Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SecurityConfig.java
- package io.github.davibarros.clientes.config;
- import org.springframework.context.annotation.Bean;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.config.http.SessionCreationPolicy;
- import org.springframework.security.oauth2.client.test.OAuth2ContextConfiguration.Password;
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Override
- public void configure(AuthenticationManagerBuilder auth) throws Exception{
- auth.inMemoryAuthentication()
- .withUser("fulano")
- .password("{noop}123")
- .roles("USER");
- }
- @Bean
- public AuthenticationManager authenticationManager() throws Exception {
- return super.authenticationManager();
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception{
- http
- .antMatcher("/api/**")
- .authorizeRequests()
- .anyRequest().hasRole("USER")
- .and()
- .httpBasic()
- .and()
- .csrf()
- .disable()
- .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
- }
- }
- ________
- package io.github.davibarros.clientes.config;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.crypto.factory.PasswordEncoderFactories;
- import org.springframework.security.crypto.password.NoOpPasswordEncoder;
- import org.springframework.security.crypto.password.PasswordEncoder;
- import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
- import org.springframework.security.oauth2.provider.token.TokenStore;
- import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- @Autowired
- private AuthenticationManager authenticationManager;
- @Bean
- public TokenStore tokenStore() {
- return new InMemoryTokenStore();
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception{
- endpoints
- .tokenStore(tokenStore())
- .authenticationManager(authenticationManager);
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception{
- clients.inMemory()
- .withClient("my-angular-app")
- .secret("{noop}123")
- .scopes("read","write")
- .authorizedGrantTypes("password")
- .accessTokenValiditySeconds(60 * 30);
- }
- public PasswordEncoder passwordEncoder() {
- return PasswordEncoderFactories.createDelegatingPasswordEncoder();
- }
- }
- AuthorizationServerConfig.java
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
