTypes()}. | |
@Autowired | |
AuthenticationManagerBuilder authenticationManagerBuilder; | |
AuthenticationManager authenticationManager; | |
@Autowired | |
DataSource dataSource; | |
@Autowired | |
private UsersService usersService; | |
@Bean | |
public JdbcTokenStore tokenStore() { | |
JdbcTokenStore store = new JdbcTokenStore(dataSource); | |
return store; | |
} | |
@Bean | |
protected AuthorizationCodeServices authorizationCodeServices() { | |
return new JdbcAuthorizationCodeServices(dataSource); | |
} | |
@Autowired | |
private PasswordEncoder passwordEncoder; | |
@Bean | |
@Primary | |
public DefaultTokenServices tokenServices() { | |
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); | |
defaultTokenServices.setAccessTokenValiditySeconds(6000); | |
defaultTokenServices.setTokenStore(tokenStore()); | |
defaultTokenServices.setSupportRefreshToken(true); | |
return defaultTokenServices; | |
} | |
@Override | |
public void configure(AuthorizationServerEndpointsConfigurer endpoints) | |
throws Exception { | |
// Workaround for https://github.com/spring-projects/spring-boot/issues/1801 | |
authenticationManager = new AuthenticationManager() { | |
@Override | |
public Authentication authenticate(Authentication authentication) | |
throws AuthenticationException { | |
return authenticationManagerBuilder.getOrBuild().authenticate(authentication); | |
} | |
}; | |
endpoints.authenticationManager(authenticationManager) | |
.authorizationCodeServices(authorizationCodeServices()) | |
.tokenServices(tokenServices()) | |
.approvalStoreDisabled(); | |
} | |
@Override | |
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { | |
security.allowFormAuthenticationForClients(); | |
} | |
@Override | |
public void configure(ClientDetailsServiceConfigurer clients) throws Exception { | |
clients | |
.jdbc(dataSource); | |
//TODO: enable encoder .passwordEncoder(passwordEncoder); | |
} | |
} | |
@Configuration | |
@EnableResourceServer | |
public class ResourceServer extends ResourceServerConfigurerAdapter { | |
@Autowired | |
private JdbcTokenStore tokenStore; | |
@Override | |
public void configure(ResourceServerSecurityConfigurer resources) throws Exception { | |
resources.tokenStore(tokenStore).resourceId("myapp"); | |
} | |
} | |
@Configuration | |
public class SecurityConfigurerAdapter extends WebSecurityConfigurerAdapter { | |
@Override | |
protected void configure(HttpSecurity http) throws Exception { | |
http | |
.authorizeRequests() | |
.antMatchers("/resources/**").permitAll() | |
.anyRequest().authenticated() | |
.and() | |
.formLogin() | |
.loginPage("/login") | |
.permitAll() | |
.and() | |
.logout() | |
.permitAll(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment