API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 30th, 2016
63
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.33 KB | None | 0 0
raw download clone embed print report
  1. package com.tai;
  2.  
  3. import com.tai.config.BuddyAuthenticationSuccessHandler;
  4. import com.tai.model.User;
  5. import org.springframework.beans.factory.annotation.Autowired;
  6. import org.springframework.boot.SpringApplication;
  7. import org.springframework.boot.autoconfigure.SpringBootApplication;
  8. import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
  9. import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoTokenServices;
  10. import org.springframework.boot.context.embedded.FilterRegistrationBean;
  11. import org.springframework.boot.context.properties.ConfigurationProperties;
  12. import org.springframework.context.annotation.Bean;
  13. import org.springframework.context.annotation.Configuration;
  14. import org.springframework.core.annotation.Order;
  15. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  16. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  17. import org.springframework.security.oauth2.client.OAuth2ClientContext;
  18. import org.springframework.security.oauth2.client.OAuth2RestTemplate;
  19. import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter;
  20. import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
  21. import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
  22. import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
  23. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
  24. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
  25. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
  26. import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
  27. import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
  28. import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
  29. import org.springframework.security.web.csrf.CsrfFilter;
  30. import org.springframework.security.web.csrf.CsrfToken;
  31. import org.springframework.security.web.csrf.CsrfTokenRepository;
  32. import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
  33. import org.springframework.web.bind.annotation.RequestMapping;
  34. import org.springframework.web.bind.annotation.RestController;
  35. import org.springframework.web.filter.CompositeFilter;
  36. import org.springframework.web.filter.OncePerRequestFilter;
  37. import org.springframework.web.util.WebUtils;
  38.  
  39. import javax.servlet.Filter;
  40. import javax.servlet.FilterChain;
  41. import javax.servlet.ServletException;
  42. import javax.servlet.http.Cookie;
  43. import javax.servlet.http.HttpServletRequest;
  44. import javax.servlet.http.HttpServletResponse;
  45. import java.io.IOException;
  46. import java.security.Principal;
  47. import java.util.ArrayList;
  48. import java.util.LinkedHashMap;
  49. import java.util.List;
  50. import java.util.Map;
  51.  
  52. @SpringBootApplication
  53. @RestController
  54. @EnableOAuth2Client
  55. @EnableAuthorizationServer
  56. @Order(6)
  57. public class BuddyFinderApplication extends WebSecurityConfigurerAdapter {
  58.  
  59. class ClientResources {
  60. private OAuth2ProtectedResourceDetails client = new AuthorizationCodeResourceDetails();
  61. private ResourceServerProperties resource = new ResourceServerProperties();
  62.  
  63. public OAuth2ProtectedResourceDetails getClient() {
  64. return client;
  65. }
  66.  
  67. public ResourceServerProperties getResource() {
  68. return resource;
  69. }
  70. }
  71.  
  72. @Autowired
  73. OAuth2ClientContext oauth2ClientContext;
  74.  
  75. @Autowired
  76. BuddyAuthenticationSuccessHandler authenticationSuccessHandler;
  77.  
  78. @Override
  79. protected void configure(HttpSecurity http) throws Exception {
  80. // @formatter:off
  81. http.antMatcher("/**")
  82. .authorizeRequests()
  83. .antMatchers("/", "/login**", "/assets/**", "/templates/**").permitAll()
  84. .anyRequest().authenticated()
  85. .and().exceptionHandling().authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
  86. .and().logout().logoutSuccessUrl("/").permitAll()
  87. .and().csrf().csrfTokenRepository(csrfTokenRepository())
  88. .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
  89. .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
  90. // @formatter:on
  91. }
  92.  
  93. @Configuration
  94. @EnableResourceServer
  95. protected static class ResourceServerConfiguration
  96. extends ResourceServerConfigurerAdapter {
  97. @Override
  98. public void configure(HttpSecurity http) throws Exception {
  99. // @formatter:off
  100. http
  101. .antMatcher("/me")
  102. .authorizeRequests().anyRequest().authenticated();
  103. // @formatter:on
  104. }
  105. }
  106.  
  107. public static void main(String[] args) {
  108. SpringApplication.run(BuddyFinderApplication.class, args);
  109. }
  110.  
  111. @Bean
  112. public FilterRegistrationBean oauth2ClientFilterRegistration(
  113. OAuth2ClientContextFilter filter) {
  114. FilterRegistrationBean registration = new FilterRegistrationBean();
  115. registration.setFilter(filter);
  116. registration.setOrder(-100);
  117. return registration;
  118. }
  119.  
  120. @Bean
  121. @ConfigurationProperties("github")
  122. ClientResources github() {
  123. return new ClientResources();
  124. }
  125.  
  126. @Bean
  127. @ConfigurationProperties("facebook")
  128. ClientResources facebook() {
  129. return new ClientResources();
  130. }
  131.  
  132. private Filter ssoFilter() {
  133. CompositeFilter filter = new CompositeFilter();
  134. List<Filter> filters = new ArrayList<>();
  135. Filter facebook = ssoFilter(facebook(), "/login/facebook");
  136. Filter github = ssoFilter(github(), "/login/github");
  137. filters.add(facebook);
  138. filters.add(github);
  139. filter.setFilters(filters);
  140. return filter;
  141. }
  142.  
  143. private Filter ssoFilter(ClientResources client, String path) {
  144. OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationFilter =
  145. new OAuth2ClientAuthenticationProcessingFilter(path);
  146. OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(client.getClient(),
  147. oauth2ClientContext);
  148. oAuth2ClientAuthenticationFilter.setRestTemplate(oAuth2RestTemplate);
  149. UserInfoTokenServices tokenServices = new UserInfoTokenServices(
  150. client.getResource().getUserInfoUri(), client.getClient().getClientId());
  151. tokenServices.setRestTemplate(oAuth2RestTemplate);
  152. oAuth2ClientAuthenticationFilter.setTokenServices(tokenServices);
  153. oAuth2ClientAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler);
  154. return oAuth2ClientAuthenticationFilter;
  155. }
  156.  
  157. private Filter csrfHeaderFilter() {
  158. return new OncePerRequestFilter() {
  159. @Override
  160. protected void doFilterInternal(HttpServletRequest request,
  161. HttpServletResponse response, FilterChain filterChain)
  162. throws ServletException, IOException {
  163. CsrfToken csrf = (CsrfToken) request
  164. .getAttribute(CsrfToken.class.getName());
  165. if (csrf != null) {
  166. Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
  167. String token = csrf.getToken();
  168. if (cookie == null
  169. || token != null && !token.equals(cookie.getValue())) {
  170. cookie = new Cookie("XSRF-TOKEN", token);
  171. cookie.setPath("/");
  172. response.addCookie(cookie);
  173. }
  174. }
  175. filterChain.doFilter(request, response);
  176. }
  177. };
  178. }
  179.  
  180. private CsrfTokenRepository csrfTokenRepository() {
  181. HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
  182. repository.setHeaderName("X-XSRF-TOKEN");
  183. return repository;
  184. }
  185.  
  186. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!