JAVA-13856 Create new security-modules (#12622)

security-modules/oauth2-framework-impl/oauth2-resource-server/pom.xml

@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
+    xmlns="http://maven.apache.org/POM/4.0.0">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>oauth2-resource-server</artifactId>
+    <name>oauth2-resource-server</name>
+    <packaging>war</packaging>
+
+    <parent>
+        <groupId>com.baeldung.oauth2</groupId>
+        <artifactId>oauth2-framework-impl</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.eclipse.microprofile.jwt</groupId>
+            <artifactId>microprofile-jwt-auth-api</artifactId>
+            <version>${microprofile-jwt-auth-api.version}</version>
+            <scope>provided</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>net.wasdev.wlp.maven.plugins</groupId>
+                <artifactId>liberty-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+    <properties>
+        <httpPort>9280</httpPort>
+        <httpsPort>8643</httpsPort>
+        <jwt.issuer>http://localhost:9080</jwt.issuer>
+        <jwt.resourceId>http://localhost:9280</jwt.resourceId>
+        <microprofile-jwt-auth-api.version>1.1</microprofile-jwt-auth-api.version>
+    </properties>
+
+</project>

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/java/com/baeldung/oauth2/resource/server/OAuth2ResourceServerApplication.java

@@ -0,0 +1,13 @@
+package com.baeldung.oauth2.resource.server;
+
+import org.eclipse.microprofile.auth.LoginConfig;
+
+import javax.annotation.security.DeclareRoles;
+import javax.ws.rs.ApplicationPath;
+import javax.ws.rs.core.Application;
+
+@ApplicationPath("/api")
+@DeclareRoles({"resource.read", "resource.write"})
+@LoginConfig(authMethod = "MP-JWT")
+public class OAuth2ResourceServerApplication extends Application {
+}

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/java/com/baeldung/oauth2/resource/server/secure/ProtectedResource.java

@@ -0,0 +1,38 @@
+package com.baeldung.oauth2.resource.server.secure;
+
+import org.eclipse.microprofile.jwt.JsonWebToken;
+
+import javax.annotation.security.RolesAllowed;
+import javax.enterprise.context.RequestScoped;
+import javax.inject.Inject;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.core.Response;
+import java.util.UUID;
+
+@Path("/resource")
+@RequestScoped
+public class ProtectedResource {
+
+    @Inject
+    private JsonWebToken principal;
+
+    @GET
+    @RolesAllowed("resource.read")
+    @Path("/read")
+    public Response read() {
+        //DoStaff
+        return Response.ok("Hello, " + principal.getName()).build();
+    }
+
+    @POST
+    @RolesAllowed("resource.write")
+    @Path("/write")
+    public Response write() {
+        //DoStaff
+        return Response.ok("Hello, " + principal.getName())
+                .header("location", UUID.randomUUID().toString())
+                .build();
+    }
+}

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/liberty/config/server.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<server description="${project.artifactId}">
+
+    <featureManager>
+        <feature>localConnector-1.0</feature>
+        <feature>cdi-2.0</feature>
+        <feature>jaxrs-2.1</feature>
+        <feature>jsonp-1.1</feature>
+        <feature>mpConfig-1.3</feature>
+        <feature>mpJwt-1.1</feature>
+    </featureManager>
+
+    <httpEndpoint id="defaultHttpEndpoint" httpPort="${httpPort}" httpsPort="${httpsPort}"/>
+    <mpJwt id="mpJwt123" audiences="${jwt.resourceId}"/>
+
+    <applicationManager autoExpand="true"/>
+    <applicationMonitor updateTrigger="mbean"/>
+    <application type="war" location="${project.build.finalName}.war" context-root="/"/>
+
+</server>

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/resources/META-INF/microprofile-config.properties

@@ -0,0 +1,2 @@
+mp.jwt.verify.publickey.location=/META-INF/public-key.pem
+mp.jwt.verify.issuer=http://localhost:9080

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/resources/META-INF/public-key.pem

@@ -0,0 +1,9 @@
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Is1Mr8GOqjHdGZGD8z/
+Zi0yTknM1vFrQG44a4MZOSzkSI3Hb/2gdQQMwxDgl+FAvkW7PWMGnpCL1u3S/7es
+T87AO/vbTLdu06lMV4oFhBUBu98P1mxFcwhtPSB6hu2bY2+mhi/vKX3Lvki7zrV1
+q3LRzW69+QWAucgUGqLPWx/py2G4dhX/npq6YOysKHorOjGOkYGSC/5cbd23mbdT
+UISxLwfbel6EpMi0Cko0/zgvFzmuDmCODnzkhahFBKfvHSnt7L2W0FDSXyinoce/
+McdK38B/ogbBSpB3b7dWR7SDb2HnQHxq3Oa1p3rLp8zluzijAIiFwCUkQK5/SL+f
+3wIDAQAB
+-----END PUBLIC KEY-----

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/webapp/WEB-INF/beans.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://xmlns.jcp.org/xml/ns/javaee"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd"
+       bean-discovery-mode="all">
+</beans>

security-modules/oauth2-framework-impl/oauth2-resource-server/src/main/webapp/index.html

@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Eclipse MicroProfile demo</title>
+</head>
+<body>
+
+<h2>MicroProfile</h2>
+
+<a href="data/hello" target="_blank" >Hello JAX-RS endpoint</a> <br/>
+
+
+<h3>Config</h3>
+<a href="data/config/injected" target="_blank" >Injected config values</a> <br/>
+<a href="data/config/lookup" target="_blank" >Config values by lookup</a> <br/>
+
+
+
+
+
+
+
+
+
+<h3>JWT Auth</h3>
+Look at readme.md on how to test protected endpoint.
+
+
+
+
+
+
+
+
+</body>
+</html>