diff --git a/spring-cloud-modules/spring-cloud-security/auth-client/pom.xml b/spring-cloud-modules/spring-cloud-security/auth-client/pom.xml
index 1ec56ce9ef..e8a0a1666e 100644
--- a/spring-cloud-modules/spring-cloud-security/auth-client/pom.xml
+++ b/spring-cloud-modules/spring-cloud-security/auth-client/pom.xml
@@ -65,6 +65,10 @@
org.springframework.security.oauth.boot
spring-security-oauth2-autoconfigure
+
+ org.springframework.security
+ spring-security-oauth2-client
+
diff --git a/spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java b/spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java
index 217edb22fb..33cac65b11 100644
--- a/spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java
+++ b/spring-cloud-modules/spring-cloud-security/auth-client/src/main/java/com/baeldung/config/SiteSecurityConfigurer.java
@@ -1,27 +1,26 @@
package com.baeldung.config;
-import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.client.ClientHttpRequestInterceptor;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.oauth2.client.OAuth2ClientContext;
-import org.springframework.security.oauth2.client.OAuth2RestOperations;
-import org.springframework.security.oauth2.client.OAuth2RestTemplate;
-import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
+import org.springframework.web.client.RestOperations;
@EnableZuulProxy
@Configuration
-@EnableOAuth2Sso
-public class SiteSecurityConfigurer
- extends
- WebSecurityConfigurerAdapter {
+public class SiteSecurityConfigurer {
- @Override
- protected void configure(HttpSecurity http)
- throws Exception {
+ @Bean
+ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/", "/webjars/**")
@@ -34,16 +33,23 @@ public class SiteSecurityConfigurer
.permitAll()
.and()
.csrf()
- .csrfTokenRepository(
- CookieCsrfTokenRepository
- .withHttpOnlyFalse());
+ .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
+ .and()
+ .oauth2Login();
+ return http.build();
}
@Bean
- public OAuth2RestOperations restOperations(
- OAuth2ProtectedResourceDetails resource,
- OAuth2ClientContext context) {
- return new OAuth2RestTemplate(resource, context);
+ public RestOperations restTemplate(OAuth2AuthorizedClientService clientService) {
+ return new RestTemplateBuilder().interceptors((ClientHttpRequestInterceptor) (httpRequest, bytes, execution) -> {
+ OAuth2AuthenticationToken token = OAuth2AuthenticationToken.class.cast(SecurityContextHolder.getContext()
+ .getAuthentication());
+ OAuth2AuthorizedClient client = clientService.loadAuthorizedClient(token.getAuthorizedClientRegistrationId(), token.getName());
+ httpRequest.getHeaders()
+ .add(HttpHeaders.AUTHORIZATION, "Bearer " + client.getAccessToken()
+ .getTokenValue());
+ return execution.execute(httpRequest, bytes);
+ })
+ .build();
}
-
}
diff --git a/spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml b/spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml
index 69617555d9..f3aae6bef0 100644
--- a/spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml
+++ b/spring-cloud-modules/spring-cloud-security/auth-client/src/main/resources/application.yml
@@ -6,15 +6,21 @@ server:
context-path: /
# Configure the Authorization Server and User Info Resource Server details
-security:
- oauth2:
- client:
- accessTokenUri: http://localhost:7070/authserver/oauth/token
- userAuthorizationUri: http://localhost:7070/authserver/oauth/authorize
- clientId: authserver
- clientSecret: passwordforauthserver
- resource:
- userInfoUri: http://localhost:9000/user
+spring:
+ security:
+ oauth2:
+ client:
+ registration:
+ baeldung:
+ client-id: authserver
+ client-secret: passwordforauthserver
+ authorization-grant-type: authorization_code
+ redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
+ provider:
+ baeldung:
+ token-uri: http://localhost:7070/authserver/oauth/token
+ authorization-uri: http://localhost:7070/authserver/oauth/authorize
+ user-info-uri: http://localhost:9000/user
person:
url: http://localhost:9000/person