package com.techprimers.security.springsecurityauthserver.configurations;imp

1. package com.techprimers.security.springsecurityauthserver.configurations;
2.  
3. import com.techprimers.security.springsecurityauthserver.CustomAuthProvider;
4. import com.techprimers.security.springsecurityauthserver.TwoFactorAuthenticationFilter;
5. import com.techprimers.security.springsecurityauthserver.services.CustomUserDetailsService;
6. import org.springframework.beans.factory.annotation.Autowired;
7. import org.springframework.context.annotation.Bean;
8. import org.springframework.context.annotation.Configuration;
9. import org.springframework.core.annotation.Order;
10. import org.springframework.security.authentication.AuthenticationManager;
11. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
12. import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
13. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
14. import org.springframework.security.config.annotation.web.builders.WebSecurity;
15. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
16. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
17. import org.springframework.security.core.userdetails.UserDetailsService;
18. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
19. import org.springframework.security.crypto.password.PasswordEncoder;
20. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
21. import org.springframework.web.servlet.config.annotation.EnableWebMvc;
22.  
23.  
24. @Configuration
25. @EnableWebSecurity
26. @EnableGlobalMethodSecurity(prePostEnabled = true)
27. @EnableResourceServer
28. public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
29.  
30.     @Autowired
31.     CustomAuthProvider customAuthProvider;
32.  
33.     @Autowired
34.     UserDetailsService userDetailsService;
35.  
36.     @Bean
37.     @Override
38.     public UserDetailsService userDetailsService() {
39.         return new CustomUserDetailsService();
40.     }
41.  
42.  
43.     @Override
44.     public void configure(WebSecurity web) throws Exception {
45.         web.ignoring().antMatchers("/webjars/**");
46.         web.ignoring().antMatchers("/css/**","/js/**","/libs/**");
47.     }
48.  
49.     @Override
50.     protected void configure(HttpSecurity http) throws Exception {
51.         http.requestMatchers()
52.                 .antMatchers("/login", "/oauth/authorize", "/code")
53.                 .and()
54.                 .authorizeRequests()
55.                 .anyRequest()
56.                 .authenticated()
57.                 .and()
58.                 .formLogin().loginPage("/login")
59.                 .permitAll();
60.     }
61.  
62.     @Override
63.     @Autowired
64.     protected void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
65.         authenticationManagerBuilder.authenticationProvider(customAuthProvider).userDetailsService(userDetailsService);
66.     }
67.  
68.     @Override
69.     @Bean
70.     public AuthenticationManager authenticationManagerBean() throws Exception {
71.         return super.authenticationManager();
72.     }
73.  
74. }