-
-
Save houssemzaier/b2db81c519d3d83df2d5 to your computer and use it in GitHub Desktop.
Auth0 Spring Boot Java Config
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.example | |
| import groovy.util.logging.Slf4j | |
| import org.springframework.boot.SpringApplication | |
| import org.springframework.boot.autoconfigure.EnableAutoConfiguration | |
| import org.springframework.context.ApplicationContext | |
| import org.springframework.context.annotation.ComponentScan | |
| import org.springframework.context.annotation.Configuration | |
| import org.springframework.context.annotation.Import | |
| import org.springframework.web.servlet.config.annotation.EnableWebMvc | |
| @Configuration | |
| @EnableAutoConfiguration | |
| @ComponentScan(['com.example', 'com.auth0']) | |
| @EnableWebMvc | |
| @Import([SecurityConfig.class]) | |
| @Slf4j | |
| public class Application { | |
| public static void main(String[] args) { | |
| ApplicationContext ctx = SpringApplication.run(Application.class, args); | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| buildscript { | |
| repositories { | |
| mavenCentral() | |
| maven { url 'http://repo.spring.io/milestone' } | |
| } | |
| dependencies { | |
| classpath("org.springframework.boot:spring-boot-gradle-plugin:1.2.0.M2") | |
| } | |
| } | |
| apply plugin: 'groovy' | |
| apply plugin: 'spring-boot' | |
| repositories { | |
| mavenCentral() | |
| maven { url 'http://repo.spring.io/milestone' } | |
| } | |
| dependencies { | |
| compile 'org.codehaus.groovy:groovy-all:2.3.7' | |
| compile "org.springframework.hateoas:spring-hateoas" | |
| compile "org.springframework.boot:spring-boot-starter-web:1.2.0.M2" | |
| compile "org.springframework.boot:spring-boot-starter-actuator" | |
| compile "org.springframework.boot:spring-boot-starter-data-jpa" | |
| compile "org.springframework.boot:spring-boot-starter-data-rest" | |
| compile('com.auth0:spring-security-auth0:0.2'){ | |
| exclude group: 'log4j' | |
| exclude group: 'javax.servlet' | |
| } | |
| compile 'org.slf4j:log4j-over-slf4j:1.7.7' | |
| compile 'com.h2database:h2:1.3.170' | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.example | |
| import com.auth0.spring.security.auth0.Auth0AuthenticationEntryPoint | |
| import com.auth0.spring.security.auth0.Auth0AuthenticationFilter | |
| import com.auth0.spring.security.auth0.Auth0AuthenticationProvider | |
| import org.springframework.beans.factory.annotation.Autowired | |
| import org.springframework.context.annotation.Bean | |
| import org.springframework.context.annotation.Configuration | |
| import org.springframework.core.env.Environment | |
| import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder | |
| import org.springframework.security.config.annotation.web.builders.HttpSecurity | |
| import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity | |
| import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter | |
| import org.springframework.security.web.context.SecurityContextPersistenceFilter | |
| @Configuration | |
| @EnableWebSecurity(debug = true) | |
| public class SecurityConfig extends WebSecurityConfigurerAdapter { | |
| @Autowired | |
| Environment env; | |
| @Bean(name = 'auth0EntryPoint') | |
| public Auth0AuthenticationEntryPoint auth0AuthenticationEntryPoint() { | |
| return new Auth0AuthenticationEntryPoint(); | |
| } | |
| @Bean(name = 'auth0Filter') | |
| public Auth0AuthenticationFilter auth0AuthenticationFilter(Auth0AuthenticationEntryPoint entryPoint) { | |
| def filter = new Auth0AuthenticationFilter() | |
| filter.setEntryPoint(entryPoint) | |
| return filter; | |
| } | |
| @Bean(name = 'auth0AuthenticationProvider') | |
| public Auth0AuthenticationProvider auth0AuthenticationProvider(){ | |
| def provider = new Auth0AuthenticationProvider() | |
| provider.setClientSecret(env.getRequiredProperty('auth0.clientSecret')) | |
| provider.setClientId(env.getRequiredProperty('auth0.clientId')) | |
| provider.setSecuredRoute(env.getRequiredProperty('auth0.securedRoute')) | |
| return provider; | |
| } | |
| @Autowired | |
| public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { | |
| auth.authenticationProvider(auth0AuthenticationProvider()) | |
| } | |
| @Bean | |
| SimpleCORSFilter simpleCORSFilter() { | |
| return new SimpleCORSFilter(); | |
| } | |
| @Override | |
| protected void configure(HttpSecurity http) throws Exception { | |
| http | |
| .csrf().disable() | |
| .addFilterAfter(auth0AuthenticationFilter(auth0AuthenticationEntryPoint()), SecurityContextPersistenceFilter.class) | |
| .addFilterBefore(simpleCORSFilter(), Auth0AuthenticationFilter.class) | |
| .antMatcher("/**") | |
| .authorizeRequests() | |
| .antMatchers(env.getRequiredProperty('auth0.securedRoute')).authenticated() | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment