Commit 2a582f6fc8488591e1b7570c92744e84a6253b27

Authored by Geoffrey PREUD'HOMME
1 parent 0e498f62

Recopie de l'exemple d'OAuth

Sauf qu'en fait c'est pour authentifier une application avec une autre.
Boulet !
src/main/java/etunicorn/CustomUserDetailsService.java
... ... @@ -3,13 +3,16 @@ package etunicorn;
3 3 import org.springframework.beans.factory.annotation.Autowired;
4 4 import org.springframework.security.core.GrantedAuthority;
5 5 import org.springframework.security.core.userdetails.UserDetails;
  6 +import org.springframework.security.core.userdetails.UserDetailsService;
6 7 import org.springframework.security.core.userdetails.UsernameNotFoundException;
  8 +import org.springframework.stereotype.Service;
7 9  
8 10 import java.util.Collection;
9 11  
10 12 /**
11 13 * Created by geoffrey on 29/01/17.
12 14 */
  15 +@Service
13 16 public class CustomUserDetailsService implements UserDetailsService {
14 17  
15 18 private final PersonneRepository personneRepository;
... ... @@ -20,7 +23,7 @@ public class CustomUserDetailsService implements UserDetailsService {
20 23 }
21 24  
22 25 @Override
23   - public UserDetails loadByUsername(String login) throws UsernameNotFoundException {
  26 + public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException {
24 27 Personne personne = personneRepository.findByLogin(login);
25 28 if (personne == null) {
26 29 throw new UsernameNotFoundException(String.format("L'utilisateur %s n'existe pas !", login));
... ...
src/main/java/etunicorn/OAuth2ServerConfiguration.java 0 → 100644
... ... @@ -0,0 +1,87 @@
  1 +package etunicorn;
  2 +
  3 +import org.springframework.beans.factory.annotation.Autowired;
  4 +import org.springframework.beans.factory.annotation.Qualifier;
  5 +import org.springframework.context.annotation.Bean;
  6 +import org.springframework.context.annotation.Configuration;
  7 +import org.springframework.context.annotation.Primary;
  8 +import org.springframework.security.authentication.AuthenticationManager;
  9 +import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  10 +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
  11 +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
  12 +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
  13 +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
  14 +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
  15 +import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
  16 +import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
  17 +import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
  18 +import org.springframework.security.oauth2.provider.token.TokenStore;
  19 +import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
  20 +
  21 +/**
  22 + * Created by geoffrey on 29/01/17.
  23 + */
  24 +@Configuration
  25 +public class OAuth2ServerConfiguration {
  26 + private static final String RESOURCE_ID = "etunicornservice";
  27 +
  28 + @Configuration
  29 + @EnableResourceServer
  30 + protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
  31 +
  32 + @Override
  33 + public void configure(ResourceServerSecurityConfigurer resources) {
  34 + resources.resourceId(RESOURCE_ID);
  35 + }
  36 +
  37 + @Override
  38 + public void configure(HttpSecurity http) throws Exception {
  39 + http.authorizeRequests()
  40 + .antMatchers("/personne").authenticated();
  41 + }
  42 + }
  43 +
  44 + @Configuration
  45 + @EnableAuthorizationServer
  46 + protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
  47 +
  48 + private TokenStore tokenStore = new InMemoryTokenStore();
  49 +
  50 + @Autowired
  51 + @Qualifier("authenticationManagerBean")
  52 + private AuthenticationManager authenticationManager;
  53 +
  54 + @Autowired
  55 + private CustomUserDetailsService userDetailsService;
  56 +
  57 + @Override
  58 + public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
  59 + clients
  60 + .inMemory()
  61 + .withClient("clientapp")
  62 + .authorizedGrantTypes("password", "refresh_token")
  63 + .authorities("USER")
  64 + .scopes("read", "write")
  65 + .resourceIds(RESOURCE_ID)
  66 + .secret("123456");
  67 + }
  68 +
  69 + @Override
  70 + public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
  71 + endpoints
  72 + .tokenStore(this.tokenStore)
  73 + .authenticationManager(this.authenticationManager)
  74 + .userDetailsService(userDetailsService);
  75 + }
  76 +
  77 + @Bean
  78 + @Primary
  79 + public DefaultTokenServices tokenServices() {
  80 + DefaultTokenServices tokenServices = new DefaultTokenServices();
  81 + tokenServices.setSupportRefreshToken(true);
  82 + tokenServices.setTokenStore(this.tokenStore);
  83 + return tokenServices;
  84 + }
  85 + }
  86 +
  87 +}
... ...
src/main/java/etunicorn/PersonneController.java
... ... @@ -5,16 +5,11 @@ import org.springframework.http.HttpStatus;
5 5 import org.springframework.http.ResponseEntity;
6 6 import org.springframework.web.bind.annotation.PathVariable;
7 7 import org.springframework.web.bind.annotation.RequestParam;
8   -import org.springframework.web.bind.annotation.ResponseBody;
9 8 import org.springframework.web.bind.annotation.RestController;
10 9  
11 10 import java.math.BigDecimal;
12   -import java.text.DateFormat;
13   -import java.text.ParseException;
14   -import java.text.SimpleDateFormat;
15 11 import java.util.Date;
16 12 import java.util.List;
17   -import java.util.Locale;
18 13  
19 14 /**
20 15 * Created by geoffrey on 28/01/17.
... ...
src/main/java/etunicorn/UserDetailsService.java deleted
... ... @@ -1,11 +0,0 @@
1   -package etunicorn;
2   -
3   -import org.springframework.security.core.userdetails.UserDetails;
4   -import org.springframework.security.core.userdetails.UsernameNotFoundException;
5   -
6   -/**
7   - * Created by geoffrey on 29/01/17.
8   - */
9   -public interface UserDetailsService {
10   - UserDetails loadByUsername(String s) throws UsernameNotFoundException;
11   -}
src/main/java/etunicorn/WebSecurityConfiguration.java
... ... @@ -25,8 +25,8 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
25 25  
26 26 @Override
27 27 @Bean
28   - public AuthenticationManager authenticationManager() throws Exception {
29   - return super.authenticationManager();
  28 + public AuthenticationManager authenticationManagerBean() throws Exception {
  29 + return super.authenticationManagerBean();
30 30 }
31 31  
32 32  
... ...
src/main/main.iml
... ... @@ -27,5 +27,6 @@
27 27 <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.22" level="project" />
28 28 <orderEntry type="library" name="Maven: org.springframework.security:spring-security-core:4.1.4.RELEASE" level="project" />
29 29 <orderEntry type="library" name="Maven: org.springframework.security:spring-security-config:4.1.4.RELEASE" level="project" />
  30 + <orderEntry type="library" name="Maven: org.springframework.security.oauth:spring-security-oauth2:2.0.12.RELEASE" level="project" />
30 31 </component>
31 32 </module>
32 33 \ No newline at end of file
... ...