Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package com.dicardistry.store.configs;
- import org.apache.commons.io.IOUtils;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.core.io.ClassPathResource;
- import org.springframework.core.io.Resource;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
- import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
- import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
- import org.springframework.security.oauth2.provider.token.TokenStore;
- import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
- import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
- import java.io.IOException;
- import java.nio.charset.Charset;
- /**
- * Created by phuongtran on 5/21/17.
- */
- @Configuration
- @EnableResourceServer
- public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
- resources.tokenServices(tokenService());
- resources.resourceId("frontend");
- }
- @Bean
- public ResourceServerTokenServices tokenService() {
- DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
- defaultTokenServices.setTokenStore(tokenStore());
- return defaultTokenServices;
- }
- @Bean
- public TokenStore tokenStore() {
- return new JwtTokenStore(accessTokenConvert());
- }
- @Bean
- public JwtAccessTokenConverter accessTokenConvert() {
- JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
- Resource resource = new ClassPathResource("public.txt");
- String publicKey = null;
- try {
- publicKey = IOUtils.toString(resource.getInputStream(), Charset.defaultCharset());
- } catch (final IOException e) {
- throw new RuntimeException(e);
- }
- converter.setVerifierKey(publicKey);
- return converter;
- }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .antMatchers("/api/public/v1/**").permitAll()
- .antMatchers("/download/**").permitAll()
- .anyRequest().authenticated();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement