74 lines
3.4 KiB
Java
74 lines
3.4 KiB
Java
package com.baeldung.oauth2resttemplate;
|
|
|
|
import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
|
|
import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoTokenServices;
|
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
|
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
|
import org.springframework.context.annotation.Bean;
|
|
import org.springframework.context.annotation.Configuration;
|
|
import org.springframework.core.Ordered;
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
|
import org.springframework.security.oauth2.client.OAuth2ClientContext;
|
|
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
|
|
import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter;
|
|
import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
|
|
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
|
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
|
|
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
|
|
|
|
import javax.servlet.Filter;
|
|
|
|
@Configuration
|
|
@EnableOAuth2Client
|
|
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|
OAuth2ClientContext oauth2ClientContext;
|
|
|
|
public SecurityConfig(OAuth2ClientContext oauth2ClientContext) {
|
|
this.oauth2ClientContext = oauth2ClientContext;
|
|
}
|
|
|
|
@Override
|
|
protected void configure(HttpSecurity http) throws Exception {
|
|
http.authorizeRequests().antMatchers("/", "/login**", "/error**")
|
|
.permitAll().anyRequest().authenticated()
|
|
.and().logout().logoutUrl("/logout").logoutSuccessUrl("/")
|
|
.and().addFilterBefore(oauth2ClientFilter(), BasicAuthenticationFilter.class);
|
|
}
|
|
|
|
@Bean
|
|
public FilterRegistrationBean<OAuth2ClientContextFilter> oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) {
|
|
FilterRegistrationBean<OAuth2ClientContextFilter> registration = new FilterRegistrationBean<>();
|
|
registration.setFilter(filter);
|
|
registration.setOrder(Ordered.HIGHEST_PRECEDENCE + 1);
|
|
return registration;
|
|
}
|
|
|
|
@Bean
|
|
public OAuth2RestTemplate restTemplate() {
|
|
return new OAuth2RestTemplate(githubClient(), oauth2ClientContext);
|
|
}
|
|
|
|
@Bean
|
|
@ConfigurationProperties("github.client")
|
|
public AuthorizationCodeResourceDetails githubClient() {
|
|
return new AuthorizationCodeResourceDetails();
|
|
}
|
|
|
|
private Filter oauth2ClientFilter() {
|
|
OAuth2ClientAuthenticationProcessingFilter oauth2ClientFilter = new OAuth2ClientAuthenticationProcessingFilter("/login/github");
|
|
OAuth2RestTemplate restTemplate = restTemplate();
|
|
oauth2ClientFilter.setRestTemplate(restTemplate);
|
|
UserInfoTokenServices tokenServices = new UserInfoTokenServices(githubResource().getUserInfoUri(), githubClient().getClientId());
|
|
tokenServices.setRestTemplate(restTemplate);
|
|
oauth2ClientFilter.setTokenServices(tokenServices);
|
|
return oauth2ClientFilter;
|
|
}
|
|
|
|
@Bean
|
|
@ConfigurationProperties("github.resource")
|
|
public ResourceServerProperties githubResource() {
|
|
return new ResourceServerProperties();
|
|
}
|
|
}
|