Examples with ServerOAuth2AuthorizedClientExchangeFilterFunction org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction used on opensource projects

Example 1 with ServerOAuth2AuthorizedClientExchangeFilterFunction

use of org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction in project graphql-maven-plugin-project by graphql-java-generator.

the class MinimalSpringApp method serverOAuth2AuthorizedClientExchangeFilterFunction.

/**
 * This beans is all that is needed to wire OAuth into the application, thanks to Spring Boot and some configuration
 * lines in the resources/application.properties file
 */
@Bean
ServerOAuth2AuthorizedClientExchangeFilterFunction serverOAuth2AuthorizedClientExchangeFilterFunction(ReactiveClientRegistrationRepository clientRegistrations) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
    oauth.setDefaultClientRegistrationId("provider_test");
    return oauth;
}

Example 2 with ServerOAuth2AuthorizedClientExchangeFilterFunction

use of org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction in project spring-security-samples by spring-projects.

the class WebClientConfiguration method webClient.

@Bean
WebClient webClient(ReactiveOAuth2AuthorizedClientManager authorizedClientManager) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
    oauth.setDefaultOAuth2AuthorizedClient(true);
    // @formatter:off
    return WebClient.builder().baseUrl(this.uri).filter(oauth).build();
// @formatter:on
}

Example 3 with ServerOAuth2AuthorizedClientExchangeFilterFunction

use of org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction in project EDUC-PEN-REG-BATCH-API by bcgov.

the class RestWebClient method webClient.

/**
 * Web client web client.
 *
 * @return the web client
 */
@Bean
@Autowired
WebClient webClient(final WebClient.Builder builder) {
    val clientRegistryRepo = new InMemoryReactiveClientRegistrationRepository(ClientRegistration.withRegistrationId(this.props.getClientID()).tokenUri(this.props.getTokenURL()).clientId(this.props.getClientID()).clientSecret(this.props.getClientSecret()).authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS).build());
    val clientService = new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistryRepo);
    val authorizedClientManager = new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(clientRegistryRepo, clientService);
    val oauthFilter = new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
    oauthFilter.setDefaultClientRegistrationId(this.props.getClientID());
    return builder.defaultHeader("X-Client-Name", ApplicationProperties.API_NAME).codecs(configurer -> configurer.defaultCodecs().maxInMemorySize(100 * 1024 * 1024)).filter(this.log()).clientConnector(this.connector).uriBuilderFactory(this.factory).filter(oauthFilter).build();
}

Example 4 with ServerOAuth2AuthorizedClientExchangeFilterFunction

use of org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction in project spring-security by spring-projects.

the class ServerOAuth2AuthorizedClientExchangeFilterFunctionTests method filterWhenClientCredentialsClientNotAuthorizedAndOutsideRequestContextThenGetNewToken.

// gh-7544
@Test
public void filterWhenClientCredentialsClientNotAuthorizedAndOutsideRequestContextThenGetNewToken() {
    setupMockHeaders();
    // Use UnAuthenticatedServerOAuth2AuthorizedClientRepository when operating
    // outside of a request context
    ServerOAuth2AuthorizedClientRepository unauthenticatedAuthorizedClientRepository = spy(new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
    this.function = new ServerOAuth2AuthorizedClientExchangeFilterFunction(this.clientRegistrationRepository, unauthenticatedAuthorizedClientRepository);
    this.function.setClientCredentialsTokenResponseClient(this.clientCredentialsTokenResponseClient);
    OAuth2AccessTokenResponse accessTokenResponse = OAuth2AccessTokenResponse.withToken("new-token").tokenType(OAuth2AccessToken.TokenType.BEARER).expiresIn(360).build();
    given(this.clientCredentialsTokenResponseClient.getTokenResponse(any())).willReturn(Mono.just(accessTokenResponse));
    ClientRegistration registration = TestClientRegistrations.clientCredentials().build();
    given(this.clientRegistrationRepository.findByRegistrationId(eq(registration.getRegistrationId()))).willReturn(Mono.just(registration));
    // @formatter:off
    ClientRequest request = ClientRequest.create(HttpMethod.GET, URI.create("https://example.com")).attributes(ServerOAuth2AuthorizedClientExchangeFilterFunction.clientRegistrationId(registration.getRegistrationId())).build();
    // @formatter:on
    this.function.filter(request, this.exchange).block();
    verify(unauthenticatedAuthorizedClientRepository).loadAuthorizedClient(any(), any(), any());
    verify(this.clientCredentialsTokenResponseClient).getTokenResponse(any());
    verify(unauthenticatedAuthorizedClientRepository).saveAuthorizedClient(any(), any(), any());
    List<ClientRequest> requests = this.exchange.getRequests();
    assertThat(requests).hasSize(1);
    ClientRequest request1 = requests.get(0);
    assertThat(request1.headers().getFirst(HttpHeaders.AUTHORIZATION)).isEqualTo("Bearer new-token");
    assertThat(request1.url().toASCIIString()).isEqualTo("https://example.com");
    assertThat(request1.method()).isEqualTo(HttpMethod.GET);
    assertThat(getBody(request1)).isEmpty();
}

Example 5 with ServerOAuth2AuthorizedClientExchangeFilterFunction

use of org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction in project stream-services-2.0 by Backbase.

the class DbsWebClientConfiguration method dbsWebClient.

/**
 * Default Reactive Web Client to be used when interacting with DBS Services. Requires OAuth2 client credentials set
 * in application.yml
 *
 * @param objectMapper                          The Jackson Object mapper to register serialization and deserialization json
 *                                              content.
 * @param reactiveOAuth2AuthorizedClientManager Client Manager managing OAuth2 tokens
 * @param builder                               THe Web Client Builder which is already preconfigured using MicroMeter
 *                                              instrumentation.
 * @return Preconfigured Web Client
 */
@Bean
public WebClient dbsWebClient(ObjectMapper objectMapper, ReactiveOAuth2AuthorizedClientManager reactiveOAuth2AuthorizedClientManager, WebClient.Builder builder, DbsWebClientConfigurationProperties dbsWebClientConfigurationProperties) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth2ClientFilter = new ServerOAuth2AuthorizedClientExchangeFilterFunction(reactiveOAuth2AuthorizedClientManager);
    oauth2ClientFilter.setDefaultClientRegistrationId(dbsWebClientConfigurationProperties.getDefaultClientRegistrationId());
    builder.defaultHeader("Content-Type", MediaType.APPLICATION_JSON.toString()).defaultHeader("Accept", MediaType.APPLICATION_JSON.toString()).filter((clientRequest, exchangeFunction) -> {
        final ClientRequest newRequest = Optional.ofNullable(dbsWebClientConfigurationProperties.getAdditionalHeaders()).map(additionalHeaders -> {
            log.debug("Adding additional headers: {} from configuration  Request: {}", additionalHeaders, clientRequest.url());
            return ClientRequest.from(clientRequest).headers(httpHeaders -> httpHeaders.addAll(additionalHeaders)).build();
        }).orElse(clientRequest);
        return Mono.subscriberContext().flatMap(context -> {
            Optional<MultiValueMap<String, String>> forwardHeaders = context.<MultiValueMap<String, String>>getOrEmpty(CONTEXT_KEY_FORWARDED_HEADERS);
            log.debug("context contains headers? " + forwardHeaders.isPresent());
            log.debug("forward headers:" + forwardHeaders.map(MultiValueMap::toString).orElse("null"));
            ClientRequest contextRequest = context.<MultiValueMap<String, String>>getOrEmpty("headers").map(headers -> {
                log.debug("Adding additional headers: {} from Reactive subscriber context to Request: {}", headers, clientRequest.url());
                return ClientRequest.from(newRequest).headers(httpHeaders -> httpHeaders.addAll(headers)).build();
            }).orElse(newRequest);
            return exchangeFunction.exchange(contextRequest);
        });
    }).filter(new CsrfClientExchangeFilterFunction()).filter(oauth2ClientFilter);
    if (log.isDebugEnabled()) {
        HttpClient httpClient = HttpClient.create().wiretap("reactor.netty.http.client.HttpClient", LogLevel.DEBUG, AdvancedByteBufFormat.TEXTUAL);
        builder.clientConnector(new ReactorClientHttpConnector(httpClient));
    }
    // ensure correct exchange strategy is installed
    ExchangeStrategies strategies = ExchangeStrategies.builder().codecs(clientDefaultCodecsConfigurer -> {
        Jackson2JsonEncoder encoder = new Jackson2JsonEncoder(objectMapper, MediaType.APPLICATION_JSON);
        Jackson2JsonDecoder decoder = new Jackson2JsonDecoder(objectMapper, MediaType.APPLICATION_JSON);
        clientDefaultCodecsConfigurer.defaultCodecs().jackson2JsonEncoder(encoder);
        clientDefaultCodecsConfigurer.defaultCodecs().jackson2JsonDecoder(decoder);
    }).build();
    builder.exchangeStrategies(strategies);
    return builder.build();
}