Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package br.com.serverAuthorization;
- import org.springframework.boot.SpringApplication;
- import org.springframework.boot.autoconfigure.SpringBootApplication;
- @SpringBootApplication
- public class ServerAuthorizationApplication {
- public static void main(String[] args) {
- SpringApplication.run(ServerAuthorizationApplication.class, args);
- }
- }
- package br.com.serverAuthorization.config;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.beans.factory.annotation.Qualifier;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
- import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- public static final String RESOURCE_ID = "arip";
- @Autowired
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.tokenStore(new InMemoryTokenStore()).authenticationManager(authenticationManager);
- }
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
- oauthServer.checkTokenAccess("hasRole('CLIENT')");
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer client) throws Exception {
- client.inMemory()
- .withClient("clientapp")
- .secret("123456")
- .authorizedGrantTypes("password")
- .scopes("read", "write")
- .resourceIds(RESOURCE_ID)
- .and()
- .withClient("clientcred")
- .secret("123456")
- .authorizedGrantTypes("client_credentials")
- .scopes("trust")
- .resourceIds(RESOURCE_ID)
- .and()
- .withClient("clientauthcode")
- .secret("123456")
- .authorizedGrantTypes("authorization_code", "refresh_token")
- .scopes("read", "write")
- .resourceIds(RESOURCE_ID)
- .and()
- .withClient("jsclient")
- .secret("123456")
- .authorizedGrantTypes("implicit")
- .scopes("read", "write")
- .resourceIds(RESOURCE_ID)
- .authorities("CLIENT")
- .redirectUris("http://localhost:8080/contacts")
- .accessTokenValiditySeconds(3600)
- .autoApprove(true);
- }
- }
- package br.com.serverAuthorization.config;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
- import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
- @Configuration
- @EnableResourceServer
- public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
- public static final String RESOURCE_ID = "arip";
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests().antMatchers("/contacts").hasRole("ADMIN");
- //http.authorizeRequests().antMatchers("/api/staff").hasRole("STAFF");
- //http.authorizeRequests().antMatchers("/api/client").access("#oauth2.hasScope('trust')");
- }
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) {
- RemoteTokenServices tokenService = new RemoteTokenServices();
- tokenService.setClientId("jsclient");
- tokenService.setClientSecret("123456");
- tokenService.setCheckTokenEndpointUrl("http://localhost:8080/oauth/check_token");
- resources.resourceId(RESOURCE_ID).tokenServices(tokenService);
- }
- }
- package br.com.serverAuthorization.config;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- @Configuration
- @EnableWebSecurity(debug = true)
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication().withUser("admin").password("passw0rd").roles("ADMIN");
- auth.inMemoryAuthentication().withUser("staff").password("passw0rd").roles("STAFF");
- }
- @Bean
- @Override
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests().antMatchers("/contacts").authenticated();
- }
- }
- package br.com.serverAuthorization.controllers;
- import java.security.Principal;
- import java.util.ArrayList;
- import java.util.List;
- import org.springframework.http.HttpStatus;
- import org.springframework.http.ResponseEntity;
- import org.springframework.web.bind.annotation.GetMapping;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RestController;
- import br.com.serverAuthorization.models.Contact;
- @RestController
- @RequestMapping("/contacts")
- public class HomeController {
- private List<Contact> listContact = new ArrayList<Contact>();
- @GetMapping
- public ResponseEntity<Principal> listAll(Principal user){
- System.out.println("Entro");
- listContact.add(new Contact(1, "Marcos Paulo Souza Miranda", "marcospsmiranda@gmail.com"));
- listContact.add(new Contact(2, "João Pedro Souza Miranda", "joaopedro@gmail.com"));
- listContact.add(new Contact(3, "Radames Aurelio Miranda", "radames@gmail.com"));
- listContact.add(new Contact(4, "Lucelia de Souza Silva Miranda", "lucelia@gmail.com"));
- return new ResponseEntity<>(user, HttpStatus.OK);
- }
- }
- package br.com.serverAuthorization.models;
- public class Contact {
- private Integer id;
- private String nome;
- private String email;
- public Contact(Integer id, String nome, String email) {
- super();
- this.id = id;
- this.nome = nome;
- this.email = email;
- }
- public Integer getId() {
- return id;
- }
- public void setId(Integer id) {
- this.id = id;
- }
- public String getNome() {
- return nome;
- }
- public void setNome(String nome) {
- this.nome = nome;
- }
- public String getEmail() {
- return email;
- }
- public void setEmail(String email) {
- this.email = email;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement