Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableResourceServer
- public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
- private static final String RESOURCE_ID = "my_rest_api";
- @Override
- public void configure(ResourceServerSecurityConfigurer resources) {
- resources.resourceId(RESOURCE_ID).stateless(false);
- }
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.
- anonymous().disable()
- .requestMatchers().antMatchers("/user/**")
- .and().authorizeRequests()
- .antMatchers("/user/**").access("hasRole('ADMIN')")
- .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
- }
- }
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
- @Autowired
- private TokenStore tokenStore;
- @Autowired
- private UserApprovalHandler userApprovalHandler;
- @Autowired
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Autowired
- private AuthorizationCodeServices authorizationCodeServices;
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.inMemory()
- .withClient("my-trusted-client")
- .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit")
- .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
- .scopes("read", "write", "trust")
- .secret("secret")
- .redirectUris("http://localhost:8080/clientapp/auth/callback")
- .autoApprove(true)
- .accessTokenValiditySeconds(120).//Access token is only valid for 2 minutes.
- refreshTokenValiditySeconds(600);//Refresh token is only valid for 10 minutes.
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.tokenStore(tokenStore).userApprovalHandler(userApprovalHandler)
- .authenticationManager(authenticationManager).authorizationCodeServices(authorizationCodeServices);
- }
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
- oauthServer
- .tokenKeyAccess("permitAll()")
- .checkTokenAccess("isAuthenticated()");
- }
- }
- @Configuration
- @EnableWebSecurity
- public class OAuth2SecurityConfiguration extends WebSecurityConfigurerAdapter {
- @Autowired
- private ClientDetailsService clientDetailsService;
- @Autowired
- public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication()
- .withUser("bill").password("abc123").roles("ADMIN").and()
- .withUser("bob").password("abc123").roles("USER");
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .csrf().disable()
- .anonymous().disable()
- .authorizeRequests()
- .antMatchers("/oauth/authorize", "/oauth/token").permitAll();
- }
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Bean
- protected AuthorizationCodeServices authorizationCodeServices() {
- return new InMemoryAuthorizationCodeServices();
- }
- @Bean
- public TokenStore tokenStore() {
- return new InMemoryTokenStore();
- }
- @Bean
- @Autowired
- public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore){
- TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
- handler.setTokenStore(tokenStore);
- handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
- handler.setClientDetailsService(clientDetailsService);
- return handler;
- }
- @Bean
- @Autowired
- public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
- TokenApprovalStore store = new TokenApprovalStore();
- store.setTokenStore(tokenStore);
- return store;
- }
- }
- <?xml version="1.0" encoding="UTF-8"?>
- <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>com.pg.oauth2.example</groupId>
- <artifactId>oauth2-example</artifactId>
- <version>0.0.1-SNAPSHOT</version>
- <packaging>war</packaging>
- <name>oauth2-example</name>
- <description>OAuth2 Example</description>
- <parent>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-parent</artifactId>
- <version>1.5.9.RELEASE</version>
- <relativePath/> <!-- lookup parent from repository -->
- </parent>
- <properties>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
- <java.version>1.8</java.version>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-web</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-tomcat</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-security</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.security.oauth</groupId>
- <artifactId>spring-security-oauth2</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-test</artifactId>
- <scope>test</scope>
- </dependency>
- </dependencies>
- <build>
- <plugins>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- </plugin>
- </plugins>
- </build>
- </project>
Add Comment
Please, Sign In to add comment