Examples with OAuth2ResourceOwnerPasswordAuthenticationConverter cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter used on opensource projects

Search in sources :

Example 1 with OAuth2ResourceOwnerPasswordAuthenticationConverter

use of cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter in project eurynome-cloud by herodotus-cloud.

the class AuthorizationServerConfiguration method authorizationServerSecurityFilterChain.

@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity httpSecurity, JwtDecoder jwtDecoder, HttpCryptoProcessor httpCryptoProcessor) throws Exception {
    OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
    HerodotusAuthenticationFailureHandler failureHandler = new HerodotusAuthenticationFailureHandler();
    authorizationServerConfigurer.clientAuthentication(endpoint -> endpoint.errorResponseHandler(failureHandler));
    authorizationServerConfigurer.authorizationEndpoint(endpoint -> endpoint.errorResponseHandler(failureHandler));
    authorizationServerConfigurer.tokenRevocationEndpoint(endpoint -> endpoint.errorResponseHandler(failureHandler));
    authorizationServerConfigurer.tokenEndpoint(endpoint -> {
        AuthenticationConverter authenticationConverter = new DelegatingAuthenticationConverter(Arrays.asList(new OAuth2AuthorizationCodeAuthenticationConverter(), new OAuth2RefreshTokenAuthenticationConverter(), new OAuth2ClientCredentialsAuthenticationConverter(), new OAuth2ResourceOwnerPasswordAuthenticationConverter(httpCryptoProcessor)));
        endpoint.accessTokenRequestConverter(authenticationConverter);
        endpoint.errorResponseHandler(failureHandler);
    });
    RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher();
    httpSecurity.requestMatcher(endpointsMatcher).authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()).csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher)).oauth2ResourceServer(configurer -> configurer.jwt(jwt -> jwt.decoder(jwtDecoder)).bearerTokenResolver(new DefaultBearerTokenResolver()).accessDeniedHandler(new HerodotusAccessDeniedHandler()).authenticationEntryPoint(new HerodotusAuthenticationEntryPoint())).apply(authorizationServerConfigurer).oidc(oidc -> oidc.userInfoEndpoint(userInfo -> userInfo.userInfoMapper(context -> {
        OidcUserInfoAuthenticationToken authentication = context.getAuthentication();
        JwtAuthenticationToken principal = (JwtAuthenticationToken) authentication.getPrincipal();
        return new OidcUserInfo(principal.getToken().getClaims());
    })));
    SecurityFilterChain securityFilterChain = httpSecurity.formLogin(Customizer.withDefaults()).build();
    AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class);
    OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity);
    OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator = OAuth2ConfigurerUtils.getTokenGenerator(httpSecurity);
    OAuth2ResourceOwnerPasswordAuthenticationProvider resourceOwnerPasswordAuthenticationProvider = new OAuth2ResourceOwnerPasswordAuthenticationProvider(authorizationService, tokenGenerator, authenticationManager);
    httpSecurity.authenticationProvider(resourceOwnerPasswordAuthenticationProvider);
    return securityFilterChain;
}
Also used : HerodotusTokenCustomizer(cn.herodotus.engine.oauth2.authorization.customizer.HerodotusTokenCustomizer) OAuth2Properties(cn.herodotus.engine.oauth2.core.properties.OAuth2Properties) KeyPair(java.security.KeyPair) Arrays(java.util.Arrays) JwtEncodingContext(org.springframework.security.oauth2.server.authorization.JwtEncodingContext) OAuth2AuthorizationServerConfiguration(org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration) OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator) LoggerFactory(org.slf4j.LoggerFactory) HttpCryptoProcessor(cn.herodotus.engine.protect.web.crypto.processor.HttpCryptoProcessor) JWKSet(com.nimbusds.jose.jwk.JWKSet) OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter) OAuth2ConfigurerUtils(cn.herodotus.engine.oauth2.authorization.utils.OAuth2ConfigurerUtils) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) OAuth2ResourceOwnerPasswordAuthenticationConverter(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter) RSAPublicKey(java.security.interfaces.RSAPublicKey) HerodotusAuthenticationFailureHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationFailureHandler) Resource(org.springframework.core.io.Resource) ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings) KeyPairGenerator(java.security.KeyPairGenerator) JWKSource(com.nimbusds.jose.jwk.source.JWKSource) ResourceUtils(cn.herodotus.engine.assistant.core.utils.ResourceUtils) OidcUserInfoAuthenticationToken(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationToken) OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter) DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) UUID(java.util.UUID) HerodotusAccessDeniedHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAccessDeniedHandler) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) Configuration(org.springframework.context.annotation.Configuration) HerodotusAuthenticationEntryPoint(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationEntryPoint) OAuth2ResourceOwnerPasswordAuthenticationProvider(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationProvider) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) PostConstruct(javax.annotation.PostConstruct) Certificate(cn.herodotus.engine.oauth2.core.enums.Certificate) OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token) SecurityContext(com.nimbusds.jose.proc.SecurityContext) Ordered(org.springframework.core.Ordered) DefaultBearerTokenResolver(org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver) OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer) ArrayUtils(org.apache.commons.lang3.ArrayUtils) EndpointProperties(cn.herodotus.engine.web.core.properties.EndpointProperties) OidcUserInfo(org.springframework.security.oauth2.core.oidc.OidcUserInfo) JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken) Order(org.springframework.core.annotation.Order) Logger(org.slf4j.Logger) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) Customizer(org.springframework.security.config.Customizer) IOException(java.io.IOException) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) RSAKey(com.nimbusds.jose.jwk.RSAKey) OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer) KeyStoreKeyFactory(org.springframework.security.rsa.crypto.KeyStoreKeyFactory) AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) Bean(org.springframework.context.annotation.Bean) OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter) OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter) OAuth2ResourceOwnerPasswordAuthenticationConverter(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter) OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter) DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter) AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter) OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer) OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter) JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken) OAuth2ResourceOwnerPasswordAuthenticationProvider(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationProvider) HerodotusAuthenticationEntryPoint(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationEntryPoint) OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter) DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter) OidcUserInfo(org.springframework.security.oauth2.core.oidc.OidcUserInfo) AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) SecurityFilterChain(org.springframework.security.web.SecurityFilterChain) OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter) DefaultBearerTokenResolver(org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver) HerodotusAccessDeniedHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAccessDeniedHandler) HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity) OidcUserInfoAuthenticationToken(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationToken) OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService) HerodotusAuthenticationFailureHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationFailureHandler) OAuth2ResourceOwnerPasswordAuthenticationConverter(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter) Order(org.springframework.core.annotation.Order) Bean(org.springframework.context.annotation.Bean)

Aggregations

ResourceUtils (cn.herodotus.engine.assistant.core.utils.ResourceUtils)1 OAuth2ResourceOwnerPasswordAuthenticationConverter (cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter)1 OAuth2ResourceOwnerPasswordAuthenticationProvider (cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationProvider)1 HerodotusTokenCustomizer (cn.herodotus.engine.oauth2.authorization.customizer.HerodotusTokenCustomizer)1 OAuth2ConfigurerUtils (cn.herodotus.engine.oauth2.authorization.utils.OAuth2ConfigurerUtils)1 Certificate (cn.herodotus.engine.oauth2.core.enums.Certificate)1 OAuth2Properties (cn.herodotus.engine.oauth2.core.properties.OAuth2Properties)1 HerodotusAccessDeniedHandler (cn.herodotus.engine.oauth2.core.response.HerodotusAccessDeniedHandler)1 HerodotusAuthenticationEntryPoint (cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationEntryPoint)1 HerodotusAuthenticationFailureHandler (cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationFailureHandler)1 HttpCryptoProcessor (cn.herodotus.engine.protect.web.crypto.processor.HttpCryptoProcessor)1 EndpointProperties (cn.herodotus.engine.web.core.properties.EndpointProperties)1 JWKSet (com.nimbusds.jose.jwk.JWKSet)1 RSAKey (com.nimbusds.jose.jwk.RSAKey)1 JWKSource (com.nimbusds.jose.jwk.source.JWKSource)1 SecurityContext (com.nimbusds.jose.proc.SecurityContext)1 IOException (java.io.IOException)1 KeyPair (java.security.KeyPair)1 KeyPairGenerator (java.security.KeyPairGenerator)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial