Browse Source
Shows how to use @EnableResourceServer in a pure resource server and configure the secure paths.pull/4335/head
Dave Syer
10 years ago
11 changed files with 403 additions and 2 deletions
@ -0,0 +1,57 @@
@@ -0,0 +1,57 @@
|
||||
/* |
||||
* Copyright 2012-2015 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
|
||||
package org.springframework.boot.autoconfigure.security.oauth2.authserver; |
||||
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties; |
||||
|
||||
/** |
||||
* @author Dave Syer |
||||
*/ |
||||
@ConfigurationProperties("security.oauth2.authorization") |
||||
public class AuthorizationServerProperties { |
||||
|
||||
private String checkTokenAccess; |
||||
|
||||
private String tokenKeyAccess; |
||||
|
||||
private String realm; |
||||
|
||||
public String getCheckTokenAccess() { |
||||
return this.checkTokenAccess; |
||||
} |
||||
|
||||
public void setCheckTokenAccess(String checkTokenAccess) { |
||||
this.checkTokenAccess = checkTokenAccess; |
||||
} |
||||
|
||||
public String getTokenKeyAccess() { |
||||
return this.tokenKeyAccess; |
||||
} |
||||
|
||||
public void setTokenKeyAccess(String tokenKeyAccess) { |
||||
this.tokenKeyAccess = tokenKeyAccess; |
||||
} |
||||
|
||||
public String getRealm() { |
||||
return this.realm; |
||||
} |
||||
|
||||
public void setRealm(String realm) { |
||||
this.realm = realm; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,56 @@
@@ -0,0 +1,56 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?> |
||||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> |
||||
<modelVersion>4.0.0</modelVersion> |
||||
<parent> |
||||
<!-- Your own application should inherit from spring-boot-starter-parent --> |
||||
<groupId>org.springframework.boot</groupId> |
||||
<artifactId>spring-boot-samples</artifactId> |
||||
<version>1.3.0.BUILD-SNAPSHOT</version> |
||||
</parent> |
||||
<artifactId>spring-boot-sample-secure-oauth2-resource</artifactId> |
||||
<name>spring-boot-sample-secure-oauth2-resource</name> |
||||
<description>Spring Boot Security OAuth2 Sample</description> |
||||
<url>http://projects.spring.io/spring-boot/</url> |
||||
<organization> |
||||
<name>Pivotal Software, Inc.</name> |
||||
<url>http://www.spring.io</url> |
||||
</organization> |
||||
<properties> |
||||
<main.basedir>${basedir}/../..</main.basedir> |
||||
</properties> |
||||
<dependencies> |
||||
<dependency> |
||||
<groupId>org.springframework.boot</groupId> |
||||
<artifactId>spring-boot-starter-security</artifactId> |
||||
</dependency> |
||||
<dependency> |
||||
<groupId>org.springframework.boot</groupId> |
||||
<artifactId>spring-boot-starter-data-jpa</artifactId> |
||||
</dependency> |
||||
<dependency> |
||||
<groupId>org.springframework.boot</groupId> |
||||
<artifactId>spring-boot-starter-data-rest</artifactId> |
||||
</dependency> |
||||
<dependency> |
||||
<groupId>com.h2database</groupId> |
||||
<artifactId>h2</artifactId> |
||||
</dependency> |
||||
<dependency> |
||||
<groupId>org.springframework.security.oauth</groupId> |
||||
<artifactId>spring-security-oauth2</artifactId> |
||||
</dependency> |
||||
<dependency> |
||||
<groupId>org.springframework.boot</groupId> |
||||
<artifactId>spring-boot-starter-test</artifactId> |
||||
<scope>test</scope> |
||||
</dependency> |
||||
</dependencies> |
||||
<build> |
||||
<plugins> |
||||
<plugin> |
||||
<groupId>org.springframework.boot</groupId> |
||||
<artifactId>spring-boot-maven-plugin</artifactId> |
||||
</plugin> |
||||
</plugins> |
||||
</build> |
||||
</project> |
||||
@ -0,0 +1,110 @@
@@ -0,0 +1,110 @@
|
||||
/* |
||||
* Copyright 2012-2015 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
|
||||
package sample.secure.oauth2; |
||||
|
||||
import java.util.Date; |
