Created
May 22, 2019 21:14
-
-
Save jasondlee/c5895f1e67b146ba079d1f846d4ee18d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfiguration.java b/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfiguration.java | |
| index 7b2f1afd..b40e0dee 100644 | |
| --- a/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfiguration.java | |
| +++ b/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfiguration.java | |
| @@ -18,6 +18,7 @@ package io.micronaut.security.oauth2.configuration; | |
| import io.micronaut.core.util.Toggleable; | |
| import javax.annotation.Nonnull; | |
| +import java.util.Optional; | |
| /** | |
| * OAuth 2.0 Configuration | |
| @@ -40,6 +41,16 @@ public interface OauthConfiguration extends Toggleable { | |
| @Nonnull | |
| String getCallbackUri(); | |
| + /** | |
| + * @return the default authorization provider | |
| + */ | |
| + Optional<String> getDefaultProvider(); | |
| + | |
| + /** | |
| + * @return Redirect to authentication provider for an unauthorized request | |
| + */ | |
| + boolean getUnauthorizedRedirect(); | |
| + | |
| /** | |
| * | |
| * @return OpenID Connect Configuration | |
| diff --git a/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfigurationProperties.java b/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfigurationProperties.java | |
| index 822ef16c..80441df8 100644 | |
| --- a/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfigurationProperties.java | |
| +++ b/security-oauth2/src/main/java/io/micronaut/security/oauth2/configuration/OauthConfigurationProperties.java | |
| @@ -23,6 +23,7 @@ import io.micronaut.security.config.SecurityConfigurationProperties; | |
| import io.micronaut.security.oauth2.configuration.endpoints.EndSessionConfiguration; | |
| import javax.annotation.Nonnull; | |
| +import javax.annotation.Nullable; | |
| import java.util.Optional; | |
| /** | |
| @@ -42,14 +43,16 @@ public class OauthConfigurationProperties implements OauthConfiguration { | |
| */ | |
| @SuppressWarnings("WeakerAccess") | |
| public static final boolean DEFAULT_ENABLED = false; | |
| - private static final String DEFAULT_LOGIN = "/oauth/login/{provider}"; | |
| - private static final String DEFAULT_CALLBACK = "/oauth/callback/{provider}"; | |
| + private static final String DEFAULT_LOGIN = "/oauth/login{/provider}"; | |
| + private static final String DEFAULT_CALLBACK = "/oauth/callback{/provider}"; | |
| private boolean enabled = DEFAULT_ENABLED; | |
| private String callbackUri = DEFAULT_CALLBACK; | |
| private String loginUri = DEFAULT_LOGIN; | |
| + private String defaultProvider = null; | |
| private OpenIdConfigurationProperties openid = new OpenIdConfigurationProperties(); | |
| + private boolean unauthorizedRedirect = false; | |
| @Override | |
| public boolean isEnabled() { | |
| @@ -87,6 +90,34 @@ public class OauthConfigurationProperties implements OauthConfiguration { | |
| return callbackUri; | |
| } | |
| + /** | |
| + * The default authentication provider for an OAuth 2.0 authorication code grant flow. | |
| + * @return | |
| + */ | |
| + public void setDefaultProvider(String defaultProvider) { | |
| + this.defaultProvider = defaultProvider; | |
| + } | |
| + | |
| + | |
| + @Override | |
| + @Nullable | |
| + public Optional<String> getDefaultProvider() { | |
| + return Optional.ofNullable(defaultProvider); | |
| + } | |
| + | |
| + /** | |
| + * | |
| + * @param unauthorizedRedirect | |
| + */ | |
| + public void setUnauthorizedRedirect(boolean unauthorizedRedirect) { | |
| + this.unauthorizedRedirect = unauthorizedRedirect; | |
| + } | |
| + | |
| + @Override | |
| + public boolean getUnauthorizedRedirect() { | |
| + return unauthorizedRedirect; | |
| + } | |
| + | |
| /** | |
| * The URI template that OAuth 2.0 providers can use to | |
| * submit an authorization callback request. Default value ({@value #DEFAULT_CALLBACK}). | |
| diff --git a/security-oauth2/src/main/java/io/micronaut/security/oauth2/routes/OauthRouteBuilder.java b/security-oauth2/src/main/java/io/micronaut/security/oauth2/routes/OauthRouteBuilder.java | |
| index 7d0b2e44..e6c02ed5 100644 | |
| --- a/security-oauth2/src/main/java/io/micronaut/security/oauth2/routes/OauthRouteBuilder.java | |
| +++ b/security-oauth2/src/main/java/io/micronaut/security/oauth2/routes/OauthRouteBuilder.java | |
| @@ -80,6 +80,7 @@ class OauthRouteBuilder extends DefaultRouteBuilder { | |
| controllerList.forEach((controller) -> { | |
| OauthClient client = controller.getClient(); | |
| String name = client.getName(); | |
| + boolean isDefaultProvider = oauthConfiguration.getDefaultProvider().filter(provider -> provider.equals(name)).isPresent(); | |
| BeanDefinition<OauthController> bd = beanContext.getBeanDefinition(OauthController.class, Qualifiers.byName(name)); | |
| @@ -89,6 +90,13 @@ class OauthRouteBuilder extends DefaultRouteBuilder { | |
| LOG.debug("Registering login route [GET: {}] for oauth configuration [{}]", loginPath, name); | |
| } | |
| buildRoute(HttpMethod.GET, loginPath, ExecutionHandle.of(controller, m)); | |
| + if (isDefaultProvider) { | |
| + final String defaultLoginPath = oauthRouteUrlBuilder.buildLoginUri(null).getPath(); | |
| + if (LOG.isDebugEnabled()) { | |
| + LOG.debug("Registering default login route [GET: {}] for oauth configuration [{}]", defaultLoginPath, name); | |
| + } | |
| + buildRoute(HttpMethod.GET, defaultLoginPath, ExecutionHandle.of(controller, m)); | |
| + } | |
| }); | |
| bd.findMethod("callback", HttpRequest.class).ifPresent(m -> { | |
| @@ -100,6 +108,16 @@ class OauthRouteBuilder extends DefaultRouteBuilder { | |
| } | |
| buildRoute(HttpMethod.GET, callbackPath, executionHandle); | |
| buildRoute(HttpMethod.POST, callbackPath, executionHandle).consumes(MediaType.APPLICATION_FORM_URLENCODED_TYPE); | |
| + | |
| + if (isDefaultProvider) { | |
| + final String defaultCallbackPath = oauthRouteUrlBuilder.buildCallbackUri(null).getPath(); | |
| + if (LOG.isDebugEnabled()) { | |
| + LOG.debug("Registering default callback route [GET: {}] for oauth configuration [{}]", defaultCallbackPath, name); | |
| + LOG.debug("Registering default callback route [POST: {}] for oauth configuration [{}]", defaultCallbackPath, name); | |
| + } | |
| + buildRoute(HttpMethod.GET, defaultCallbackPath, executionHandle); | |
| + buildRoute(HttpMethod.POST, defaultCallbackPath, executionHandle).consumes(MediaType.APPLICATION_FORM_URLENCODED_TYPE); | |
| + } | |
| }); | |
| if (client instanceof OpenIdClient) { | |
| diff --git a/security-oauth2/src/main/java/io/micronaut/security/oauth2/url/DefaultOauthRouteUrlBuilder.java b/security-oauth2/src/main/java/io/micronaut/security/oauth2/url/DefaultOauthRouteUrlBuilder.java | |
| index db0f9471..45fa6038 100644 | |
| --- a/security-oauth2/src/main/java/io/micronaut/security/oauth2/url/DefaultOauthRouteUrlBuilder.java | |
| +++ b/security-oauth2/src/main/java/io/micronaut/security/oauth2/url/DefaultOauthRouteUrlBuilder.java | |
| @@ -66,7 +66,7 @@ public class DefaultOauthRouteUrlBuilder implements OauthRouteUrlBuilder { | |
| } | |
| @Override | |
| - public URI buildLoginUri(String providerName) { | |
| + public URI buildLoginUri(@Nullable String providerName) { | |
| try { | |
| return new URI(getPath(loginUriTemplate, providerName)); | |
| } catch (URISyntaxException e) { | |
| @@ -75,7 +75,7 @@ public class DefaultOauthRouteUrlBuilder implements OauthRouteUrlBuilder { | |
| } | |
| @Override | |
| - public URI buildCallbackUri(String providerName) { | |
| + public URI buildCallbackUri(@Nullable String providerName) { | |
| try { | |
| return new URI(getPath(callbackUriTemplate, providerName)); | |
| } catch (URISyntaxException e) { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment