From 77915f83175aad34e4c22df1dd78427b9530a72b Mon Sep 17 00:00:00 2001
From: tom <liquidme@uneedcomm.com>
Date: Thu, 16 May 2019 15:28:26 +0900
Subject: [PATCH] authorization server

---
 .../config/AuthServerConfig.java              | 94 +++++++++++++++++++
 .../domain/client/Client.java                 |  4 +
 .../src/main/resources/application.properties |  1 +
 3 files changed, 99 insertions(+)
 create mode 100644 authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/client/Client.java

diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java
index a03dfed..57bc680 100644
--- a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java
@@ -1,7 +1,101 @@
 package io.bluemoon.authorizationserver.config;
 
+import io.bluemoon.authorizationserver.service.user.CustomUserDetailsServiceImpl;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.ClientDetailsService;
+import org.springframework.security.oauth2.provider.approval.ApprovalStore;
+import org.springframework.security.oauth2.provider.approval.JdbcApprovalStore;
+import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
+import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
+import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
 
+import javax.sql.DataSource;
+
+@Configuration
+@EnableAuthorizationServer
 public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
 
+    private AuthorizationCodeServices authorizationCodeServices;
+    private ApprovalStore approvalStore;
+    private ClientDetailsService clientDetailsService;
+    private AuthenticationManager authenticationManager;
+    private DataSource dataSource;
+    private CustomUserDetailsServiceImpl customUserDetailsService;
+
+    public AuthServerConfig(
+            ClientDetailsService clientDetailsService,
+            AuthenticationManager authenticationManager,
+            DataSource dataSource,
+            CustomUserDetailsServiceImpl customUserDetailsService,
+            AuthorizationCodeServices authorizationCodeServices,
+            ApprovalStore approvalStore
+    ) {
+        this.clientDetailsService = clientDetailsService;
+        this.authenticationManager = authenticationManager;
+        this.dataSource = dataSource;
+        this.customUserDetailsService = customUserDetailsService;
+        this.authorizationCodeServices = authorizationCodeServices;
+        this.approvalStore = approvalStore;
+    }
+
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
+        // auth server에 대한 설정
+//        security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
+//        properties 로 해결 가능
+        super.configure(security);
+    }
+
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+        // OAuth2 서버가 작동하기 위한 Endpoint에 대한 정보를 설정
+        endpoints
+                // authentication
+                .authenticationManager(authenticationManager)
+                // jdbc token processing
+                .tokenStore(jdbcTokenStore(dataSource))
+                // refresh token
+                .userDetailsService(customUserDetailsService)
+                // approval store
+                .approvalStore(jdbcApprovalStore(dataSource))
+                // code service
+                .authorizationCodeServices(jdbcAuthorizationCodeServices(dataSource));
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        // client 에 대한 설정
+        clients.withClientDetails(clientDetailsService);
+    }
+
+    @Bean
+    public TokenStore jdbcTokenStore(DataSource dataSource) {
+        return new JdbcTokenStore(dataSource);
+    }
+
+    @Bean
+    @Primary
+    public JdbcClientDetailsService jdbcClientDetailsService(DataSource dataSource) {
+        return new JdbcClientDetailsService(dataSource);
+    }
+
+    @Bean
+    public AuthorizationCodeServices jdbcAuthorizationCodeServices(DataSource dataSource) {
+        return new JdbcAuthorizationCodeServices(dataSource);
+    }
+
+    @Bean
+    public ApprovalStore jdbcApprovalStore(DataSource dataSource) {
+        return new JdbcApprovalStore(dataSource);
+    }
 }
diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/client/Client.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/client/Client.java
new file mode 100644
index 0000000..8a5748e
--- /dev/null
+++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/client/Client.java
@@ -0,0 +1,4 @@
+package io.bluemoon.authorizationserver.domain.client;
+
+public class Client {
+}
diff --git a/authorization-server/src/main/resources/application.properties b/authorization-server/src/main/resources/application.properties
index 8b13789..7972f08 100644
--- a/authorization-server/src/main/resources/application.properties
+++ b/authorization-server/src/main/resources/application.properties
@@ -1 +1,2 @@
 
+security.oauth2.authorization.check-token-access=isAuthenticated()
\ No newline at end of file