Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package com.proj.spring;
- import javax.sql.DataSource;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.beans.factory.annotation.Value;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.context.annotation.PropertySource;
- import org.springframework.core.env.Environment;
- import org.springframework.core.io.Resource;
- import org.springframework.jdbc.datasource.init.DataSourceInitializer;
- import org.springframework.jdbc.datasource.init.DatabasePopulator;
- import org.springframework.jdbc.datasource.init.ResourceDatabasePopulator;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
- import org.springframework.security.oauth2.provider.token.TokenStore;
- import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
- @Configuration
- @PropertySource({ "classpath:persistence.properties" })
- @EnableAuthorizationServer
- public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- @Autowired
- private Environment env;
- @Autowired
- private AuthenticationManager authenticationManager;
- @Autowired
- DataSource dataSource;
- @Value("classpath:schema.sql")
- private Resource schemaScript;
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer)
- throws Exception {
- oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.jdbc(dataSource)
- .withClient("sampleClientId")
- .authorizedGrantTypes("implicit")
- .scopes("read")
- .autoApprove(true)
- .and()
- .withClient("clientIdPassword")
- .secret("secret")
- .authorizedGrantTypes("password","authorization_code", "refresh_token")
- .scopes("read");
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints)
- throws Exception {
- endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager);
- }
- @Bean
- public TokenStore tokenStore() {
- return new JdbcTokenStore(dataSource);
- }
- @Bean
- public DataSourceInitializer dataSourceInitializer(DataSource dataSource) {
- DataSourceInitializer initializer = new DataSourceInitializer();
- initializer.setDataSource(dataSource);
- initializer.setDatabasePopulator(databasePopulator());
- return initializer;
- }
- private DatabasePopulator databasePopulator() {
- ResourceDatabasePopulator populator = new ResourceDatabasePopulator();
- populator.addScript(schemaScript);
- return populator;
- }
- }
- package com.proj.spring;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.ComponentScan;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.builders.WebSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.config.http.SessionCreationPolicy;
- import org.springframework.security.core.userdetails.UserDetailsService;
- import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
- import org.springframework.security.crypto.password.PasswordEncoder;
- import org.springframework.security.web.authentication.AuthenticationFailureHandler;
- import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
- import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
- import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
- import com.proj.security.CustomAuthenticationEntryPoint;
- @Configuration
- @ComponentScan(basePackages = { "com.orangelabs.smp.security" })
- // @ImportResource({ "classpath:webSecurityConfig.xml" })
- @EnableWebSecurity
- public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- private UserDetailsService userDetailsService;
- @Autowired
- private AuthenticationSuccessHandler myAuthenticationSuccessHandler;
- @Autowired
- private LogoutSuccessHandler myLogoutSuccessHandler;
- @Autowired
- private AuthenticationFailureHandler authenticationFailureHandler;
- @Autowired
- private CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
- public SecSecurityConfig() {
- super();
- }
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- auth
- .userDetailsService(userDetailsService)
- .passwordEncoder(encoder());
- }
- @Override
- public void configure(final WebSecurity web) throws Exception {
- web.ignoring().antMatchers("/resources/**");
- }
- @Override
- protected void configure(final HttpSecurity http) throws Exception {
- // @formatter:off
- http
- .csrf().disable()
- .authorizeRequests()
- .antMatchers("/login*","/login*", "/logout*", "/signin/**", "/signup/**",
- "/user/registration*", "/regitrationConfirm*", "/expiredAccount*", "/registration*",
- "/badUser*", "/user/resendRegistrationToken*" ,"/forgetPassword*", "/user/resetPassword*",
- "/user/changePassword*", "/emailError*", "/resources/**","/old/user/registration*","/successRegister*").permitAll()
- .antMatchers("/invalidSession*").anonymous()
- .anyRequest().authenticated()
- .and()
- .formLogin()
- .loginPage("/login")
- .defaultSuccessUrl("/homepage.html")
- .failureUrl("/login?error=true")
- .successHandler(myAuthenticationSuccessHandler)
- .failureHandler(authenticationFailureHandler)
- .permitAll()
- .and()
- .sessionManagement()
- .invalidSessionUrl("/invalidSession.html")
- .sessionFixation().none()
- .and()
- .logout()
- .logoutSuccessHandler(myLogoutSuccessHandler)
- .invalidateHttpSession(false)
- .logoutSuccessUrl("/logout.html?logSucc=true")
- .deleteCookies("JSESSIONID")
- .permitAll();
- // @formatter:on
- }
- // beans
- @Bean
- public DaoAuthenticationProvider authProvider() {
- final DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
- authProvider.setUserDetailsService(userDetailsService);
- authProvider.setPasswordEncoder(encoder());
- return authProvider;
- }
- @Bean
- public PasswordEncoder encoder() {
- return new BCryptPasswordEncoder(11);
- }
- }
- curl -vu clientIdPassword:secret -X POST 'http://localhost:8080/proj/oauth/token?grant_type=password&username=test@test.com&password=test'
- curl -vu clientIdPassword:secret -X POST 'http://localhost:8080/proj/oauth/token?grant_type=refresh_token&refresh_token=7ec31746-6253-4f25-b825-be45a6239257'
- curl -i -H "Authorization: Bearer 41adf8cf-bb92-4552-a5d6-5ab49ca6c7d7" http://localhost:8080/dsn-smp/api/test
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
