Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- @Configuration
- @EnableWebSecurity
- @EnableOAuth2Client
- public class SecurityConfig extends WebSecurityConfigurerAdapter
- {
- @Autowired
- private UserDao userDao;
- @Autowired
- private PasswordEncoder passwordEncoder;
- @Autowired
- private AuthProvider authProvider;
- @Autowired
- @Qualifier("oauth2ClientContext")
- private OAuth2ClientContext oAuth2ClientContext;
- @Bean
- PasswordEncoder passwordEncoder()
- {
- return new BCryptPasswordEncoder();
- }
- @Override
- protected void configure(AuthenticationManagerBuilder auth)
- {
- auth.authenticationProvider(authProvider);
- }
- @Override
- protected void configure(HttpSecurity http) throws Exception
- {
- http.addFilterBefore(ssoFilter(), UsernamePasswordAuthenticationFilter.class);
- http
- .csrf().disable()
- .authorizeRequests()
- .antMatchers("/resources/**", "/", "/login**", "/registration", "main").permitAll()
- .anyRequest().authenticated()
- .and().formLogin().loginPage("/login")
- .defaultSuccessUrl("/main").failureUrl("/login?error").permitAll()
- .and().logout().logoutSuccessUrl("/").permitAll();
- }
- @Bean
- public FilterRegistrationBean oAuth2ClientFilterRegistration(OAuth2ClientContextFilter oAuth2ClientContextFilter)
- {
- FilterRegistrationBean registration = new FilterRegistrationBean();
- registration.setFilter(oAuth2ClientContextFilter);
- registration.setOrder(-100);
- return registration;
- }
- private Filter ssoFilter()
- {
- CompositeFilter filter = new CompositeFilter();
- List<Filter> filters = new ArrayList<>();
- filters.add(ssoFilter(google(), "/login/google"));
- filters.add(ssoFilter(discord(), "/login/discord"));
- filters.add(ssoFilter(vk(), "/login/vk"));
- filter.setFilters(filters);
- return filter;
- }
- private Filter ssoFilter(ClientResources client, String path) {
- OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(path);
- OAuth2RestTemplate template = new OAuth2RestTemplate(client.getClient(), oAuth2ClientContext);
- OAuth2AccessTokenSupport authAccessProvider = new AuthorizationCodeAccessTokenProvider();
- AccessTokenProvider accessTokenProvider = new AccessTokenProviderChain(
- Arrays.<AccessTokenProvider> asList((AuthorizationCodeAccessTokenProvider)authAccessProvider)
- );
- template.setAccessTokenProvider(accessTokenProvider);
- ClientHttpRequestFactory requestFactory = new DiscordHttpRequestFactory();
- authAccessProvider.setRequestFactory(requestFactory);
- template.setRequestFactory(requestFactory);
- filter.setRestTemplate(template);
- CustomUserInfoTokenServices tokenServices = new CustomUserInfoTokenServices(
- client.getResource().getUserInfoUri(), client.getClient().getClientId());
- tokenServices.setRestTemplate(template);
- tokenServices.setUserDao(userDao);
- tokenServices.setPasswordEncoder(passwordEncoder);
- filter.setTokenServices(tokenServices);
- return filter;
- }
- class ClientResources {
- @NestedConfigurationProperty
- private AuthorizationCodeResourceDetails client = new AuthorizationCodeResourceDetails();
- @NestedConfigurationProperty
- private ResourceServerProperties resource = new ResourceServerProperties();
- public AuthorizationCodeResourceDetails getClient() {
- return client;
- }
- public ResourceServerProperties getResource() {
- return resource;
- }
- }
- @Bean
- @ConfigurationProperties("google")
- public ClientResources google()
- {
- return new ClientResources();
- }
- @Bean
- @ConfigurationProperties("discord")
- public ClientResources discord()
- {
- return new ClientResources();
- }
- @Bean
- @ConfigurationProperties("vk")
- public ClientResources vk()
- {
- return new ClientResources();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
