Oauth2 with Spring Boot

2020-01-12 23:12:55 -08:00
parent fc80382bb5
commit 8afe837179
5 changed files with 205 additions and 0 deletions
--- a/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/controller/CustomerController.java
+++ b/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/controller/CustomerController.java
@@ -0,0 +1,27 @@
+package com.javadevjournal.controller;
+
+import com.javadevjournal.data.CustomerData;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/api/customers")
+public class CustomerController {
+
+    @GetMapping("/customer/{userId}")
+    public CustomerData getCustomerProfile(@PathVariable("userId") String userId) {
+        return getCustomer(userId);
+    }
+
+    private CustomerData getCustomer(final String userId) {
+        CustomerData customer = new CustomerData();
+        customer.setEmail("contact-us@javadevjournal.com");
+        customer.setFirstName("Demo");
+        customer.setLastName("User");
+        customer.setAge(21);
+        customer.setId(userId);
+        return customer;
+    }
+}
--- a/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/data/CustomerData.java
+++ b/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/data/CustomerData.java
@@ -0,0 +1,61 @@
+package com.javadevjournal.data;
+
+public class CustomerData {
+
+    private String firstName;
+    private String lastName;
+    private int age;
+    private String email;
+    private String id;
+
+    public CustomerData() {
+    }
+
+    public CustomerData(String firstName, String lastName, int age, String email, String id) {
+        this.firstName = firstName;
+        this.lastName = lastName;
+        this.age = age;
+        this.email = email;
+        this.id = id;
+    }
+
+    public String getFirstName() {
+        return firstName;
+    }
+
+    public void setFirstName(String firstName) {
+        this.firstName = firstName;
+    }
+
+    public String getLastName() {
+        return lastName;
+    }
+
+    public void setLastName(String lastName) {
+        this.lastName = lastName;
+    }
+
+    public int getAge() {
+        return age;
+    }
+
+    public void setAge(int age) {
+        this.age = age;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+}
--- a/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/oauth2/OAuth2AuthServerConfiguration.java
+++ b/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/oauth2/OAuth2AuthServerConfiguration.java
@@ -0,0 +1,54 @@
+package com.javadevjournal.oauth2;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+
+@Configuration
+@EnableAuthorizationServer
+public class OAuth2AuthServerConfiguration extends AuthorizationServerConfigurerAdapter {
+
+    @Value("${user.oauth.clientId}")
+    private String clientID;
+
+    @Value("${user.oauth.clientSecret}")
+    private String clientSecret;
+
+    @Value("${user.oauth.redirectUris}")
+    private String redirectURLs;
+
+    @Value("${user.oauth.accessTokenValidity}")
+    private int accessTokenValidity;
+
+    @Value("${user.oauth.refreshTokenValidity}")
+    private int refreshTokenValidity;
+
+    @Autowired
+    private BCryptPasswordEncoder passwordEncoder;
+
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
+        oauthServer.tokenKeyAccess("permitAll()")
+                .checkTokenAccess("isAuthenticated()")
+                .allowFormAuthenticationForClients();
+        ;
+    }
+
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients
+                .inMemory()
+                .withClient(clientID)
+                .secret(passwordEncoder.encode(clientSecret))
+                .authorizedGrantTypes("password", "authorization_code", "refresh_token")
+                .scopes("user_info")
+                .authorities("READ_ONLY_CLIENT")
+                .redirectUris(redirectURLs)
+                .accessTokenValiditySeconds(accessTokenValidity)
+                .refreshTokenValiditySeconds(refreshTokenValidity);
+    }
+}
--- a/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/oauth2/OAuth2ResourceServerConfig.java
+++ b/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/oauth2/OAuth2ResourceServerConfig.java
@@ -0,0 +1,18 @@
+package com.javadevjournal.oauth2;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
+@Configuration
+public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                .antMatchers("/").permitAll()
+                .antMatchers("/api/**").authenticated();
+
+    }
+}
--- a/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/oauth2/OauthSecurityConfiguration.java
+++ b/Spring-Boot/spring-boot-auth-server/src/main/java/com/javadevjournal/oauth2/OauthSecurityConfiguration.java
@@ -0,0 +1,45 @@
+package com.javadevjournal.oauth2;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+@Order(1)
+public class OauthSecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Value("${user.oauth.user.username}")
+    private String username;
+
+    @Value("${user.oauth.user.password}")
+    private String password;
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .requestMatchers()
+                .antMatchers("/oauth/authorize**", "/login**", "/error**")
+                .and()
+                .authorizeRequests()
+                .anyRequest().authenticated()
+                .and()
+                .formLogin().permitAll();
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth
+                .inMemoryAuthentication()
+                .withUser(username).password(passwordEncoder().encode(password)).roles("USER");
+    }
+
+    @Bean
+    public BCryptPasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}