Examples with OktaOAuth2Properties com.okta.spring.boot.oauth.config.OktaOAuth2Properties used on opensource projects

Search in sources :

Example 1 with OktaOAuth2Properties

use of com.okta.spring.boot.oauth.config.OktaOAuth2Properties in project okta-spring-boot by okta.

the class OktaOAuth2Configurer method init.

@SuppressWarnings("rawtypes")
@Override
public void init(HttpSecurity http) throws Exception {
    ApplicationContext context = http.getSharedObject(ApplicationContext.class);
    // make sure OktaOAuth2Properties are available
    if (!context.getBeansOfType(OktaOAuth2Properties.class).isEmpty()) {
        OktaOAuth2Properties oktaOAuth2Properties = context.getBean(OktaOAuth2Properties.class);
        // Auth Code Flow Config
        // if OAuth2ClientProperties bean is not available do NOT configure
        OAuth2ClientProperties.Provider propertiesProvider;
        OAuth2ClientProperties.Registration propertiesRegistration;
        if (!context.getBeansOfType(OAuth2ClientProperties.class).isEmpty() && (propertiesProvider = context.getBean(OAuth2ClientProperties.class).getProvider().get("okta")) != null && (propertiesRegistration = context.getBean(OAuth2ClientProperties.class).getRegistration().get("okta")) != null && !isEmpty(propertiesProvider.getIssuerUri()) && !isEmpty(propertiesRegistration.getClientId())) {
            // configure Okta user services
            configureLogin(http, oktaOAuth2Properties, context.getBean(Environment.class));
            // check for RP-Initiated logout
            if (!context.getBeansOfType(OidcClientInitiatedLogoutSuccessHandler.class).isEmpty()) {
                http.logout().logoutSuccessHandler(context.getBean(OidcClientInitiatedLogoutSuccessHandler.class));
            }
            // if issuer is root org, use opaque token validation
            if (TokenUtil.isRootOrgIssuer(propertiesProvider.getIssuerUri())) {
                log.debug("Opaque Token validation/introspection will be configured.");
                configureResourceServerForOpaqueTokenValidation(http, oktaOAuth2Properties);
                return;
            }
            OAuth2ResourceServerConfigurer oAuth2ResourceServerConfigurer = http.getConfigurer(OAuth2ResourceServerConfigurer.class);
            if (getJwtConfigurer(oAuth2ResourceServerConfigurer).isPresent()) {
                log.debug("JWT configurer is set in OAuth resource server configuration. " + "JWT validation will be configured.");
                configureResourceServerForJwtValidation(http, oktaOAuth2Properties);
            } else if (getOpaqueTokenConfigurer(oAuth2ResourceServerConfigurer).isPresent()) {
                log.debug("Opaque Token configurer is set in OAuth resource server configuration. " + "Opaque Token validation/introspection will be configured.");
                configureResourceServerForOpaqueTokenValidation(http, oktaOAuth2Properties);
            } else {
                log.debug("OAuth2ResourceServerConfigurer bean not configured, Resource Server support will not be enabled.");
            }
        } else {
            log.debug("OAuth/OIDC Login not configured due to missing issuer, client-id, or client-secret property");
        }
    }
}
Also used : ApplicationContext(org.springframework.context.ApplicationContext) OidcClientInitiatedLogoutSuccessHandler(org.springframework.security.oauth2.client.oidc.web.logout.OidcClientInitiatedLogoutSuccessHandler) OAuth2ResourceServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer) Environment(org.springframework.core.env.Environment) OktaOAuth2Properties(com.okta.spring.boot.oauth.config.OktaOAuth2Properties) OAuth2ClientProperties(org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties)

Example 2 with OktaOAuth2Properties

use of com.okta.spring.boot.oauth.config.OktaOAuth2Properties in project okta-spring-boot by okta.

the class OktaOAuth2ResourceServerAutoConfig method restTemplate.

