use of org.springframework.security.oauth2.client in project goodsKill by techa03.
the class KeyConfig method configure.
// ... client configuration, etc.
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
// @formatter:off
TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
List<TokenEnhancer> delegates = new ArrayList<>();
delegates.add(tokenEnhancer());
delegates.add(accessTokenConverter());
// 配置JWT的内容增强器
enhancerChain.setTokenEnhancers(delegates);
endpoints.authenticationManager(authenticationManager).userDetailsService(// 配置加载用户信息的服务
userDetailsService).accessTokenConverter(accessTokenConverter()).tokenEnhancer(enhancerChain);
// @formatter:on
}
use of org.springframework.security.oauth2.client in project powerauth-webflow by wultra.
the class OAuth2AuthorizationServerConfiguration method configureAuthorizationEndpoint.
/**
* Configures authorization endpoint.
* @param authorizationEndpoint Authorization endpoint.
*/
@Autowired
public void configureAuthorizationEndpoint(AuthorizationEndpoint authorizationEndpoint) {
// WORKAROUND: Cancel the session just before the redirect
DefaultRedirectResolver redirectResolver = new DefaultRedirectResolver() {
@Override
public String resolveRedirect(String requestedRedirect, ClientDetails client) throws OAuth2Exception {
SecurityContextHolder.clearContext();
return super.resolveRedirect(requestedRedirect, client);
}
};
redirectResolver.setMatchPorts(false);
authorizationEndpoint.setRedirectResolver(redirectResolver);
}
use of org.springframework.security.oauth2.client in project kg-search by HumanBrainProject.
the class OauthClient method serviceAccountWebClient.
@Bean
@Qualifier("asServiceAccount")
WebClient serviceAccountWebClient(ClientRegistrationRepository clientRegistrations, OAuth2AuthorizedClientService authorizedClientService) {
AuthorizedClientServiceOAuth2AuthorizedClientManager clientManager = new AuthorizedClientServiceOAuth2AuthorizedClientManager(clientRegistrations, authorizedClientService);
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2 = new ServletOAuth2AuthorizedClientExchangeFilterFunction(clientManager);
oauth2.setAuthorizationFailureHandler(new RemoveAuthorizedClientOAuth2AuthorizationFailureHandler((clientRegistrationId, principal, attributes) -> {
logger.info("Resource server authorization failure for clientRegistrationId={}", clientRegistrationId);
authorizedClientService.removeAuthorizedClient(clientRegistrationId, principal.getName());
}));
oauth2.setDefaultClientRegistrationId("kg");
return WebClient.builder().exchangeStrategies(exchangeStrategies).apply(oauth2.oauth2Configuration()).filter((clientRequest, nextFilter) -> {
ClientRequest updatedHeaders = ClientRequest.from(clientRequest).headers(h -> {
h.put("Client-Authorization", h.get("Authorization"));
}).build();
return nextFilter.exchange(updatedHeaders);
}).build();
}
use of org.springframework.security.oauth2.client in project spring-authorization-server by spring-projects.
the class OAuth2ClientAuthenticationProviderTests method authenticateWhenJwtClientAssertionAndMissingJwkSetUrlThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenJwtClientAssertionAndMissingJwkSetUrlThenThrowOAuth2AuthenticationException() {
// @formatter:off
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().clientAuthenticationMethod(ClientAuthenticationMethod.PRIVATE_KEY_JWT).clientSettings(ClientSettings.builder().tokenEndpointAuthenticationSigningAlgorithm(SignatureAlgorithm.RS256).build()).build();
// @formatter:on
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(registeredClient.getClientId(), JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD, "jwt-assertion", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).satisfies(error -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).isEqualTo("Failed to find a Signature Verifier for Client: '" + registeredClient.getId() + "'. Check to ensure you have configured the JWK Set URL.");
});
}
use of org.springframework.security.oauth2.client in project spring-authorization-server by spring-projects.
the class OAuth2ClientAuthenticationProviderTests method authenticateWhenJwtClientAssertionAndMissingClientSecretThenThrowOAuth2AuthenticationException.
@Test
public void authenticateWhenJwtClientAssertionAndMissingClientSecretThenThrowOAuth2AuthenticationException() {
// @formatter:off
RegisteredClient registeredClient = TestRegisteredClients.registeredClient().clientSecret(null).clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_JWT).clientSettings(ClientSettings.builder().tokenEndpointAuthenticationSigningAlgorithm(MacAlgorithm.HS256).build()).build();
// @formatter:on
when(this.registeredClientRepository.findByClientId(eq(registeredClient.getClientId()))).thenReturn(registeredClient);
OAuth2ClientAuthenticationToken authentication = new OAuth2ClientAuthenticationToken(registeredClient.getClientId(), JWT_CLIENT_ASSERTION_AUTHENTICATION_METHOD, "jwt-assertion", null);
assertThatThrownBy(() -> this.authenticationProvider.authenticate(authentication)).isInstanceOf(OAuth2AuthenticationException.class).extracting(ex -> ((OAuth2AuthenticationException) ex).getError()).satisfies(error -> {
assertThat(error.getErrorCode()).isEqualTo(OAuth2ErrorCodes.INVALID_CLIENT);
assertThat(error.getDescription()).isEqualTo("Failed to find a Signature Verifier for Client: '" + registeredClient.getId() + "'. Check to ensure you have configured the client secret.");
});
}
Aggregations