Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- POST /myapp/oauth/token?grant_type=password&username=myuser&password=123456 HTTP/1.1
- Host: localhost:9080
- Authorization: Basic Z3JlZW5jYXJkLXRydXN0ZWQtY2xpZW50OmdyZWVuY2FyZC1zZWNyZXQ=
- Cache-Control: no-cache
- Postman-Token: bcade5f5-fe47-3ea7-9c48-a054206f1c44
- Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW
- @Configuration
- @EnableTransactionManagement
- public class ConfigurationMySql {
- @Bean(name = "datasource")
- public DriverManagerDataSource dataSource() {
- DriverManagerDataSource dataSource = new DriverManagerDataSource();
- dataSource.setDriverClassName("com.mysql.jdbc.Driver");
- dataSource.setUrl("jdbc:mysql://localhost:3306/voucher");
- dataSource.setUsername("greencard");
- dataSource.setPassword("greencard");
- return dataSource;
- }
- }
- @Configuration
- @EnableWebSecurity
- public class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {
- @Autowired
- private DriverManagerDataSource dataSource;
- @Autowired
- public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
- auth.jdbcAuthentication().dataSource(dataSource)
- .usersByUsernameQuery(
- "select username,password, enabled from users where username=?")
- .authoritiesByUsernameQuery(
- "select username, role from user_roles where username=?");
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.csrf().disable().anonymous().disable().authorizeRequests().antMatchers("/oauth/token").permitAll();
- }
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Bean
- @Autowired
- public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
- TokenApprovalStore store = new TokenApprovalStore();
- store.setTokenStore(tokenStore);
- return store;
- }
- //
- @Bean
- public JdbcTokenStore tokenStore() {
- return new JdbcTokenStore(dataSource);
- }
- @Bean
- protected AuthorizationCodeServices authorizationCodeServices() {
- return new JdbcAuthorizationCodeServices(dataSource);
- }
- }
- @Configuration
- @EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)
- public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
- @SuppressWarnings("unused")
- @Autowired
- private OAuth2SecurityConfiguration securityConfig;
- @Override
- protected MethodSecurityExpressionHandler createExpressionHandler() {
- return new OAuth2MethodSecurityExpressionHandler();
- }
- }
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
- private static String REALM="MY_OAUTH_REALM";
- @Autowired
- private TokenStore tokenStore;
- @Autowired
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Autowired
- private DriverManagerDataSource dataSource;
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.jdbc(dataSource);
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.tokenStore(tokenStore).authenticationManager(authenticationManager);
- }
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
- oauthServer.realm(REALM+"/client");
- }
- }
- public class CORSFilter implements Filter {
- public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
- System.out.println("doFilter");
- HttpServletResponse response = (HttpServletResponse) res;
- response.setHeader("Access-Control-Allow-Origin", "*");
- response.setHeader("Access-Control-Allow-Credentials", "true");
- response.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
- response.setHeader("Access-Control-Max-Age", "3600");
- response.setHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, Authorization, Origin, Accept, Access-Control-Request-Method, Access-Control-Request-Headers");
- chain.doFilter(req, res);
- }
- public void init(FilterConfig filterConfig) {
- System.out.println("filterConfig");
- }
- public void destroy() {
- System.out.println("destroy");
- }
- }
- drop table if exists oauth_client_details;
- create table oauth_client_details (
- client_id VARCHAR(255) PRIMARY KEY,
- resource_ids VARCHAR(255),
- client_secret VARCHAR(255),
- scope VARCHAR(255),
- authorized_grant_types VARCHAR(255),
- web_server_redirect_uri VARCHAR(255),
- authorities VARCHAR(255),
- access_token_validity INTEGER,
- refresh_token_validity INTEGER,
- additional_information VARCHAR(4096),
- autoapprove VARCHAR(255)
- );
- drop table if exists oauth_client_token;
- create table oauth_client_token (
- token_id VARCHAR(255),
- token LONG VARBINARY,
- authentication_id VARCHAR(255) PRIMARY KEY,
- user_name VARCHAR(255),
- client_id VARCHAR(255)
- );
- drop table if exists oauth_access_token;
- create table oauth_access_token (
- token_id VARCHAR(255),
- token LONG VARBINARY,
- authentication_id VARCHAR(255) PRIMARY KEY,
- user_name VARCHAR(255),
- client_id VARCHAR(255),
- authentication LONG VARBINARY,
- refresh_token VARCHAR(255)
- );
- drop table if exists oauth_refresh_token;
- create table oauth_refresh_token (
- token_id VARCHAR(255),
- token LONG VARBINARY,
- authentication LONG VARBINARY
- );
- drop table if exists oauth_code;
- create table oauth_code (
- code VARCHAR(255), authentication LONG VARBINARY
- );
- drop table if exists oauth_approvals;
- create table oauth_approvals (
- userId VARCHAR(255),
- clientId VARCHAR(255),
- scope VARCHAR(255),
- status VARCHAR(10),
- expiresAt TIMESTAMP,
- lastModifiedAt TIMESTAMP
- );
- drop table if exists ClientDetails;
- create table ClientDetails (
- appId VARCHAR(255) PRIMARY KEY,
- resourceIds VARCHAR(255),
- appSecret VARCHAR(255),
- scope VARCHAR(255),
- grantTypes VARCHAR(255),
- redirectUrl VARCHAR(255),
- authorities VARCHAR(255),
- access_token_validity INTEGER,
- refresh_token_validity INTEGER,
- additionalInformation VARCHAR(4096),
- autoApproveScopes VARCHAR(255)
- );
- CREATE TABLE user_roles (
- user_role_id int(11) NOT NULL AUTO_INCREMENT,
- username varchar(45) NOT NULL,
- role varchar(45) NOT NULL,
- PRIMARY KEY (user_role_id),
- UNIQUE KEY uni_username_role (role,username),
- KEY fk_username_idx (username),
- CONSTRAINT fk_username FOREIGN KEY (username) REFERENCES users (username));
- CREATE TABLE users (
- username VARCHAR(45) NOT NULL ,
- password VARCHAR(45) NOT NULL ,
- enabled TINYINT NOT NULL DEFAULT 1 ,
- PRIMARY KEY (username));
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <springframework.version>4.3.1.RELEASE</springframework.version>
- <springsecurity.version>4.1.1.RELEASE</springsecurity.version>
- <springsecurityoauth2.version>2.0.10.RELEASE</springsecurityoauth2.version>
- <jackson.library>2.7.5</jackson.library>
- <hibernate.version>4.3.7.Final</hibernate.version>
- <mysql.connector.version>5.1.31</mysql.connector.version>
- </properties>
- <dependencies>
- <!-- Spring -->
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-core</artifactId>
- <version>${springframework.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-web</artifactId>
- <version>${springframework.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-webmvc</artifactId>
- <version>${springframework.version}</version>
- </dependency>
- <!-- Spring Security -->
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-web</artifactId>
- <version>${springsecurity.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework.security</groupId>
- <artifactId>spring-security-config</artifactId>
- <version>${springsecurity.version}</version>
- </dependency>
- <!-- Spring Security OAuth2 -->
- <dependency>
- <groupId>org.springframework.security.oauth</groupId>
- <artifactId>spring-security-oauth2</artifactId>
- <version>${springsecurityoauth2.version}</version>
- </dependency>
- <!-- Jackson libraries -->
- <dependency>
- <groupId>com.fasterxml.jackson.core</groupId>
- <artifactId>jackson-databind</artifactId>
- <version>${jackson.library}</version>
- </dependency>
- <dependency>
- <groupId>com.fasterxml.jackson.dataformat</groupId>
- <artifactId>jackson-dataformat-xml</artifactId>
- <version>${jackson.library}</version>
- </dependency>
- <dependency>
- <groupId>javax.servlet</groupId>
- <artifactId>javax.servlet-api</artifactId>
- <version>3.1.0</version>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <version>3.8.1</version>
- <scope>test</scope>
- </dependency>
- <!-- Hibernate >> -->
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-core</artifactId>
- <version>${hibernate.version}</version>
- </dependency>
- <!-- jsr303 validation -->
- <dependency>
- <groupId>javax.validation</groupId>
- <artifactId>validation-api</artifactId>
- <version>1.1.0.Final</version>
- </dependency>
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-validator</artifactId>
- <version>5.1.3.Final</version>
- </dependency>
- <!-- MySQL -->
- <dependency>
- <groupId>mysql</groupId>
- <artifactId>mysql-connector-java</artifactId>
- <version>${mysql.connector.version}</version>
- </dependency>
- <dependency>
- <groupId>ch.qos.logback</groupId>
- <artifactId>logback-classic</artifactId>
- <version>1.1.7</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-tx</artifactId>
- <version>${springframework.version}</version>
- </dependency>
- <dependency>
- <groupId>org.springframework</groupId>
- <artifactId>spring-orm</artifactId>
- <version>${springframework.version}</version>
- </dependency>
- <!-- <dependency> <groupId>org.hsqldb</groupId> <artifactId>hsqldb</artifactId>
- <version>2.3.2</version> </dependency> -->
- <dependency>
- <groupId>org.hibernate</groupId>
- <artifactId>hibernate-entitymanager</artifactId>
- <version>4.3.6.Final</version>
- </dependency>
- </dependencies>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement