Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Autowired
- private ClientServiceImpl clientServiceImpl;
- @Autowired
- private DataSource dataSource;
- @Autowired
- private TokenStore tokenStore;
- @Autowired
- private JwtAccessTokenConverter jwtTokenEnhancer;
- @Autowired
- private UserApprovalHandler userApprovalHandler;
- @Autowired
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.jdbc(dataSource);
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.tokenStore(tokenStore).tokenEnhancer(jwtTokenEnhancer).userApprovalHandler(userApprovalHandler)
- .authenticationManager(authenticationManager)
- .userDetailsService(clientServiceImpl);
- }
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
- oauthServer.allowFormAuthenticationForClients();
- }
- }
- @Configuration
- @EnableResourceServer
- public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
- private static final String RESOURCE_ID = "resource_id";
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) {
- resources.resourceId(RESOURCE_ID).stateless(false);
- }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http
- .anonymous().disable()
- .authorizeRequests()
- .antMatchers("/client/about").access("hasRole('CLIENT') or hasRole('ROLE_CLIENT')")
- .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
- }
- }
- @Autowired
- private ClientDetailsService clientDetailsService;
- @Autowired
- @Resource(name = "userService")
- private ClientServiceImpl clientServiceImpl;
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Bean
- public TokenStore tokenStore() {
- return new JwtTokenStore(jwtTokenEnhancer());
- }
- @Bean
- protected JwtAccessTokenConverter jwtTokenEnhancer() {
- JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
- converter.setSigningKey("Demo-Key-1");
- return converter;
- }
- @Bean
- @Autowired
- public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore) {
- TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
- handler.setTokenStore(tokenStore);
- handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
- handler.setClientDetailsService(clientDetailsService);
- return handler;
- }
- @Bean
- @Autowired
- public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
- TokenApprovalStore store = new TokenApprovalStore();
- store.setTokenStore(tokenStore);
- return store;
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(clientServiceImpl)
- .passwordEncoder(passwordEncoder());
- }
- @Override
- @Order(Ordered.HIGHEST_PRECEDENCE)
- protected void configure(HttpSecurity http) throws Exception {
- http
- .csrf().disable()
- .authorizeRequests()
- .antMatchers("/client/registration", "/oauth/token", "/client/login", "/actuator/health", "/actuator/info", "/swagger-ui").permitAll()
- .anyRequest().authenticated()// когда включаю это форма логина перестает работат;
- .and()
- .formLogin()
- .and()
- .httpBasic().disable();
- }
Add Comment
Please, Sign In to add comment