diff --git a/spring-5-security-oauth/pom.xml b/spring-5-security-oauth/pom.xml index 325aacea86..19aaa576c8 100644 --- a/spring-5-security-oauth/pom.xml +++ b/spring-5-security-oauth/pom.xml @@ -32,6 +32,10 @@ org.thymeleaf.extras thymeleaf-extras-springsecurity5 + + org.springframework.boot + spring-boot-starter-jersey + @@ -63,7 +67,7 @@ test - + com.baeldung.oauth2.SpringOAuthApplication diff --git a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyApplication.java b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyApplication.java new file mode 100644 index 0000000000..6388c10bb3 --- /dev/null +++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyApplication.java @@ -0,0 +1,13 @@ +package com.baeldung.jersey; + +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.annotation.PropertySource; + +@SpringBootApplication +@PropertySource("classpath:jersey-application.properties") +public class JerseyApplication { + public static void main(String[] args) { + SpringApplication.run(JerseyApplication.class, args); + } +} diff --git a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyResource.java b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyResource.java new file mode 100644 index 0000000000..8968fefbf4 --- /dev/null +++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/JerseyResource.java @@ -0,0 +1,30 @@ +package com.baeldung.jersey; + +import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; +import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal; + +import javax.ws.rs.GET; +import javax.ws.rs.Path; +import javax.ws.rs.Produces; +import javax.ws.rs.core.Context; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.SecurityContext; + +@Path("/") +public class JerseyResource { + @GET + @Path("login") + @Produces(MediaType.TEXT_HTML) + public String login() { + return "Log in with GitHub"; + } + + @GET + @Produces(MediaType.TEXT_PLAIN) + public String home(@Context SecurityContext securityContext) { + OAuth2AuthenticationToken authenticationToken = (OAuth2AuthenticationToken) securityContext.getUserPrincipal(); + OAuth2AuthenticatedPrincipal authenticatedPrincipal = authenticationToken.getPrincipal(); + String userName = authenticatedPrincipal.getAttribute("login"); + return "Hello " + userName; + } +} diff --git a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/RestConfig.java b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/RestConfig.java new file mode 100644 index 0000000000..306677f261 --- /dev/null +++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/RestConfig.java @@ -0,0 +1,11 @@ +package com.baeldung.jersey; + +import org.glassfish.jersey.server.ResourceConfig; +import org.springframework.stereotype.Component; + +@Component +public class RestConfig extends ResourceConfig { + public RestConfig() { + register(JerseyResource.class); + } +} diff --git a/spring-5-security-oauth/src/main/java/com/baeldung/jersey/SecurityConfig.java b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/SecurityConfig.java new file mode 100644 index 0000000000..5644856695 --- /dev/null +++ b/spring-5-security-oauth/src/main/java/com/baeldung/jersey/SecurityConfig.java @@ -0,0 +1,21 @@ +package com.baeldung.jersey; + +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +@Configuration +public class SecurityConfig extends WebSecurityConfigurerAdapter { + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .antMatchers("/login") + .permitAll() + .anyRequest() + .authenticated() + .and() + .oauth2Login() + .loginPage("/login"); + } +} diff --git a/spring-5-security-oauth/src/main/resources/jersey-application.properties b/spring-5-security-oauth/src/main/resources/jersey-application.properties new file mode 100644 index 0000000000..516b24eb67 --- /dev/null +++ b/spring-5-security-oauth/src/main/resources/jersey-application.properties @@ -0,0 +1,3 @@ +server.port=8083 +spring.security.oauth2.client.registration.github.client-id= +spring.security.oauth2.client.registration.github.client-secret= \ No newline at end of file diff --git a/spring-5-security-oauth/src/test/java/com/baeldung/jersey/JerseyResourceUnitTest.java b/spring-5-security-oauth/src/test/java/com/baeldung/jersey/JerseyResourceUnitTest.java new file mode 100644 index 0000000000..e6cc3be213 --- /dev/null +++ b/spring-5-security-oauth/src/test/java/com/baeldung/jersey/JerseyResourceUnitTest.java @@ -0,0 +1,72 @@ +package com.baeldung.jersey; + +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.boot.test.web.client.TestRestTemplate; +import org.springframework.boot.web.server.LocalServerPort; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringRunner; + +import java.net.URI; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.RANDOM_PORT; +import static org.springframework.http.MediaType.TEXT_HTML; + +@RunWith(SpringRunner.class) +@SpringBootTest(webEnvironment = RANDOM_PORT) +@TestPropertySource(properties = "spring.security.oauth2.client.registration.github.client-id:test-id") +public class JerseyResourceUnitTest { + @Autowired + private TestRestTemplate restTemplate; + + @LocalServerPort + private int port; + + private String basePath; + + @Before + public void setup() { + basePath = "http://localhost:" + port + "/"; + } + + @Test + public void whenUserIsUnauthenticated_thenTheyAreRedirectedToLoginPage() { + ResponseEntity response = restTemplate.getForEntity(basePath, Object.class); + assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FOUND); + assertThat(response.getBody()).isNull(); + + URI redirectLocation = response.getHeaders().getLocation(); + assertThat(redirectLocation).isNotNull(); + assertThat(redirectLocation.toString()).isEqualTo(basePath + "login"); + } + + @Test + public void whenUserAttemptsToLogin_thenAuthorizationPathIsReturned() { + ResponseEntity response = restTemplate.getForEntity(basePath + "login", String.class); + assertThat(response.getHeaders().getContentType()).isEqualTo(TEXT_HTML); + assertThat(response.getBody()).isEqualTo("Log in with GitHub"); + } + + @Test + public void whenUserAccessesAuthorizationEndpoint_thenTheyAresRedirectedToProvider() { + ResponseEntity response = restTemplate.getForEntity(basePath + "oauth2/authorization/github", String.class); + assertThat(response.getStatusCode()).isEqualTo(HttpStatus.FOUND); + assertThat(response.getBody()).isNull(); + + URI redirectLocation = response.getHeaders().getLocation(); + assertThat(redirectLocation).isNotNull(); + assertThat(redirectLocation.getHost()).isEqualTo("github.com"); + assertThat(redirectLocation.getPath()).isEqualTo("/login/oauth/authorize"); + + String redirectionQuery = redirectLocation.getQuery(); + assertThat(redirectionQuery.contains("response_type=code")); + assertThat(redirectionQuery.contains("client_id=test-id")); + assertThat(redirectionQuery.contains("scope=read:user")); + } +}