Back to master

samples/boot/oauth2-integration/authorizationserver/spring-security-samples-boot-oauth2-integrated-authorizationserver.gradle

@@ -1,12 +1,7 @@
 apply plugin: 'io.spring.convention.spring-sample-boot'
 
-springBoot {
-	mainClass = 'sample.OAuth2AuthorizationServerApplication'
-}
-
 dependencies {
 	compile 'org.springframework.boot:spring-boot-starter-web'
 	compile 'org.springframework.boot:spring-boot-starter-security'
-	compile 'org.springframework.boot:spring-boot-starter-oauth2-resource-server'
 	compile project(':spring-security-oauth2-authorization-server')
 }

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/Customizer.java

@@ -1,14 +0,0 @@
-package sample;
-
-import org.springframework.boot.web.server.WebServerFactoryCustomizer;
-import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-@Configuration
-public class Customizer {
-	@Bean
-	WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> portCustomizer() {
-		return factory -> factory.setPort(1234);
-	}
-}

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/Main.java

@@ -1,24 +0,0 @@
-package sample;
-
-import org.springframework.boot.builder.SpringApplicationBuilder;
-import org.springframework.context.ConfigurableApplicationContext;
-import sample.resourceserver.ResourceServerApplication;
-
-public class Main {
-
-	public static void main(String[] args) throws InterruptedException {
-		ConfigurableApplicationContext authz = new SpringApplicationBuilder(OAuth2AuthorizationServerApplication.class)
-				.application()
-				.run();
-		ConfigurableApplicationContext resource = new SpringApplicationBuilder(ResourceServerApplication.class)
-				.application()
-				.run();
-
-		Thread.sleep(5000);
-		System.out.println("STOP ! Hammertime.");
-
-		authz.stop();
-		resource.stop();
-		System.out.println("bye");
-	}
-}

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/OAuth2AuthorizationServerApplication.java

@@ -15,35 +15,18 @@
  */
 package sample;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.boot.builder.SpringApplicationBuilder;
-import sample.resourceserver.ResourceServerApplication;
 
 /**
  * @author Joe Grandja
  * @since 0.0.1
  */
-@SpringBootApplication(scanBasePackages = {"sample.config"})
+@SpringBootApplication
 public class OAuth2AuthorizationServerApplication {
 
-	private final Logger logger = LoggerFactory.getLogger(OAuth2AuthorizationServerApplication.class);
-//	private Thread resourceServerThread;
-
 	public static void main(String[] args) {
 		SpringApplication.run(OAuth2AuthorizationServerApplication.class, args);
 	}
 
-//	@Override
-//	public void run(String... args) {
-//		logger.info("Hello 🥰🥳");
-//		resourceServerThread = new Thread(
-//				() -> SpringApplication.run(ResourceServerApplication.class, new String[]{})
-//		);
-//		resourceServerThread.start();
-//		logger.info("Running 🏃👟‍");
-//	}
 }

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/DefaultSecurityConfig.java

@@ -38,8 +38,7 @@ public class DefaultSecurityConfig {
 	SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
 		http
 			.authorizeRequests(authorizeRequests ->
-				authorizeRequests
-						.anyRequest().authenticated()
+				authorizeRequests.anyRequest().authenticated()
 			)
 			.formLogin(withDefaults());
 		return http.build();

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/resourceserver/ResourceServerApplication.java

@@ -1,14 +0,0 @@
-package sample.resourceserver;
-
-import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.boot.autoconfigure.admin.SpringApplicationAdminJmxAutoConfiguration;
-
-// Quick work-around for JMX: otherwise, both apps try to register with MBeanServer
-// using the same default name, "org.springframework.boot:type=Admin,name=SpringApplication"
-@SpringBootApplication(exclude = {SpringApplicationAdminJmxAutoConfiguration.class})
-public class ResourceServerApplication {
-	public static void main(String[] args) {
-		SpringApplication.run(ResourceServerApplication.class, args);
-	}
-}

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/resourceserver/config/ResourceServerConfig.java

@@ -1,56 +0,0 @@
-/*
- * Copyright 2020 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.resourceserver.config;
-
-import org.springframework.boot.web.server.WebServerFactoryCustomizer;
-import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
-import org.springframework.context.annotation.Bean;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
-import org.springframework.security.web.SecurityFilterChain;
-
-import static org.springframework.security.config.Customizer.withDefaults;
-
-/**
- * @author Joe Grandja
- * @since 0.1.0
- */
-@EnableWebSecurity
-public class ResourceServerConfig {
-
-	// formatter:off
-	@Bean
-	SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-		http
-				.mvcMatcher("/messages/**")
-				.authorizeRequests()
-				.mvcMatchers("/messages/**").access("hasAuthority('SCOPE_message.read')")
-				.and()
-				.oauth2ResourceServer()
-				.jwt();
-		return http.build();
-	}
-	// formatter:on
-
-	@Bean
-	WebServerFactoryCustomizer<ConfigurableServletWebServerFactory> portCustomizer() {
-		return factory -> factory.setPort(8090);
-	}
-}

samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/resourceserver/web/MessagesController.java

@@ -1,32 +0,0 @@
-/*
- * Copyright 2020 the original author or authors.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      https://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package sample.resourceserver.web;
-
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RestController;
-
-/**
- * @author Joe Grandja
- * @since 0.0.1
- */
-@RestController
-public class MessagesController {
-
-	@GetMapping("/messages")
-	public String[] getMessages() {
-		return new String[] {"Message 1", "Message 2", "Message 3"};
-	}
-}

samples/boot/oauth2-integration/authorizationserver/src/main/resources/application.yml

@@ -8,10 +8,3 @@ logging:
     org.springframework.security: INFO
     org.springframework.security.oauth2: INFO
 #    org.springframework.boot.autoconfigure: DEBUG
-
-spring:
-  security:
-    oauth2:
-      resourceserver:
-        jwt:
-          jwk-set-uri: http://auth-server:9000/oauth2/jwks