Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- private final AuthenticationManager authenticationManager;
- @Autowired
- public AuthorizationServerConfig(AuthenticationManager authenticationManager) {
- this.authenticationManager = authenticationManager;
- }
- @Bean
- public JwtAccessTokenConverter accessTokenConverter() {
- JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
- converter.setSigningKey("as466gf");
- return converter;
- }
- @Bean
- public TokenStore tokenStore() {
- return new JwtTokenStore(accessTokenConverter());
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients
- .inMemory()
- .withClient("my-client-id")
- .authorizedGrantTypes("authorization_code", "implicit", "refresh_token", "password")
- .authorities("ADMIN")
- .scopes("all")
- .resourceIds("product_api")
- .secret("$2a$10$jfAHmk4szDU/t1qLGlFTLukuBZL0ZHZGUJQICePjjyq6IrLOS934.")
- .redirectUris("https://example.com")
- .accessTokenValiditySeconds(7200)
- .refreshTokenValiditySeconds(7200);
- }
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
- oauthServer
- .tokenKeyAccess("permitAll()")
- .checkTokenAccess("permitAll()");
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
- endpoints
- .authenticationManager(authenticationManager)
- .accessTokenConverter(accessTokenConverter());
- }
- }
- @Configuration
- @EnableResourceServer
- @Order(2)
- public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) {
- resources.resourceId("product_api");
- }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http
- .requestMatchers()
- .antMatchers("/**")
- .and().authorizeRequests()
- .antMatchers("/**").permitAll()
- .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
- }
- }
- @Configuration
- @Order(1)
- public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
- @Resource(name = "userDetailService")
- private UserDetailService userDetailsService;
- @Bean
- public BCryptPasswordEncoder encoder() {
- return new BCryptPasswordEncoder();
- }
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Autowired
- public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService).passwordEncoder(encoder());
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests()
- .antMatchers("/api/v1/**")
- .hasAnyRole("ADMIN", "USER").and()
- .httpBasic().and().formLogin().and().authorizeRequests().anyRequest().authenticated();
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth
- .userDetailsService(userDetailsService)
- .passwordEncoder(encoder());
- }
- }
- curl --request POST
- --url http://localhost:8080/oauth/token
- --header 'authorization: Basic bXktY2xpZW50Om15LXNlY3JldA=='
- --header 'content-type: application/x-www-form-urlencoded'
- --data 'grant_type=password&username=admin&password=test'
Add Comment
Please, Sign In to add comment