Skip to content

Instantly share code, notes, and snippets.

@codecitizen

codecitizen/AuthorizationServerConfig.java

Created January 10, 2017 13:59
Show Gist options
  • Save codecitizen/8d130469d83439f5fca86b1a84733aab to your computer and use it in GitHub Desktop.
Save codecitizen/8d130469d83439f5fca86b1a84733aab to your computer and use it in GitHub Desktop.
Download ZIP
Buggy OAuth2 Spring Security Authorization Server Configuration
Raw
AuthorizationServerConfig.java
package com.myapp.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
import java.security.KeyPair;
/**
* Configurations for the OAuth2 authorization server.
*
* @since 1.0
* @author amp
*/
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Value("${myapp.security.jwt.keystore.resource}")
private String keystoreResourcePath;
@Value("${myapp.security.jwt.keystore.storepass}")
private String storepass;
@Value("${myapp.security.jwt.keystore.keyname}")
private String keyname;
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Autowired
private MyappClientDetailsService clientDetailsService;
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
KeyPair keyPair = new KeyStoreKeyFactory(
new ClassPathResource(keystoreResourcePath), storepass.toCharArray())
.getKeyPair(keyname);
converter.setKeyPair(keyPair);
return converter;
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.withClientDetails(clientDetailsService);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.accessTokenConverter(jwtAccessTokenConverter());
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer
.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
}
Raw
WebSecurityConfig.java
package com.myapp.security;
import com.myapp.core.domain.PermissionsRepository;
import com.myapp.core.domain.UserRepository;
import com.myapp.core.service.PasswordEncoder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.actuate.autoconfigure.ManagementServerProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
/**
* Configurations for Spring Web Security.
*
* @since 1.0
* @author amp
*/
@Configuration
@Order(ManagementServerProperties.ACCESS_OVERRIDE_ORDER)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(daoAuthenticationProvider());
}
@Bean
public DaoAuthenticationProvider daoAuthenticationProvider() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider.setUserDetailsService(userDetailsService());
provider.setPasswordEncoder(passwordEncoder.getInstance());
return provider;
}
@Autowired
private PasswordEncoder passwordEncoder;
@Bean
public MyappUserDetailsService userDetailsService() {
return new MyappUserDetailsService(userRepository, permissionsRepository);
}
@Autowired
private UserRepository userRepository;
@Autowired
private PermissionsRepository permissionsRepository;
}
@ProtectiveFoxgloveIii
Copy link

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&ved=2ahUKEwit-o3utpL2AhVahHIEHZCdDIwQFnoECAMQAQ&url=https%3A%2F%2Fkzitem.info%2Fnews%2Fevery-star-wars-reference-in-the-venture-bros%2FmaN_s3WifWqjnnY&usg=AOvVaw1nf-Fci10BdL_Qvmrd8CSD

@ProtectiveFoxgloveIii
Copy link

ProtectiveFoxgloveIii commented Feb 22, 2022
edited
Loading

What is it’s your https://gist.github.com/codecitizen/8d130469d83439f5fca86b1a84733aab?permalink_comment_id=4073846#gistcomment-4073846

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment