Example 1 with OAuth2AuthorizationServerConfigurer
use of org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer in project spring-authorization-server by spring-projects.
the class AuthorizationServerConfig method authorizationServerSecurityFilterChain.
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
authorizationServerConfigurer.authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint.consentPage(CUSTOM_CONSENT_PAGE_URI));
RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher();
http.requestMatcher(endpointsMatcher).authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()).csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher)).apply(authorizationServerConfigurer);
return http.formLogin(Customizer.withDefaults()).build();
}
Also used :
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
Ordered(org.springframework.core.Ordered)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)
JWKSet(com.nimbusds.jose.jwk.JWKSet)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
OAuth2AuthorizationConsentService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService)
ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod)
OidcScopes(org.springframework.security.oauth2.core.oidc.OidcScopes)
InMemoryOAuth2AuthorizationConsentService(org.springframework.security.oauth2.server.authorization.InMemoryOAuth2AuthorizationConsentService)
ClientSettings(org.springframework.security.oauth2.server.authorization.config.ClientSettings)
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
Order(org.springframework.core.annotation.Order)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
Customizer(org.springframework.security.config.Customizer)
UUID(java.util.UUID)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
SecurityFilterChain(org.springframework.security.web.SecurityFilterChain)
Configuration(org.springframework.context.annotation.Configuration)
RSAKey(com.nimbusds.jose.jwk.RSAKey)
InMemoryRegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository)
Bean(org.springframework.context.annotation.Bean)
Jwks(sample.jose.Jwks)
AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
Order(org.springframework.core.annotation.Order)
Bean(org.springframework.context.annotation.Bean)
Example 2 with OAuth2AuthorizationServerConfigurer
use of org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer in project platform-base by SummerWindL.
the class AuthorizationConfig method authorizationServerSecurityFilterChain.
// ================================================
/**
* 定义 Spring Security 的拦截器链,比如我们的 授权url、获取token的url 需要由那个过滤器来处理,此处配置这个。
*/
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
// ================================================
// 设置jwt token个性化
http.setSharedObject(OAuth2TokenCustomizer.class, new CustomOAuth2TokenCustomizer());
// ================================================
// 授权服务器配置
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher();
return http.requestMatcher(endpointsMatcher).authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()).csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher)).apply(authorizationServerConfigurer).and().formLogin().and().build();
}
Also used :
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
Ordered(org.springframework.core.Ordered)
KeyPair(java.security.KeyPair)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
OAuth2AuthorizationServerConfiguration(org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration)
RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)
LoggerFactory(org.slf4j.LoggerFactory)
Autowired(org.springframework.beans.factory.annotation.Autowired)
JdbcRegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository)
JWKSet(com.nimbusds.jose.jwk.JWKSet)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder)
JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate)
ArrayList(java.util.ArrayList)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
ClientAuthenticationMethod(org.springframework.security.oauth2.core.ClientAuthenticationMethod)
DefaultLobHandler(org.springframework.jdbc.support.lob.DefaultLobHandler)
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
KeyPairGenerator(java.security.KeyPairGenerator)
Order(org.springframework.core.annotation.Order)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
Logger(org.slf4j.Logger)
RegisteredClient(org.springframework.security.oauth2.server.authorization.client.RegisteredClient)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
Set(java.util.Set)
UUID(java.util.UUID)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
JWK(com.nimbusds.jose.jwk.JWK)
SecurityFilterChain(org.springframework.security.web.SecurityFilterChain)
org.springframework.security.oauth2.server.authorization(org.springframework.security.oauth2.server.authorization)
List(java.util.List)
PasswordEncoder(org.springframework.security.crypto.password.PasswordEncoder)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
RSAKey(com.nimbusds.jose.jwk.RSAKey)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
SerializationFeature(com.fasterxml.jackson.databind.SerializationFeature)
Bean(org.springframework.context.annotation.Bean)
AuthorizationGrantType(org.springframework.security.oauth2.core.AuthorizationGrantType)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
Order(org.springframework.core.annotation.Order)
Bean(org.springframework.context.annotation.Bean)
Example 3 with OAuth2AuthorizationServerConfigurer
use of org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer in project eurynome-cloud by herodotus-cloud.
the class AuthorizationServerConfiguration method authorizationServerSecurityFilterChain.
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity httpSecurity, JwtDecoder jwtDecoder, HttpCryptoProcessor httpCryptoProcessor) throws Exception {
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
HerodotusAuthenticationFailureHandler failureHandler = new HerodotusAuthenticationFailureHandler();
authorizationServerConfigurer.clientAuthentication(endpoint -> endpoint.errorResponseHandler(failureHandler));
authorizationServerConfigurer.authorizationEndpoint(endpoint -> endpoint.errorResponseHandler(failureHandler));
authorizationServerConfigurer.tokenRevocationEndpoint(endpoint -> endpoint.errorResponseHandler(failureHandler));
authorizationServerConfigurer.tokenEndpoint(endpoint -> {
AuthenticationConverter authenticationConverter = new DelegatingAuthenticationConverter(Arrays.asList(new OAuth2AuthorizationCodeAuthenticationConverter(), new OAuth2RefreshTokenAuthenticationConverter(), new OAuth2ClientCredentialsAuthenticationConverter(), new OAuth2ResourceOwnerPasswordAuthenticationConverter(httpCryptoProcessor)));
endpoint.accessTokenRequestConverter(authenticationConverter);
endpoint.errorResponseHandler(failureHandler);
});
RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher();
httpSecurity.requestMatcher(endpointsMatcher).authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()).csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher)).oauth2ResourceServer(configurer -> configurer.jwt(jwt -> jwt.decoder(jwtDecoder)).bearerTokenResolver(new DefaultBearerTokenResolver()).accessDeniedHandler(new HerodotusAccessDeniedHandler()).authenticationEntryPoint(new HerodotusAuthenticationEntryPoint())).apply(authorizationServerConfigurer).oidc(oidc -> oidc.userInfoEndpoint(userInfo -> userInfo.userInfoMapper(context -> {
OidcUserInfoAuthenticationToken authentication = context.getAuthentication();
JwtAuthenticationToken principal = (JwtAuthenticationToken) authentication.getPrincipal();
return new OidcUserInfo(principal.getToken().getClaims());
})));
SecurityFilterChain securityFilterChain = httpSecurity.formLogin(Customizer.withDefaults()).build();
AuthenticationManager authenticationManager = httpSecurity.getSharedObject(AuthenticationManager.class);
OAuth2AuthorizationService authorizationService = OAuth2ConfigurerUtils.getAuthorizationService(httpSecurity);
OAuth2TokenGenerator<? extends OAuth2Token> tokenGenerator = OAuth2ConfigurerUtils.getTokenGenerator(httpSecurity);
OAuth2ResourceOwnerPasswordAuthenticationProvider resourceOwnerPasswordAuthenticationProvider = new OAuth2ResourceOwnerPasswordAuthenticationProvider(authorizationService, tokenGenerator, authenticationManager);
httpSecurity.authenticationProvider(resourceOwnerPasswordAuthenticationProvider);
return securityFilterChain;
}
Also used :
HerodotusTokenCustomizer(cn.herodotus.engine.oauth2.authorization.customizer.HerodotusTokenCustomizer)
OAuth2Properties(cn.herodotus.engine.oauth2.core.properties.OAuth2Properties)
KeyPair(java.security.KeyPair)
Arrays(java.util.Arrays)
JwtEncodingContext(org.springframework.security.oauth2.server.authorization.JwtEncodingContext)
OAuth2AuthorizationServerConfiguration(org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration)
OAuth2TokenGenerator(org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator)
LoggerFactory(org.slf4j.LoggerFactory)
HttpCryptoProcessor(cn.herodotus.engine.protect.web.crypto.processor.HttpCryptoProcessor)
JWKSet(com.nimbusds.jose.jwk.JWKSet)
OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter)
OAuth2ConfigurerUtils(cn.herodotus.engine.oauth2.authorization.utils.OAuth2ConfigurerUtils)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
OAuth2ResourceOwnerPasswordAuthenticationConverter(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
HerodotusAuthenticationFailureHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationFailureHandler)
Resource(org.springframework.core.io.Resource)
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
KeyPairGenerator(java.security.KeyPairGenerator)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
ResourceUtils(cn.herodotus.engine.assistant.core.utils.ResourceUtils)
OidcUserInfoAuthenticationToken(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationToken)
OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter)
DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
UUID(java.util.UUID)
HerodotusAccessDeniedHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAccessDeniedHandler)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
Configuration(org.springframework.context.annotation.Configuration)
HerodotusAuthenticationEntryPoint(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationEntryPoint)
OAuth2ResourceOwnerPasswordAuthenticationProvider(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationProvider)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
PostConstruct(javax.annotation.PostConstruct)
Certificate(cn.herodotus.engine.oauth2.core.enums.Certificate)
OAuth2Token(org.springframework.security.oauth2.core.OAuth2Token)
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
Ordered(org.springframework.core.Ordered)
DefaultBearerTokenResolver(org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
EndpointProperties(cn.herodotus.engine.web.core.properties.EndpointProperties)
OidcUserInfo(org.springframework.security.oauth2.core.oidc.OidcUserInfo)
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
Order(org.springframework.core.annotation.Order)
Logger(org.slf4j.Logger)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
Customizer(org.springframework.security.config.Customizer)
IOException(java.io.IOException)
OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)
SecurityFilterChain(org.springframework.security.web.SecurityFilterChain)
JwtDecoder(org.springframework.security.oauth2.jwt.JwtDecoder)
RSAKey(com.nimbusds.jose.jwk.RSAKey)
OAuth2TokenCustomizer(org.springframework.security.oauth2.server.authorization.OAuth2TokenCustomizer)
KeyStoreKeyFactory(org.springframework.security.rsa.crypto.KeyStoreKeyFactory)
AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter)
Bean(org.springframework.context.annotation.Bean)
OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter)
OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter)
OAuth2ResourceOwnerPasswordAuthenticationConverter(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter)
OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter)
DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter)
AuthenticationConverter(org.springframework.security.web.authentication.AuthenticationConverter)
OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter)
JwtAuthenticationToken(org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)
OAuth2ResourceOwnerPasswordAuthenticationProvider(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationProvider)
HerodotusAuthenticationEntryPoint(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationEntryPoint)
OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter)
DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter)
OidcUserInfo(org.springframework.security.oauth2.core.oidc.OidcUserInfo)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
SecurityFilterChain(org.springframework.security.web.SecurityFilterChain)
OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter)
DefaultBearerTokenResolver(org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver)
HerodotusAccessDeniedHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAccessDeniedHandler)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
OidcUserInfoAuthenticationToken(org.springframework.security.oauth2.server.authorization.oidc.authentication.OidcUserInfoAuthenticationToken)
OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)
HerodotusAuthenticationFailureHandler(cn.herodotus.engine.oauth2.core.response.HerodotusAuthenticationFailureHandler)
OAuth2ResourceOwnerPasswordAuthenticationConverter(cn.herodotus.engine.oauth2.authorization.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter)
Order(org.springframework.core.annotation.Order)
Bean(org.springframework.context.annotation.Bean)
Example 4 with OAuth2AuthorizationServerConfigurer
use of org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer in project best-cloud by shanzhaozhen.
the class AuthorizationServerConfig method authorizationServerSecurityFilterChain.
/**
* uaa 挂载 Spring Authorization Server 认证服务器
* 定义 spring uaa 拦击链规则
* @param http
* @return
* @throws Exception
*/
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
// 追加 password 认证方式
// 这种追加方式太不优雅了,持续关注该项目的里程碑 https://github.com/spring-projects/spring-authorization-server/milestone/10
http.apply(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> tokenEndpoint.accessTokenRequestConverter(new DelegatingAuthenticationConverter(Arrays.asList(new OAuth2AuthorizationCodeAuthenticationConverter(), new OAuth2RefreshTokenAuthenticationConverter(), new OAuth2ClientCredentialsAuthenticationConverter(), new OAuth2ResourceOwnerPasswordAuthenticationConverter())))));
// 自定义确认 scope 页面
authorizationServerConfigurer.authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint.consentPage(CUSTOM_CONSENT_PAGE_URI));
// 提取 确认 scope 页面的端点
RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher();
DefaultSecurityFilterChain securityFilterChain = http.requestMatcher(endpointsMatcher).authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()).csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher)).apply(authorizationServerConfigurer).and().formLogin(Customizer.withDefaults()).build();
// 因为 build() 后会 在 OAuth2TokenEndpointConfigurer createDefaultAuthenticationProviders 中初始化 Oauth2 认证服务器的默认配置
// 所以需要在 build 之后再追加 password 认证方式的鉴权
addCustomOAuth2ResourceOwnerPasswordAuthenticationProvider(http);
return securityFilterChain;
}
Also used :
Ordered(org.springframework.core.Ordered)
Arrays(java.util.Arrays)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)
RequiredArgsConstructor(lombok.RequiredArgsConstructor)
JdbcRegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository)
OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter)
DefaultSecurityFilterChain(org.springframework.security.web.DefaultSecurityFilterChain)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
JwtEncoder(org.springframework.security.oauth2.jwt.JwtEncoder)
JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate)
Value(org.springframework.beans.factory.annotation.Value)
OAuth2ConfigurerUtils(org.shanzhaozhen.authorize.config.oauth2.authentication.OAuth2ConfigurerUtils)
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
Order(org.springframework.core.annotation.Order)
SecurityJacksonConfig(org.shanzhaozhen.authorize.jackson.SecurityJacksonConfig)
OAuth2ResourceOwnerPasswordAuthenticationConverter(org.shanzhaozhen.authorize.config.oauth2.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter)
AuthenticationManager(org.springframework.security.authentication.AuthenticationManager)
OAuth2ResourceOwnerPasswordAuthenticationProvider(org.shanzhaozhen.authorize.config.oauth2.authentication.OAuth2ResourceOwnerPasswordAuthenticationProvider)
Customizer(org.springframework.security.config.Customizer)
OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter)
DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
SecurityFilterChain(org.springframework.security.web.SecurityFilterChain)
Configuration(org.springframework.context.annotation.Configuration)
org.springframework.security.oauth2.server.authorization(org.springframework.security.oauth2.server.authorization)
Bean(org.springframework.context.annotation.Bean)
OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
OAuth2AuthorizationCodeAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2AuthorizationCodeAuthenticationConverter)
OAuth2ClientCredentialsAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2ClientCredentialsAuthenticationConverter)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
OAuth2RefreshTokenAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.OAuth2RefreshTokenAuthenticationConverter)
DelegatingAuthenticationConverter(org.springframework.security.oauth2.server.authorization.web.authentication.DelegatingAuthenticationConverter)
DefaultSecurityFilterChain(org.springframework.security.web.DefaultSecurityFilterChain)
OAuth2ResourceOwnerPasswordAuthenticationConverter(org.shanzhaozhen.authorize.config.oauth2.authentication.OAuth2ResourceOwnerPasswordAuthenticationConverter)
Order(org.springframework.core.annotation.Order)
Bean(org.springframework.context.annotation.Bean)
Example 5 with OAuth2AuthorizationServerConfigurer
use of org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer in project ordinaryroad by 1962247851.
the class AuthorizationServerConfig method authorizationServerSecurityFilterChain.
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
authorizationServerConfigurer.authorizationEndpoint(authorizationEndpoint -> {
authorizationEndpoint.consentPage("/oauth2/consent");
});
RequestMatcher endpointsMatcher = authorizationServerConfigurer.getEndpointsMatcher();
http.requestMatcher(endpointsMatcher).authorizeRequests(authorizeRequests -> {
authorizeRequests.anyRequest().authenticated();
}).csrf().disable().apply(authorizationServerConfigurer);
return http.formLogin(Customizer.withDefaults()).build();
}
Also used :
ProviderSettings(org.springframework.security.oauth2.server.authorization.config.ProviderSettings)
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
Ordered(org.springframework.core.Ordered)
Order(org.springframework.core.annotation.Order)
JdbcOAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationService)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
RegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)
ClassPathResource(org.springframework.core.io.ClassPathResource)
Customizer(org.springframework.security.config.Customizer)
JdbcRegisteredClientRepository(org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository)
JWKSet(com.nimbusds.jose.jwk.JWKSet)
IOException(java.io.IOException)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
JdbcOAuth2AuthorizationConsentService(org.springframework.security.oauth2.server.authorization.JdbcOAuth2AuthorizationConsentService)
JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate)
OAuth2AuthorizationConsentService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService)
OAuth2AuthorizationService(org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService)
SecurityFilterChain(org.springframework.security.web.SecurityFilterChain)
Configuration(org.springframework.context.annotation.Configuration)
Bean(org.springframework.context.annotation.Bean)
ParseException(java.text.ParseException)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
OAuth2AuthorizationServerConfigurer(org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)
HttpSecurity(org.springframework.security.config.annotation.web.builders.HttpSecurity)
Order(org.springframework.core.annotation.Order)
Bean(org.springframework.context.annotation.Bean)
Aggregations
Bean (org.springframework.context.annotation.Bean)9
Ordered (org.springframework.core.Ordered)9
Order (org.springframework.core.annotation.Order)9
HttpSecurity (org.springframework.security.config.annotation.web.builders.HttpSecurity)9
OAuth2AuthorizationServerConfigurer (org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer)9
ProviderSettings (org.springframework.security.oauth2.server.authorization.config.ProviderSettings)9
SecurityFilterChain (org.springframework.security.web.SecurityFilterChain)9
RequestMatcher (org.springframework.security.web.util.matcher.RequestMatcher)9
JWKSource (com.nimbusds.jose.jwk.source.JWKSource)8
SecurityContext (com.nimbusds.jose.proc.SecurityContext)8
Configuration (org.springframework.context.annotation.Configuration)8
JWKSet (com.nimbusds.jose.jwk.JWKSet)7
RSAKey (com.nimbusds.jose.jwk.RSAKey)6
UUID (java.util.UUID)6
Customizer (org.springframework.security.config.Customizer)6
RegisteredClientRepository (org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository)6
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)4
RSAPublicKey (java.security.interfaces.RSAPublicKey)4
Logger (org.slf4j.Logger)4
LoggerFactory (org.slf4j.LoggerFactory)4
