· 8 years ago · Apr 03, 2017, 10:54 PM
1@Configuration
2@EnableOAuth2Client
3public class FormAndOAuthSecurityConfiguration extends WebSecurityConfigurerAdapter {
4
5 private final OAuth2ClientContext oauth2ClientContext;
6 private final SecurityBeansConfiguration beansConfiguration;
7
8 @Autowired
9 public FormAndOAuthSecurityConfiguration(OAuth2ClientContext oauth2ClientContext, SecurityBeansConfiguration beansConfiguration) {
10 this.oauth2ClientContext = oauth2ClientContext;
11 this.beansConfiguration = beansConfiguration;
12 }
13
14 @Override
15 protected void configure(HttpSecurity http) throws Exception {
16 http
17 .formLogin()
18// .loginPage("/login")
19
20 .and()
21 .authorizeRequests()
22 .antMatchers("/", "/login**").permitAll()
23 .anyRequest().authenticated()
24
25 .and().exceptionHandling()
26
27 .and().logout()
28 .logoutSuccessUrl("/").permitAll()
29
30 .and().csrf()
31 .csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
32
33 .and()
34 .addFilterAfter(oAuthCompositeFilter(), UsernamePasswordAuthenticationFilter.class);
35 }
36
37 private Filter oAuthCompositeFilter() {
38 CompositeFilter filter = new CompositeFilter();
39 List<Filter> filters = new ArrayList<>();
40 filters.add(oAuthSingleFilter(beansConfiguration.facebook(), "/login/facebook"));
41 //todo add other social networks
42 filter.setFilters(filters);
43 return filter;
44 }
45
46
47 private Filter oAuthSingleFilter(OAuthProperties client, String path) {
48 OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationFilter =
49 new OAuth2ClientAuthenticationProcessingFilter(path);
50
51 OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(client.getClient(), oauth2ClientContext);
52 oAuth2ClientAuthenticationFilter.setRestTemplate(oAuth2RestTemplate);
53
54 UserInfoTokenServices tokenServices = new UserInfoTokenServices(client.getResource().getUserInfoUri(),
55 client.getClient().getClientId());
56
57 tokenServices.setRestTemplate(oAuth2RestTemplate);
58 oAuth2ClientAuthenticationFilter.setTokenServices(tokenServices);
59
60 return oAuth2ClientAuthenticationFilter;
61 }
62
63}
64
65@Configuration
66public class SecurityBeansConfiguration {
67
68 @Bean
69 public FilterRegistrationBean oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) {
70 FilterRegistrationBean registration = new FilterRegistrationBean();
71 registration.setFilter(filter);
72 registration.setOrder(-100);
73 return registration;
74 }
75
76 @Bean
77 @ConfigurationProperties("facebook")
78 public OAuthProperties facebook() {
79 return new OAuthProperties();
80 }
81
82 @Bean
83 public PasswordEncoder passwordEncoder() {
84 return new BCryptPasswordEncoder();
85 }
86
87}
88
89
90public class OAuthProperties {
91
92 @NestedConfigurationProperty
93 private AuthorizationCodeResourceDetails client = new AuthorizationCodeResourceDetails();
94
95 @NestedConfigurationProperty
96 private ResourceServerProperties resource = new ResourceServerProperties();
97
98 public AuthorizationCodeResourceDetails getClient() {
99 return client;
100 }
101
102 public ResourceServerProperties getResource() {
103 return resource;
104 }
105
106}
107
108spring:
109 datasource:
110 url: jdbc:postgresql://localhost:5432/name_of_database
111 username: user
112 password: pass
113 session:
114 store-type: redis
115
116security:
117 sessions: if_required
118
119facebook:
120 client:
121 clientId: paste here your fb-app id
122 clientSecret: paste here your fb-app secret
123 accessTokenUri: https://graph.facebook.com/oauth/access_token
124 userAuthorizationUri: https://www.facebook.com/dialog/oauth
125 tokenName: oauth_token
126 authenticationScheme: query
127 clientAuthenticationScheme: form
128 resource:
129 userInfoUri: https://graph.facebook.com/me?fields=name,email