||||
|
||||
import javax.persistence.Entity; |
||||
import javax.persistence.GeneratedValue; |
||||
import javax.persistence.GenerationType; |
||||
import javax.persistence.Id; |
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties; |
||||
|
||||
/** |
||||
* Domain object for tracking flights |
||||
* |
||||
* @author Craig Walls |
||||
* @author Greg Turnquist |
||||
*/ |
||||
@Entity |
||||
@JsonIgnoreProperties(ignoreUnknown = true) |
||||
public class Flight { |
||||
|
||||
@Id |
||||
@GeneratedValue(strategy = GenerationType.AUTO) |
||||
private Long id; |
||||
|
||||
private String origin; |
||||
|
||||
private String destination; |
||||
|
||||
private String airline; |
||||
|
||||
private String flightNumber; |
||||
|
||||
private Date date; |
||||
|
||||
private String traveler; |
||||
|
||||
public Long getId() { |
||||
return this.id; |
||||
} |
||||
|
||||
public void setId(Long id) { |
||||
this.id = id; |
||||
} |
||||
|
||||
public String getOrigin() { |
||||
return this.origin; |
||||
} |
||||
|
||||
public void setOrigin(String origin) { |
||||
this.origin = origin; |
||||
} |
||||
|
||||
public String getDestination() { |
||||
return this.destination; |
||||
} |
||||
|
||||
public void setDestination(String destination) { |
||||
this.destination = destination; |
||||
} |
||||
|
||||
public String getAirline() { |
||||
return this.airline; |
||||
} |
||||
|
||||
public void setAirline(String airline) { |
||||
this.airline = airline; |
||||
} |
||||
|
||||
public String getFlightNumber() { |
||||
return this.flightNumber; |
||||
} |
||||
|
||||
public void setFlightNumber(String flightNumber) { |
||||
this.flightNumber = flightNumber; |
||||
} |
||||
|
||||
public Date getDate() { |
||||
return this.date; |
||||
} |
||||
|
||||
public void setDate(Date date) { |
||||
this.date = date; |
||||
} |
||||
|
||||
public String getTraveler() { |
||||
return this.traveler; |
||||
} |
||||
|
||||
public void setTraveler(String traveler) { |
||||
this.traveler = traveler; |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,38 @@
@@ -0,0 +1,38 @@
|
||||
/* |
||||
* Copyright 2012-2015 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
|
||||
package sample.secure.oauth2; |
||||
|
||||
import org.springframework.data.repository.CrudRepository; |
||||
|
||||
/** |
||||
* Spring Data interface with secured methods |
||||
* |
||||
* @author Craig Walls |
||||
* @author Greg Turnquist |
||||
*/ |
||||
public interface FlightRepository extends CrudRepository<Flight, Long> { |
||||
|
||||
@Override |
||||
Iterable<Flight> findAll(); |
||||
|
||||
@Override |
||||
Flight findOne(Long aLong); |
||||
|
||||
@Override |
||||
<S extends Flight> S save(S entity); |
||||
|
||||
} |
||||
@ -0,0 +1,37 @@
@@ -0,0 +1,37 @@
|
||||
/* |
||||
* Copyright 2012-2015 the original author or authors. |
||||
* |
||||
* Licensed under the Apache License, Version 2.0 (the "License"); |
||||
* you may not use this file except in compliance with the License. |
||||
* You may obtain a copy of the License at |
||||
* |
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
* |
||||
* Unless required by applicable law or agreed to in writing, software |
||||
* distributed under the License is distributed on an "AS IS" BASIS, |
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
* See the License for the specific language governing permissions and |
||||
* limitations under the License. |
||||
*/ |
||||
package sample.secure.oauth2; |
||||
|
||||
import org.springframework.boot.SpringApplication; |
||||
import org.springframework.boot.autoconfigure.SpringBootApplication; |
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; |
||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; |
||||
|
||||
@SpringBootApplication |
||||
@EnableResourceServer |
||||
public class SampleSecureOAuth2ResourceApplication extends ResourceServerConfigurerAdapter { |
||||
|
||||
@Override |
||||
public void configure(HttpSecurity http) throws Exception { |
||||
http.antMatcher("/flights/**").authorizeRequests().anyRequest().authenticated(); |
||||
} |
||||
|
||||
public static void main(String[] args) { |
||||
SpringApplication.run(SampleSecureOAuth2ResourceApplication.class, args); |
||||
} |
||||
|
||||
} |
||||
@ -0,0 +1,6 @@
@@ -0,0 +1,6 @@
|
||||
server.port=8081 |
||||
spring.datasource.platform=h2 |
||||
security.basic.enabled=false |
||||
security.oauth2.resource.id=service |
||||
security.oauth2.resource.userInfoUri=http://localhost:8080/user |
||||
logging.level.org.springframework.security=DEBUG |
||||
@ -0,0 +1,4 @@
@@ -0,0 +1,4 @@
|
||||
insert into FLIGHT |
||||
(id, origin, destination, airline, flight_number, traveler) |
||||
values |
||||
(1, 'Nashville', 'Dallas', 'Spring Ways', 'OAUTH2', 'Greg Turnquist'); |
||||
@ -0,0 +1,65 @@
@@ -0,0 +1,65 @@
|
||||
package sample.secure.oauth2; |
||||
|
||||
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get; |
||||
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print; |
||||
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status; |
||||
import static org.springframework.test.web.servlet.setup.MockMvcBuilders.webAppContextSetup; |
||||
|
||||
import org.junit.Before; |
||||
import org.junit.Test; |
||||
import org.junit.runner.RunWith; |
||||
import org.springframework.beans.factory.annotation.Autowired; |
||||
import org.springframework.boot.test.SpringApplicationConfiguration; |
||||
import org.springframework.boot.test.WebIntegrationTest; |
||||
import org.springframework.hateoas.MediaTypes; |
||||
import org.springframework.security.core.context.SecurityContextHolder; |
||||
import org.springframework.security.web.FilterChainProxy; |
||||
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; |
||||
import org.springframework.test.web.servlet.MockMvc; |
||||
import org.springframework.web.context.WebApplicationContext; |
||||
|
||||
/** |
||||
* Series of automated integration tests to verify proper behavior of auto-configured, |
||||
* OAuth2-secured system |
||||
* |
||||
* @author Greg Turnquist |
||||
*/ |
||||
@RunWith(SpringJUnit4ClassRunner.class) |
||||
@SpringApplicationConfiguration(SampleSecureOAuth2ResourceApplication.class) |
||||
@WebIntegrationTest(randomPort = true) |
||||
public class SampleSecureOAuth2ResourceApplicationTests { |
||||
|
||||
@Autowired |
||||
WebApplicationContext context; |
||||
|
||||
@Autowired |
||||
FilterChainProxy filterChain; |
||||
|
||||
private MockMvc mvc; |
||||
@Before |
||||
public void setUp() { |
||||
this.mvc = webAppContextSetup(this.context).addFilters(this.filterChain).build(); |
||||
SecurityContextHolder.clearContext(); |
||||
} |
||||
|
||||
@Test |
||||
public void homePageAvailable() throws Exception { |
||||
this.mvc.perform(get("/").accept(MediaTypes.HAL_JSON)) |
||||
.andExpect(status().isOk()).andDo(print()); |
||||
} |
||||
|
||||
@Test |
||||
public void flightsSecuredByDefault() throws Exception { |
||||
this.mvc.perform(get("/flights").accept(MediaTypes.HAL_JSON)) |
||||
.andExpect(status().isUnauthorized()).andDo(print()); |
||||
this.mvc.perform(get("/flights/1").accept(MediaTypes.HAL_JSON)) |
||||
.andExpect(status().isUnauthorized()).andDo(print()); |
||||
} |
||||
|
||||
@Test |
||||
public void profileAvailable() throws Exception { |
||||
this.mvc.perform(get("/profile").accept(MediaTypes.HAL_JSON)) |
||||
.andExpect(status().isOk()).andDo(print()); |
||||
} |
||||
|
||||
} |
||||
Loading…
Reference in new issue