static RestTemplate restTemplate(OktaOAuth2Properties oktaOAuth2Properties) {
    Proxy proxy;
    OktaOAuth2Properties.Proxy proxyProperties = oktaOAuth2Properties.getProxy();
    Optional<BasicAuthenticationInterceptor> basicAuthenticationInterceptor = Optional.empty();
    if (proxyProperties != null && Strings.hasText(proxyProperties.getHost()) && proxyProperties.getPort() > 0) {
        proxy = new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyProperties.getHost(), proxyProperties.getPort()));
        if (Strings.hasText(proxyProperties.getUsername()) && Strings.hasText(proxyProperties.getPassword())) {
            basicAuthenticationInterceptor = Optional.of(new BasicAuthenticationInterceptor(proxyProperties.getUsername(), proxyProperties.getPassword()));
        }
    } else {
        proxy = Proxy.NO_PROXY;
    }
    RestTemplate restTemplate = new RestTemplate(Arrays.asList(new FormHttpMessageConverter(), new OAuth2AccessTokenResponseHttpMessageConverter(), new StringHttpMessageConverter()));
    restTemplate.getInterceptors().add(new UserAgentRequestInterceptor());
    basicAuthenticationInterceptor.ifPresent(restTemplate.getInterceptors()::add);
    SimpleClientHttpRequestFactory requestFactory = new SimpleClientHttpRequestFactory();
    requestFactory.setProxy(proxy);
    restTemplate.setRequestFactory(requestFactory);
    return restTemplate;
}
Also used : FormHttpMessageConverter(org.springframework.http.converter.FormHttpMessageConverter) SimpleClientHttpRequestFactory(org.springframework.http.client.SimpleClientHttpRequestFactory) Proxy(java.net.Proxy) UserAgentRequestInterceptor(com.okta.spring.boot.oauth.http.UserAgentRequestInterceptor) InetSocketAddress(java.net.InetSocketAddress) RestTemplate(org.springframework.web.client.RestTemplate) BasicAuthenticationInterceptor(org.springframework.http.client.support.BasicAuthenticationInterceptor) OAuth2AccessTokenResponseHttpMessageConverter(org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter) OktaOAuth2Properties(com.okta.spring.boot.oauth.config.OktaOAuth2Properties) StringHttpMessageConverter(org.springframework.http.converter.StringHttpMessageConverter)

Example 3 with OktaOAuth2Properties

use of com.okta.spring.boot.oauth.config.OktaOAuth2Properties in project okta-spring-boot by okta.

the class OktaOAuth2ResourceServerAutoConfig method opaqueTokenIntrospector.

