Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!-- Configure Authentication mechanism -->
- <authentication-manager alias="authenticationManager">
- <authentication-provider ref="oAuth2AuthenticationProvider"/>
- </authentication-manager>
- <beans:bean id="oAuth2AuthenticationProvider" class="my.custom.Oauth2AuthenticationProvider">
- <beans:constructor-arg name="accessTokenUri" value="http://x.x.x.x/oauth/token"/>
- <beans:constructor-arg name="clientId" value="myClientId"/>
- <beans:constructor-arg name="clientSecret" value="myClientSecret"/>
- <beans:constructor-arg name="scope">
- <beans:list>
- <beans:value>myScope</beans:value>
- </beans:list>
- </beans:constructor-arg>
- </beans:bean>
- <beans:bean id="resourceOwnerPasswordAccessTokenProvider" class="org.springframework.security.oauth2.client.token.grant.password.ResourceOwnerPasswordAccessTokenProvider"/>
- public class Oauth2AuthenticationProvider implements AuthenticationProvider {
- @Autowired
- private ResourceOwnerPasswordAccessTokenProvider provider;
- private String accessTokenUri;
- private String clientId;
- private String clientSecret;
- private List<String> scope;
- public Oauth2AuthenticationProvider(String accessTokenUri, String clientId, String clientSecret, List<String> scope) {
- this.accessTokenUri = accessTokenUri;
- this.clientId = clientId;
- this.clientSecret = clientSecret;
- this.scope = scope;
- }
- @Override
- public Authentication authenticate(Authentication authentication) throws AuthenticationException {
- String username = authentication.getName();
- String password = authentication.getCredentials().toString();
- OAuth2AccessToken token = obtainToken(username, password);
- return handleLogonSuccess(authentication, token);
- }
- private OAuth2AccessToken obtainToken(String username, String password) {
- ResourceOwnerPasswordResourceDetails passwordResourceDetails = new ResourceOwnerPasswordResourceDetails();
- passwordResourceDetails.setUsername(username);
- passwordResourceDetails.setPassword(password);
- passwordResourceDetails.setClientId(clientId);
- passwordResourceDetails.setClientSecret(clientSecret);
- passwordResourceDetails.setScope(scope);
- passwordResourceDetails.setAccessTokenUri(accessTokenUri);
- DefaultAccessTokenRequest defaultAccessTokenRequest = new DefaultAccessTokenRequest();
- OAuth2AccessToken token;
- try {
- token = provider.obtainAccessToken(passwordResourceDetails, defaultAccessTokenRequest);
- } catch (OAuth2AccessDeniedException accessDeniedException) {
- throw new BadCredentialsException("Invalid credentials", accessDeniedException);
- }
- return token;
- }
- public OAuth2AccessToken refreshToken(OAuth2AuthenticationToken authentication) {
- OAuth2AccessToken token = authentication.getoAuth2AccessToken();
- OAuth2RefreshToken refreshToken = token.getRefreshToken();
- BaseOAuth2ProtectedResourceDetails resourceDetails = new BaseOAuth2ProtectedResourceDetails();
- resourceDetails.setClientId(clientId);
- resourceDetails.setClientSecret(clientSecret);
- resourceDetails.setScope(scope);
- resourceDetails.setAccessTokenUri(accessTokenUri);
- OAuth2AccessToken newToken = provider.refreshAccessToken(resourceDetails, refreshToken, new DefaultAccessTokenRequest());
- authentication.setoAuth2AccessToken(newToken);
- return newToken;
- }
- public boolean supports(Class<?> authentication) {
- return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);
- }
- private Authentication handleLogonSuccess(Authentication authentication, OAuth2AccessToken token) {
- MyCustomOAuth2AuthenticationToken successAuthenticationToken = new MyCustomOAuth2AuthenticationToken(user, authentication.getCredentials(), calculateAuthorities(authentication), token);
- return successAuthenticationToken;
- }
- public list<GrantedAuthority> calculateAuthorities(Authentication authentication) {
- //my custom logic that assigns the correct role. e.g. ROLE_USER
- }
- @Configuration
- @EnableOAuth2Client
- public class RestClientConfig {
- @Value("${http.client.maxPoolSize}")
- private Integer maxPoolSize;
- @Value("${oauth2.resourceId}")
- private String resourceId;
- @Value("${oauth2.clientId}")
- private String clientId;
- @Value("${oauth2.clientSecret}")
- private String clientSecret;
- @Value("${oauth2.accessTokenUri}")
- private String accessTokenUri;
- @Autowired
- private OAuth2ClientContext oauth2ClientContext;
- @Bean
- public ClientHttpRequestFactory httpRequestFactory() {
- return new HttpComponentsClientHttpRequestFactory(httpClient());
- }
- @Bean
- public HttpClient httpClient() {
- PoolingHttpClientConnectionManager connectionManager = new PoolingHttpClientConnectionManager();
- connectionManager.setMaxTotal(maxPoolSize);
- // This client is for internal connections so only one route is expected
- connectionManager.setDefaultMaxPerRoute(maxPoolSize);
- return HttpClientBuilder.create().setConnectionManager(connectionManager).build();
- }
- @Bean
- public OAuth2ProtectedResourceDetails oauth2ProtectedResourceDetails() {
- ResourceOwnerPasswordResourceDetails details = new ResourceOwnerPasswordResourceDetails();
- details.setId(resourceId);
- details.setClientId(clientId);
- details.setClientSecret(clientSecret);
- details.setAccessTokenUri(accessTokenUri);
- return details;
- }
- @Bean
- public AccessTokenProvider accessTokenProvider() {
- ResourceOwnerPasswordAccessTokenProvider tokenProvider = new ResourceOwnerPasswordAccessTokenProvider();
- tokenProvider.setRequestFactory(httpRequestFactory());
- return new AccessTokenProviderChain(
- Arrays.<AccessTokenProvider> asList(tokenProvider)
- );
- }
- @Bean
- public OAuth2RestTemplate restTemplate() {
- OAuth2RestTemplate template = new OAuth2RestTemplate(oauth2ProtectedResourceDetails(), oauth2ClientContext);
- template.setRequestFactory(httpRequestFactory());
- template.setAccessTokenProvider(accessTokenProvider());
- return template;
- }
- }
- @Autowired
- private OAuth2RestTemplate restTemplate;
- restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("username", username);
- restTemplate.getOAuth2ClientContext().getAccessTokenRequest().set("password", password);
- String url = "http://localhost:{port}/api/users/search/findByUsername?username={username}";
- ResponseEntity<User> responseEntity = restTemplate.getForEntity(
- url, User.class, 8081, username);
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement