Untitled

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

  private final AuthenticationManager authenticationManager;

  @Autowired
  public AuthorizationServerConfig(AuthenticationManager authenticationManager) {
    this.authenticationManager = authenticationManager;
  }

  @Bean
  public JwtAccessTokenConverter accessTokenConverter() {
    JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
    converter.setSigningKey("as466gf");
    return converter;
  }

  @Bean
  public TokenStore tokenStore() {
    return new JwtTokenStore(accessTokenConverter());
  }


  @Override
  public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {

    configurer
      .inMemory()
      .withClient("my-client")
      .secret("$2a$10$jfAHmk4szDU/t1qLGlFTLukuBZL0ZHZGUJQICePjjyq6IrLOS934.") //my-secret
      .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit" )
      .scopes("read", "write", "trust");
  }

  @Override
  public void configure(AuthorizationServerEndpointsConfigurer endpoints) {

    endpoints
      .authenticationManager(authenticationManager)
      .accessTokenConverter(accessTokenConverter());
  }

}

@Configuration
@EnableResourceServer
@Order(2)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

  private static final String RESOURCE_ID = "resource_id";

  @Override
  public void configure(ResourceServerSecurityConfigurer resources) {
    resources.resourceId(RESOURCE_ID).stateless(false);
  }

  @Override
  public void configure(HttpSecurity http) throws Exception {
    http.
      anonymous().disable()
      .authorizeRequests()
      .antMatchers("/admin/**").access("hasRole('ADMIN')")
      .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
  }
}

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

  @Resource(name = "userDetailService")
  private UserDetailService userDetailsService;

  @Bean
  public BCryptPasswordEncoder encoder() {
    return new BCryptPasswordEncoder();
  }

  @Override
  @Bean
  public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
  }

  @Autowired
  public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailsService).passwordEncoder(encoder());
  }

  @Override
  protected void configure(HttpSecurity http) throws Exception {
    http
      .csrf().disable()
      .anonymous().disable()
      .authorizeRequests()
      .antMatchers("/api-docs/**").permitAll()
      .and()
      .formLogin();
  }

  @Override
  protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth
      .userDetailsService(userDetailsService)
      .passwordEncoder(encoder());
  }
}

curl --request POST
  --url http://localhost:8080/oauth/token
  --header 'authorization: Basic bXktY2xpZW50Om15LXNlY3JldA=='
  --header 'content-type: application/x-www-form-urlencoded'
  --data 'grant_type=password&username=admin&password=test'