· 7 years ago · Apr 21, 2018, 07:20 PM
1@SpringBootApplication
2@RestController
3@EnableOAuth2Client
4@EnableAuthorizationServer
5@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
6public class SocialApplication extends WebSecurityConfigurerAdapter {
7
8 @Autowired
9 OAuth2ClientContext oauth2ClientContext;
10
11 @RequestMapping({ "/user", "/me" })
12 public Principal user(Principal principal) {
13 return principal;
14 }
15
16 @Override
17 protected void configure(HttpSecurity http) throws Exception {
18 // @formatter:off
19 http.antMatcher("/**").authorizeRequests().antMatchers("/", "/login**", "/webjars/**").permitAll().anyRequest()
20 .authenticated().and().exceptionHandling()
21 .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/")).and().logout()
22 .logoutSuccessUrl("/").permitAll().and().csrf().disable()
23 /*.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()*/
24 .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
25 // @formatter:on
26 }
27
28 @Configuration
29 @EnableResourceServer
30 protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
31 @Override
32 public void configure(HttpSecurity http) throws Exception {
33 // @formatter:off
34 http.antMatcher("/me").authorizeRequests().anyRequest().authenticated();
35 // @formatter:on
36 }
37 }
38
39 public static void main(String[] args) {
40 SpringApplication.run(SocialApplication.class, args);
41 }
42
43 @Bean
44 public FilterRegistrationBean oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) {
45 FilterRegistrationBean registration = new FilterRegistrationBean();
46 registration.setFilter(filter);
47 registration.setOrder(-100);
48 return registration;
49 }
50
51 @Bean
52 @ConfigurationProperties("github")
53 public ClientResources github() {
54 return new ClientResources();
55 }
56
57 @Bean
58 @ConfigurationProperties("facebook")
59 public ClientResources facebook() {
60 return new ClientResources();
61 }
62
63 private Filter ssoFilter() {
64 CompositeFilter filter = new CompositeFilter();
65 List<Filter> filters = new ArrayList<>();
66 filters.add(ssoFilter(facebook(), "/login/facebook"));
67 filters.add(ssoFilter(github(), "/login/github"));
68 filter.setFilters(filters);
69 return filter;
70 }
71
72 private Filter ssoFilter(ClientResources client, String path) {
73 OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(
74 path);
75 OAuth2RestTemplate template = new OAuth2RestTemplate(client.getClient(), oauth2ClientContext);
76 filter.setRestTemplate(template);
77 UserInfoTokenServices tokenServices = new UserInfoTokenServices(
78 client.getResource().getUserInfoUri(), client.getClient().getClientId());
79 tokenServices.setRestTemplate(template);
80 filter.setTokenServices(tokenServices);
81 return filter;
82 }
83
84}
85
86class ClientResources {
87
88 @NestedConfigurationProperty
89 private AuthorizationCodeResourceDetails client = new AuthorizationCodeResourceDetails();
90
91 @NestedConfigurationProperty
92 private ResourceServerProperties resource = new ResourceServerProperties();
93
94 public AuthorizationCodeResourceDetails getClient() {
95 return client;
96 }
97
98 public ResourceServerProperties getResource() {
99 return resource;
100 }
101}
102
103//////////////application.yml
104
105server:
106 port: 8443
107 context-path: /ui
108 session:
109 cookie:
110 name: UISESSION
111 ssl:
112 key-store: classpath:sample.jks
113 key-password: password
114 key-store-password: secret
115
116facebook:
117 client:
118 clientId: 769097176628650
119 clientSecret: 725a09f352b335d10bbaddd49d4dd52a
120 accessTokenUri: https://graph.facebook.com/oauth/access_token
121 userAuthorizationUri: https://www.facebook.com/dialog/oauth
122 tokenName: oauth_token
123 authenticationScheme: query
124 clientAuthenticationScheme: form
125 resource:
126 userInfoUri: https://graph.facebook.com/me
127
128logging:
129 level:
130 org.springframework.security: DEBUG