@Bean
@Conditional(OktaOpaqueTokenIntrospectConditional.class)
OpaqueTokenIntrospector opaqueTokenIntrospector(OktaOAuth2Properties oktaOAuth2Properties, OAuth2ResourceServerProperties oAuth2ResourceServerProperties) {
    RestTemplate restTemplate = restTemplate(oktaOAuth2Properties);
    restTemplate.getInterceptors().add(new BasicAuthenticationInterceptor(oAuth2ResourceServerProperties.getOpaquetoken().getClientId(), oAuth2ResourceServerProperties.getOpaquetoken().getClientSecret()));
    OpaqueTokenIntrospector delegate = new NimbusOpaqueTokenIntrospector(oAuth2ResourceServerProperties.getOpaquetoken().getIntrospectionUri(), restTemplate);
    return token -> {
        OAuth2AuthenticatedPrincipal principal = delegate.introspect(token);
        Collection<GrantedAuthority> mappedAuthorities = Collections.unmodifiableCollection(TokenUtil.opaqueTokenClaimsToAuthorities(principal.getAttributes(), oktaOAuth2Properties.getGroupsClaim(), principal.getAuthorities()));
        return new DefaultOAuth2AuthenticatedPrincipal(principal.getName(), principal.getAttributes(), mappedAuthorities);
    };
}
Also used : OAuth2ResourceServerProperties(org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties) JwtAuthenticationConverter(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter) Arrays(java.util.Arrays) ConditionalOnClass(org.springframework.boot.autoconfigure.condition.ConditionalOnClass) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) NimbusJwtDecoder(org.springframework.security.oauth2.jwt.NimbusJwtDecoder) DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal) FormHttpMessageConverter(org.springframework.http.converter.FormHttpMessageConverter) OAuth2AccessTokenResponseHttpMessageConverter(org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter) Proxy(java.net.Proxy) EnableConfigurationProperties(org.springframework.boot.context.properties.EnableConfigurationProperties) ConditionalOnWebApplication(org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication) RestTemplate(org.springframework.web.client.RestTemplate) JwtGrantedAuthoritiesConverter(org.springframework.security.oauth2.server.resource.authentication.JwtGrantedAuthoritiesConverter) JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Strings(com.okta.commons.lang.Strings) SimpleClientHttpRequestFactory(org.springframework.http.client.SimpleClientHttpRequestFactory) BasicAuthenticationInterceptor(org.springframework.http.client.support.BasicAuthenticationInterceptor) UserAgentRequestInterceptor(com.okta.spring.boot.oauth.http.UserAgentRequestInterceptor) OktaOAuth2Properties(com.okta.spring.boot.oauth.config.OktaOAuth2Properties) Collection(java.util.Collection) OpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector) InetSocketAddress(java.net.InetSocketAddress) StringHttpMessageConverter(org.springframework.http.converter.StringHttpMessageConverter) GrantedAuthority(org.springframework.security.core.GrantedAuthority) Configuration(org.springframework.context.annotation.Configuration) JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder) NimbusOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector) Optional(java.util.Optional) OAuth2ResourceServerAutoConfiguration(org.springframework.boot.autoconfigure.security.oauth2.resource.servlet.OAuth2ResourceServerAutoConfiguration) Bean(org.springframework.context.annotation.Bean) AutoConfigureBefore(org.springframework.boot.autoconfigure.AutoConfigureBefore) Conditional(org.springframework.context.annotation.Conditional) Collections(java.util.Collections) OpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector) NimbusOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector) NimbusOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector) OAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal) DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal) RestTemplate(org.springframework.web.client.RestTemplate) BasicAuthenticationInterceptor(org.springframework.http.client.support.BasicAuthenticationInterceptor) Collection(java.util.Collection) DefaultOAuth2AuthenticatedPrincipal(org.springframework.security.oauth2.core.DefaultOAuth2AuthenticatedPrincipal) Conditional(org.springframework.context.annotation.Conditional) ConditionalOnMissingBean(org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

OktaOAuth2Properties (com.okta.spring.boot.oauth.config.OktaOAuth2Properties)3 UserAgentRequestInterceptor (com.okta.spring.boot.oauth.http.UserAgentRequestInterceptor)2 InetSocketAddress (java.net.InetSocketAddress)2 Proxy (java.net.Proxy)2 SimpleClientHttpRequestFactory (org.springframework.http.client.SimpleClientHttpRequestFactory)2 BasicAuthenticationInterceptor (org.springframework.http.client.support.BasicAuthenticationInterceptor)2 FormHttpMessageConverter (org.springframework.http.converter.FormHttpMessageConverter)2 StringHttpMessageConverter (org.springframework.http.converter.StringHttpMessageConverter)2 OAuth2AccessTokenResponseHttpMessageConverter (org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter)2 RestTemplate (org.springframework.web.client.RestTemplate)2 Strings (com.okta.commons.lang.Strings)1 Arrays (java.util.Arrays)1 Collection (java.util.Collection)1 Collections (java.util.Collections)1 Optional (java.util.Optional)1 AutoConfigureBefore (org.springframework.boot.autoconfigure.AutoConfigureBefore)1 ConditionalOnClass (org.springframework.boot.autoconfigure.condition.ConditionalOnClass)1 ConditionalOnMissingBean (org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean)1 ConditionalOnWebApplication (org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication)1 OAuth2ClientProperties (org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial