Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- public class OAuth2ServerConfig {
- @Configuration
- @EnableResourceServer
- protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
- @Inject
- private Http401UnauthorizedEntryPoint authenticationEntryPoint;
- @Inject
- private AjaxLogoutSuccessHandler ajaxLogoutSuccessHandler;
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http
- .exceptionHandling()
- .authenticationEntryPoint(authenticationEntryPoint)
- .and()
- .logout()
- .logoutUrl("/logout")
- .logoutSuccessHandler(ajaxLogoutSuccessHandler)
- .and()
- .csrf()
- .requireCsrfProtectionMatcher(new AntPathRequestMatcher("oauth/token"))
- .disable()
- .headers()
- .frameOptions().disable()
- .and()
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- .and()
- .authorizeRequests()
- .antMatchers("/admin").hasAnyAuthority("ADMIN");
- }
- }
- @Configuration
- @EnableAuthorizationServer
- protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
- private static final String CLIENTID = "app";
- private static final String PROP_SECRET = "secret";
- private static final Integer TOKEN_VALIDITY_SECONDS = -1;
- @Inject
- private UserDetailsService userDetailsService;
- @Inject
- private OAuth2AccessTokenRepository oAuth2AccessTokenRepository;
- @Inject
- private OAuth2RefreshTokenRepository oAuth2RefreshTokenRepository;
- @Bean
- public TokenStore tokenStore() {
- return new MongoDBTokenStore(oAuth2AccessTokenRepository, oAuth2RefreshTokenRepository);
- }
- @Inject
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints)
- throws Exception {
- endpoints
- .tokenStore(tokenStore())
- .authenticationManager(authenticationManager).userDetailsService(userDetailsService);
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients
- .inMemory()
- .withClient(CLIENTID)
- .authorizedGrantTypes("authorization_code","refresh_token","password")
- .authorities("USER", "ADMIN")
- .secret(PROP_SECRET)
- .accessTokenValiditySeconds(TOKEN_VALIDITY_SECONDS);
- }
- }
- }
- curl app:secret@localhost:8080/oauth/token -d grant_type=password -d client_id=app -d username=user -d password=password
Add Comment
Please, Sign In to add comment