From 2a582f6fc8488591e1b7570c92744e84a6253b27 Mon Sep 17 00:00:00 2001 From: Geoffrey Frogeye Date: Sun, 29 Jan 2017 18:13:50 +0100 Subject: [PATCH] Recopie de l'exemple d'OAuth --- src/main/java/etunicorn/CustomUserDetailsService.java | 5 ++++- src/main/java/etunicorn/OAuth2ServerConfiguration.java | 87 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/main/java/etunicorn/PersonneController.java | 5 ----- src/main/java/etunicorn/UserDetailsService.java | 11 ----------- src/main/java/etunicorn/WebSecurityConfiguration.java | 4 ++-- src/main/main.iml | 1 + 6 files changed, 94 insertions(+), 19 deletions(-) create mode 100644 src/main/java/etunicorn/OAuth2ServerConfiguration.java delete mode 100644 src/main/java/etunicorn/UserDetailsService.java diff --git a/src/main/java/etunicorn/CustomUserDetailsService.java b/src/main/java/etunicorn/CustomUserDetailsService.java index e9e6c4f..d89234d 100644 --- a/src/main/java/etunicorn/CustomUserDetailsService.java +++ b/src/main/java/etunicorn/CustomUserDetailsService.java @@ -3,13 +3,16 @@ package etunicorn; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; import java.util.Collection; /** * Created by geoffrey on 29/01/17. */ +@Service public class CustomUserDetailsService implements UserDetailsService { private final PersonneRepository personneRepository; @@ -20,7 +23,7 @@ public class CustomUserDetailsService implements UserDetailsService { } @Override - public UserDetails loadByUsername(String login) throws UsernameNotFoundException { + public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException { Personne personne = personneRepository.findByLogin(login); if (personne == null) { throw new UsernameNotFoundException(String.format("L'utilisateur %s n'existe pas !", login)); diff --git a/src/main/java/etunicorn/OAuth2ServerConfiguration.java b/src/main/java/etunicorn/OAuth2ServerConfiguration.java new file mode 100644 index 0000000..e7dc93e --- /dev/null +++ b/src/main/java/etunicorn/OAuth2ServerConfiguration.java @@ -0,0 +1,87 @@ +package etunicorn; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Qualifier; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; +import org.springframework.security.oauth2.provider.token.DefaultTokenServices; +import org.springframework.security.oauth2.provider.token.TokenStore; +import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; + +/** + * Created by geoffrey on 29/01/17. + */ +@Configuration +public class OAuth2ServerConfiguration { + private static final String RESOURCE_ID = "etunicornservice"; + + @Configuration + @EnableResourceServer + protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter { + + @Override + public void configure(ResourceServerSecurityConfigurer resources) { + resources.resourceId(RESOURCE_ID); + } + + @Override + public void configure(HttpSecurity http) throws Exception { + http.authorizeRequests() + .antMatchers("/personne").authenticated(); + } + } + + @Configuration + @EnableAuthorizationServer + protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter { + + private TokenStore tokenStore = new InMemoryTokenStore(); + + @Autowired + @Qualifier("authenticationManagerBean") + private AuthenticationManager authenticationManager; + + @Autowired + private CustomUserDetailsService userDetailsService; + + @Override + public void configure(ClientDetailsServiceConfigurer clients) throws Exception { + clients + .inMemory() + .withClient("clientapp") + .authorizedGrantTypes("password", "refresh_token") + .authorities("USER") + .scopes("read", "write") + .resourceIds(RESOURCE_ID) + .secret("123456"); + } + + @Override + public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { + endpoints + .tokenStore(this.tokenStore) + .authenticationManager(this.authenticationManager) + .userDetailsService(userDetailsService); + } + + @Bean + @Primary + public DefaultTokenServices tokenServices() { + DefaultTokenServices tokenServices = new DefaultTokenServices(); + tokenServices.setSupportRefreshToken(true); + tokenServices.setTokenStore(this.tokenStore); + return tokenServices; + } + } + +} diff --git a/src/main/java/etunicorn/PersonneController.java b/src/main/java/etunicorn/PersonneController.java index f4f41ae..92cda94 100644 --- a/src/main/java/etunicorn/PersonneController.java +++ b/src/main/java/etunicorn/PersonneController.java @@ -5,16 +5,11 @@ import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; import java.math.BigDecimal; -import java.text.DateFormat; -import java.text.ParseException; -import java.text.SimpleDateFormat; import java.util.Date; import java.util.List; -import java.util.Locale; /** * Created by geoffrey on 28/01/17. diff --git a/src/main/java/etunicorn/UserDetailsService.java b/src/main/java/etunicorn/UserDetailsService.java deleted file mode 100644 index 36242f7..0000000 --- a/src/main/java/etunicorn/UserDetailsService.java +++ /dev/null @@ -1,11 +0,0 @@ -package etunicorn; - -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UsernameNotFoundException; - -/** - * Created by geoffrey on 29/01/17. - */ -public interface UserDetailsService { - UserDetails loadByUsername(String s) throws UsernameNotFoundException; -} diff --git a/src/main/java/etunicorn/WebSecurityConfiguration.java b/src/main/java/etunicorn/WebSecurityConfiguration.java index a8f0da9..7b16e58 100644 --- a/src/main/java/etunicorn/WebSecurityConfiguration.java +++ b/src/main/java/etunicorn/WebSecurityConfiguration.java @@ -25,8 +25,8 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter { @Override @Bean - public AuthenticationManager authenticationManager() throws Exception { - return super.authenticationManager(); + public AuthenticationManager authenticationManagerBean() throws Exception { + return super.authenticationManagerBean(); } diff --git a/src/main/main.iml b/src/main/main.iml index a7741cb..eccadbc 100644 --- a/src/main/main.iml +++ b/src/main/main.iml @@ -27,5 +27,6 @@ + \ No newline at end of file -- libgit2 0.21.2