authorization server
This commit is contained in:
tom
@@ -1,7 +1,101 @@
|
|||||||
package io.bluemoon.authorizationserver.config;
|
package io.bluemoon.authorizationserver.config;
|
||||||
|
|
||||||
|
import io.bluemoon.authorizationserver.service.user.CustomUserDetailsServiceImpl;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.context.annotation.Primary;
|
||||||
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
||||||
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
||||||
|
import org.springframework.security.oauth2.provider.approval.ApprovalStore;
|
||||||
|
import org.springframework.security.oauth2.provider.approval.JdbcApprovalStore;
|
||||||
|
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
||||||
|
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
|
||||||
|
|
||||||
|
import javax.sql.DataSource;
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@EnableAuthorizationServer
|
||||||
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
|
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
|
||||||
|
|
||||||
|
private AuthorizationCodeServices authorizationCodeServices;
|
||||||
|
private ApprovalStore approvalStore;
|
||||||
|
private ClientDetailsService clientDetailsService;
|
||||||
|
private AuthenticationManager authenticationManager;
|
||||||
|
private DataSource dataSource;
|
||||||
|
private CustomUserDetailsServiceImpl customUserDetailsService;
|
||||||
|
|
||||||
|
public AuthServerConfig(
|
||||||
|
ClientDetailsService clientDetailsService,
|
||||||
|
AuthenticationManager authenticationManager,
|
||||||
|
DataSource dataSource,
|
||||||
|
CustomUserDetailsServiceImpl customUserDetailsService,
|
||||||
|
AuthorizationCodeServices authorizationCodeServices,
|
||||||
|
ApprovalStore approvalStore
|
||||||
|
) {
|
||||||
|
this.clientDetailsService = clientDetailsService;
|
||||||
|
this.authenticationManager = authenticationManager;
|
||||||
|
this.dataSource = dataSource;
|
||||||
|
this.customUserDetailsService = customUserDetailsService;
|
||||||
|
this.authorizationCodeServices = authorizationCodeServices;
|
||||||
|
this.approvalStore = approvalStore;
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
|
||||||
|
// auth server에 대한 설정
|
||||||
|
// security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
|
||||||
|
// properties 로 해결 가능
|
||||||
|
super.configure(security);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
|
||||||
|
// OAuth2 서버가 작동하기 위한 Endpoint에 대한 정보를 설정
|
||||||
|
endpoints
|
||||||
|
// authentication
|
||||||
|
.authenticationManager(authenticationManager)
|
||||||
|
// jdbc token processing
|
||||||
|
.tokenStore(jdbcTokenStore(dataSource))
|
||||||
|
// refresh token
|
||||||
|
.userDetailsService(customUserDetailsService)
|
||||||
|
// approval store
|
||||||
|
.approvalStore(jdbcApprovalStore(dataSource))
|
||||||
|
// code service
|
||||||
|
.authorizationCodeServices(jdbcAuthorizationCodeServices(dataSource));
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
||||||
|
// client 에 대한 설정
|
||||||
|
clients.withClientDetails(clientDetailsService);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public TokenStore jdbcTokenStore(DataSource dataSource) {
|
||||||
|
return new JdbcTokenStore(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
@Primary
|
||||||
|
public JdbcClientDetailsService jdbcClientDetailsService(DataSource dataSource) {
|
||||||
|
return new JdbcClientDetailsService(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public AuthorizationCodeServices jdbcAuthorizationCodeServices(DataSource dataSource) {
|
||||||
|
return new JdbcAuthorizationCodeServices(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public ApprovalStore jdbcApprovalStore(DataSource dataSource) {
|
||||||
|
return new JdbcApprovalStore(dataSource);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -0,0 +1,4 @@
|
|||||||
|
package io.bluemoon.authorizationserver.domain.client;
|
||||||
|
|
||||||
|
public class Client {
|
||||||
|
}
|
||||||
@@ -1 +1,2 @@
|
|||||||
|
|
||||||
|
security.oauth2.authorization.check-token-access=isAuthenticated()
|
||||||
Reference in New Issue
Block a user