Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- private static String REALM="ALTEGIX_REALM";
- private static final int ONE_DAY = 60 * 60 * 24;
- private static final int THIRTY_DAYS = 60 * 60 * 24 * 30;
- @Autowired
- private TokenStore tokenStore;
- @Autowired
- private AltegixUserDetailsService altegixUsersDetailsService;
- @Autowired
- private UserApprovalHandler userApprovalHandler;
- @Autowired
- @Qualifier("authenticationManagerBean")
- private AuthenticationManager authenticationManager;
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.inMemory()
- .withClient("xxxx")
- .secret("xxxxx")
- .authorizedGrantTypes("password", "refresh_token")
- .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT")
- .scopes("read", "write", "trust")
- //.accessTokenValiditySeconds(ONE_DAY)
- .accessTokenValiditySeconds(300)
- .refreshTokenValiditySeconds(THIRTY_DAYS);
- }
- @Override
- public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.tokenStore(tokenStore).userApprovalHandler(userApprovalHandler)
- .authenticationManager(authenticationManager)
- .userDetailsService(altegixUsersDetailsService);
- }
- @Override
- public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
- oauthServer.realm(REALM);
- }
- }
- @Configuration
- @EnableGlobalMethodSecurity(prePostEnabled = true)
- public class MethodSecurityConfig extends GlobalMethodSecurityConfiguration {
- @Override
- protected MethodSecurityExpressionHandler createExpressionHandler() {
- return new OAuth2MethodSecurityExpressionHandler();
- }
- }
- @Configuration
- @EnableResourceServer
- public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
- @Override
- public void configure(HttpSecurity http) throws Exception {
- http.
- anonymous().disable()
- .requestMatchers().antMatchers("/**")
- .and().authorizeRequests().anyRequest().authenticated()
- .and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
- }
- }
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- private ClientDetailsService clientDetailsService;
- @Autowired
- private AltegixUserDetailsService altegixUsersDetailsService;
- @Override
- protected void configure(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(altegixUsersDetailsService)
- .passwordEncoder(passwordEncoder());
- }
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
- /*@Autowired
- public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
- auth.inMemoryAuthentication()
- .withUser("admin").password("incarta165").roles("ADMIN","USER").and()
- .withUser("user").password("pegasus").roles("USER");
- }
- */
- @Override
- @Order(Ordered.HIGHEST_PRECEDENCE)
- protected void configure(HttpSecurity http) throws Exception {
- http
- .sessionManagement()
- .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
- .and()
- .csrf().disable()
- .authorizeRequests()
- .antMatchers("/about").permitAll()
- .antMatchers("/signup").permitAll()
- .antMatchers("/oauth/token").permitAll()
- //.antMatchers("/api/**").authenticated()
- //.antMatchers("/api/**").hasRole("USER")
- .anyRequest().authenticated()
- .and()
- .httpBasic()
- .realmName("ALTEGIX_REALM");
- }
- @Override
- @Bean
- public AuthenticationManager authenticationManagerBean() throws Exception {
- return super.authenticationManagerBean();
- }
- @Bean
- public TokenStore tokenStore() {
- return new InMemoryTokenStore();
- }
- @Bean
- @Autowired
- public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore){
- TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
- handler.setTokenStore(tokenStore);
- handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
- handler.setClientDetailsService(clientDetailsService);
- return handler;
- }
- @Bean
- @Autowired
- public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
- TokenApprovalStore store = new TokenApprovalStore();
- store.setTokenStore(tokenStore);
- return store;
- }
- }
Add Comment
Please, Sign In to add comment