package br.com.serverAuthorization;import org.springframework.boot.SpringAppli

1. package br.com.serverAuthorization;
2.  
3. import org.springframework.boot.SpringApplication;
4. import org.springframework.boot.autoconfigure.SpringBootApplication;
5.  
6. @SpringBootApplication
7. public class ServerAuthorizationApplication {
8.  
9. public static void main(String[] args) {
10. SpringApplication.run(ServerAuthorizationApplication.class, args);
11. }
12. }
13.  
14. package br.com.serverAuthorization.config;
15.  
16. import org.springframework.beans.factory.annotation.Autowired;
17. import org.springframework.beans.factory.annotation.Qualifier;
18. import org.springframework.context.annotation.Configuration;
19. import org.springframework.security.authentication.AuthenticationManager;
20. import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
21. import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
22. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
23. import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
24. import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
25. import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
26.  
27. @Configuration
28. @EnableAuthorizationServer
29. public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
30. public static final String RESOURCE_ID = "arip";
31.  
32. @Autowired
33. @Qualifier("authenticationManagerBean")
34. private AuthenticationManager authenticationManager;
35.  
36. @Override
37. public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
38. endpoints.tokenStore(new InMemoryTokenStore()).authenticationManager(authenticationManager);
39. }
40.  
41. @Override
42. public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
43. oauthServer.checkTokenAccess("hasRole('CLIENT')");
44. }
45.  
46. @Override
47. public void configure(ClientDetailsServiceConfigurer client) throws Exception {
48. client.inMemory()
49. .withClient("clientapp")
50. .secret("123456")
51. .authorizedGrantTypes("password")
52. .scopes("read", "write")
53. .resourceIds(RESOURCE_ID)
54. .and()
55. .withClient("clientcred")
56. .secret("123456")
57. .authorizedGrantTypes("client_credentials")
58. .scopes("trust")
59. .resourceIds(RESOURCE_ID)
60. .and()
61. .withClient("clientauthcode")
62. .secret("123456")
63. .authorizedGrantTypes("authorization_code", "refresh_token")
64. .scopes("read", "write")
65. .resourceIds(RESOURCE_ID)
66. .and()
67. .withClient("jsclient")
68. .secret("123456")
69. .authorizedGrantTypes("implicit")
70. .scopes("read", "write")
71. .resourceIds(RESOURCE_ID)
72. .authorities("CLIENT")
73. .redirectUris("http://localhost:8080/contacts")
74. .accessTokenValiditySeconds(3600)
75. .autoApprove(true);
76. }
77. }
78.  
79. package br.com.serverAuthorization.config;
80.  
81. import org.springframework.context.annotation.Configuration;
82. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
83. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
84. import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
85. import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
86. import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
87.  
88. @Configuration
89. @EnableResourceServer
90. public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
91.  
92. public static final String RESOURCE_ID = "arip";
93.  
94. @Override
95. public void configure(HttpSecurity http) throws Exception {
96. http.authorizeRequests().antMatchers("/contacts").hasRole("ADMIN");
97. //http.authorizeRequests().antMatchers("/api/staff").hasRole("STAFF");
98. //http.authorizeRequests().antMatchers("/api/client").access("#oauth2.hasScope('trust')");
99. }
100.  
101. @Override
102. public void configure(ResourceServerSecurityConfigurer resources) {
103. RemoteTokenServices tokenService = new RemoteTokenServices();
104. tokenService.setClientId("jsclient");
105. tokenService.setClientSecret("123456");
106. tokenService.setCheckTokenEndpointUrl("http://localhost:8080/oauth/check_token");
107.  
108. resources.resourceId(RESOURCE_ID).tokenServices(tokenService);
109. }
110. }
111.  
112. package br.com.serverAuthorization.config;
113.  
114. import org.springframework.beans.factory.annotation.Autowired;
115. import org.springframework.context.annotation.Bean;
116. import org.springframework.context.annotation.Configuration;
117. import org.springframework.security.authentication.AuthenticationManager;
118. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
119. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
120. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
121. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
122.  
123. @Configuration
124. @EnableWebSecurity(debug = true)
125. public class SecurityConfig extends WebSecurityConfigurerAdapter {
126. @Autowired
127. public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
128. auth.inMemoryAuthentication().withUser("admin").password("passw0rd").roles("ADMIN");
129. auth.inMemoryAuthentication().withUser("staff").password("passw0rd").roles("STAFF");
130. }
131.  
132. @Bean
133. @Override
134. public AuthenticationManager authenticationManagerBean() throws Exception {
135. return super.authenticationManagerBean();
136. }
137.  
138. @Override
139. public void configure(HttpSecurity http) throws Exception {
140. http.authorizeRequests().antMatchers("/contacts").authenticated();
141. }
142. }
143.  
144. package br.com.serverAuthorization.controllers;
145.  
146. import java.security.Principal;
147. import java.util.ArrayList;
148. import java.util.List;
149.  
150. import org.springframework.http.HttpStatus;
151. import org.springframework.http.ResponseEntity;
152. import org.springframework.web.bind.annotation.GetMapping;
153. import org.springframework.web.bind.annotation.RequestMapping;
154. import org.springframework.web.bind.annotation.RestController;
155.  
156. import br.com.serverAuthorization.models.Contact;
157.  
158. @RestController
159. @RequestMapping("/contacts")
160. public class HomeController {
161.  
162. private List<Contact> listContact = new ArrayList<Contact>();
163.  
164. @GetMapping
165. public ResponseEntity<Principal> listAll(Principal user){
166. System.out.println("Entro");
167. listContact.add(new Contact(1, "Marcos Paulo Souza Miranda", "marcospsmiranda@gmail.com"));
168. listContact.add(new Contact(2, "João Pedro Souza Miranda", "joaopedro@gmail.com"));
169. listContact.add(new Contact(3, "Radames Aurelio Miranda", "radames@gmail.com"));
170. listContact.add(new Contact(4, "Lucelia de Souza Silva Miranda", "lucelia@gmail.com"));
171.  
172. return new ResponseEntity<>(user, HttpStatus.OK);
173. }
174. }
175.  
176. package br.com.serverAuthorization.models;
177.  
178. public class Contact {
179. private Integer id;
180. private String nome;
181. private String email;
182. public Contact(Integer id, String nome, String email) {
183. super();
184. this.id = id;
185. this.nome = nome;
186. this.email = email;
187. }
188. public Integer getId() {
189. return id;
190. }
191. public void setId(Integer id) {
192. this.id = id;
193. }
194. public String getNome() {
195. return nome;
196. }
197. public void setNome(String nome) {
198. this.nome = nome;
199. }
200. public String getEmail() {
201. return email;
202. }
203. public void setEmail(String email) {
204. this.email = email;
205. }
206. }