Search in sources :

Example 1 with ClientCredentialsTokenEndpointFilter

use of org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter in project spring-security-oauth by spring-projects.

the class AuthorizationServerSecurityConfigurer method configure.

@Override
public void configure(HttpSecurity http) throws Exception {
    // ensure this is initialized
    frameworkEndpointHandlerMapping();
    if (allowFormAuthenticationForClients) {
        clientCredentialsTokenEndpointFilter(http);
    }
    for (Filter filter : tokenEndpointAuthenticationFilters) {
        http.addFilterBefore(filter, BasicAuthenticationFilter.class);
    }
    http.exceptionHandling().accessDeniedHandler(accessDeniedHandler);
    if (sslOnly) {
        http.requiresChannel().anyRequest().requiresSecure();
    }
}
Also used : Filter(javax.servlet.Filter) BasicAuthenticationFilter(org.springframework.security.web.authentication.www.BasicAuthenticationFilter) ClientCredentialsTokenEndpointFilter(org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter)

Example 2 with ClientCredentialsTokenEndpointFilter

use of org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter in project spring-security-oauth by spring-projects.

the class AuthorizationServerSecurityConfigurer method clientCredentialsTokenEndpointFilter.

private ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter(HttpSecurity http) {
    ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter = new ClientCredentialsTokenEndpointFilter(frameworkEndpointHandlerMapping().getServletPath("/oauth/token"));
    clientCredentialsTokenEndpointFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
    OAuth2AuthenticationEntryPoint authenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
    authenticationEntryPoint.setTypeName("Form");
    authenticationEntryPoint.setRealmName(realm);
    clientCredentialsTokenEndpointFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
    clientCredentialsTokenEndpointFilter = postProcess(clientCredentialsTokenEndpointFilter);
    http.addFilterBefore(clientCredentialsTokenEndpointFilter, BasicAuthenticationFilter.class);
    return clientCredentialsTokenEndpointFilter;
}
Also used : AuthenticationManager(org.springframework.security.authentication.AuthenticationManager) ClientCredentialsTokenEndpointFilter(org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter) OAuth2AuthenticationEntryPoint(org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint)

Aggregations

ClientCredentialsTokenEndpointFilter (org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter)2 Filter (javax.servlet.Filter)1 AuthenticationManager (org.springframework.security.authentication.AuthenticationManager)1 OAuth2AuthenticationEntryPoint (org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint)1 BasicAuthenticationFilter (org.springframework.security.web.authentication.www.BasicAuthenticationFilter)1