Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <groupId>com.oreilly.cloud</groupId>
- <artifactId>spring-microservices-oauth-server</artifactId>
- <version>0.0.1-SNAPSHOT</version>
- <packaging>jar</packaging>
- <name>spring-microservices-oauth-server</name>
- <description>Demo project for Spring Boot</description>
- <parent>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-parent</artifactId>
- <version>1.5.7.RELEASE</version>
- <relativePath/> <!-- lookup parent from repository -->
- </parent>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
- <java.version>1.8</java.version>
- <spring-cloud.version>Dalston.SR3</spring-cloud.version>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.springframework.cloud</groupId>
- <artifactId>spring-cloud-starter-oauth2</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-jdbc</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-security</artifactId>
- </dependency>
- <dependency>
- <groupId>org.hsqldb</groupId>
- <artifactId>hsqldb</artifactId>
- <scope>runtime</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-test</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
- <dependencyManagement>
- <dependencies>
- <dependency>
- <groupId>org.springframework.cloud</groupId>
- <artifactId>spring-cloud-dependencies</artifactId>
- <version>${spring-cloud.version}</version>
- <type>pom</type>
- <scope>import</scope>
- </dependency>
- </dependencies>
- </dependencyManagement>
- <build>
- <plugins>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- </plugin>
- </plugins>
- </build>
- <repositories>
- <repository>
- <id>spring-snapshots</id>
- <name>Spring Snapshots</name>
- <url>https://repo.spring.io/snapshot</url>
- <snapshots>
- <enabled>true</enabled>
- </snapshots>
- </repository>
- <repository>
- <id>spring-milestones</id>
- <name>Spring Milestones</name>
- <url>https://repo.spring.io/milestone</url>
- <snapshots>
- <enabled>false</enabled>
- </snapshots>
- </repository>
- </repositories>
- package com.oreilly.cloud;
- import org.springframework.boot.SpringApplication;
- import org.springframework.boot.autoconfigure.SpringBootApplication;
- import org.springframework.security.access.prepost.PreAuthorize;
- import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RestController;
- @SpringBootApplication
- @EnableAuthorizationServer
- @EnableResourceServer
- @RestController
- @EnableGlobalMethodSecurity(prePostEnabled=true)
- public class SpringMicroservicesOauthServerApplication {
- @RequestMapping("/resource/endpoint")
- @PreAuthorize("hasRole('ADMIN')")
- public String endpoint(){
- return "This message is protected by the resource server.";
- }
- public static void main(String[] args) {
- SpringApplication.run(SpringMicroservicesOauthServerApplication.class, args);
- }
- }
- package com.oreilly.cloud;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
- @Configuration
- public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- @Autowired
- private AuthenticationManager authManager;
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.authenticationManager(authManager);
- }
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.inMemory().withClient("webapp").secret("websecret").authorizedGrantTypes("password")
- .scopes("read,write,trust");
- }
- }
- package com.oreilly.cloud;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.authentication.AuthenticationManager;
- import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- @Configuration
- public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication().withUser("user1").password("password1").roles("USER").and().withUser("admin")
- .password("password2").roles("ADMIN");
- }
- }
- server.port=9090
- {
- "access_token": "2d632e54-17c3-41f7-af3b-935ca3022d78",
- "token_type": "bearer",
- "expires_in": 43199,
- "scope": "read,write,trust"
- }
- <html>
- <head>
- <title>Login Page</title>
- </head>
- <body onload='document.f.username.focus();'>
- <h3>Login with Username and Password</h3>
- <form name='f' action='/login' method='POST'>
- <table>
- <tr>
- <td>User:</td>
- <td>
- <input type='text' name='username' value=''>
- </td>
- </tr>
- <tr>
- <td>Password:</td>
- <td>
- <input type='password' name='password'/>
- </td>
- </tr>
- <tr>
- <td colspan='2'>
- <input name="submit" type="submit" value="Login"/>
- </td>
- </tr>
- <input name="_csrf" type="hidden" value="8dbc1c38-6f89-43c5-a8f8-797c920722a1" />
- </table>
- </form>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement