oauth2-example updated

2026-05-30 10:50:42 +00:00 · 2020-08-19 18:28:34 +04:00
parent ce195fbbbe
commit 8b2bb54ce6
11 changed files with 36 additions and 86 deletions
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.2.6.RELEASE</version>
+		<version>2.3.3.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 	<groupId>ru.otus</groupId>
@@ -39,13 +39,13 @@
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
-			<version>2.3.8.RELEASE</version>
+			<version>2.5.0.RELEASE</version>
 		</dependency>

 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-jwt</artifactId>
-			<version>1.1.0.RELEASE</version>
+			<version>1.1.1.RELEASE</version>
 		</dependency>


@@ -1,6 +1,7 @@
 package ru.otus.authorizationserver.config;

 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -8,6 +9,7 @@ import org.springframework.security.oauth2.config.annotation.configurers.ClientD
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
 import org.springframework.security.oauth2.provider.token.TokenStore;
@@ -18,6 +20,7 @@ import ru.otus.authorizationserver.services.CustomTokenEnhancer;
 import javax.sql.DataSource;
 import java.util.List;

+@SuppressWarnings("deprecation")
@Configuration
@EnableAuthorizationServer
 public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@@ -43,7 +46,9 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
        tokenEnhancerChain.setTokenEnhancers(List.of(new CustomTokenEnhancer(), jwtAccessTokenConverter));
        endpoints.authenticationManager(authManager)
                .tokenEnhancer(tokenEnhancerChain)
-                .tokenStore(tokenStore);
+                .tokenStore(tokenStore)
+                .reuseRefreshTokens(false)
+        ;
    }

    @Override
@@ -11,7 +11,6 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import ru.otus.authorizationserver.services.InMemoryAuthenticationProvider;

@Configuration
@EnableWebSecurity
@@ -35,6 +34,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
-        auth.authenticationProvider(new InMemoryAuthenticationProvider(userDetailsService));
+        auth.userDetailsService(userDetailsService);
    }
 }
@@ -3,11 +3,14 @@ package ru.otus.authorizationserver.config;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

+@SuppressWarnings("deprecation")
@Configuration
 public class TokenStoreConfig {

@@ -25,12 +28,4 @@ public class TokenStoreConfig {
        converter.setSigningKey(oAuthProps.getSigningKey());
        return converter;
    }
-
-    @Bean
-    public DefaultTokenServices tokenServices(TokenStore tokenStore) {
-        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
-        defaultTokenServices.setTokenStore(tokenStore);
-        defaultTokenServices.setSupportRefreshToken(true);
-        return defaultTokenServices;
-    }
 }
@@ -24,4 +24,10 @@ public class CustomUser extends User {
        this.firstName = firstName;
        this.fatherName = fatherName;
    }
+
+    public CustomUser(CustomUser user) {
+        super(user.getUsername(), user.getPassword(), user.getAuthorities());
+        this.firstName = user.getFirstName();
+        this.fatherName = user.getFatherName();
+    }
 }
@@ -4,18 +4,23 @@ import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
+import ru.otus.authorizationserver.model.CustomUser;

 import java.util.HashMap;
 import java.util.Map;

+@SuppressWarnings("deprecation")
 public class CustomTokenEnhancer implements TokenEnhancer {
+    public static final String KEY_FIRST_NAME = "firstName";
+    public static final String KEY_FATHER_NAME = "fatherName";
+
    @Override
    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
-        Map<String, Object> additionalInfo = new HashMap<>();
-        Map<String, String> details = (Map<String, String>) authentication.getUserAuthentication()
-                .getDetails();
-        additionalInfo.putAll(details);
-        ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo);
+        CustomUser user = (CustomUser) authentication.getPrincipal();
+        ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(Map.of(
+                KEY_FIRST_NAME, user.getFirstName(),
+                KEY_FATHER_NAME, user.getFatherName()
+        ));
        return accessToken;
    }
 }
@@ -1,60 +0,0 @@
-package ru.otus.authorizationserver.services;
-
-import lombok.RequiredArgsConstructor;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.userdetails.UserDetailsService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import ru.otus.authorizationserver.model.CustomUser;
-
-import java.util.Map;
-
-@RequiredArgsConstructor
-public class InMemoryAuthenticationProvider implements AuthenticationProvider {
-
-    public static final String KEY_FIRST_NAME = "firstName";
-    public static final String KEY_FATHER_NAME = "fatherName";
-    private final UserDetailsService userDetailsService;
-
-    @Override
-    public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
-
-        if (authentication.getName() == null || authentication.getCredentials() == null) {
-            return null;
-        }
-
-        if (authentication.getName().isEmpty() || authentication.getCredentials().toString().isEmpty()) {
-            return null;
-        }
-
-        final String userName = authentication.getName();
-        final Object password = authentication.getCredentials();
-
-        CustomUser userDetails = (CustomUser) userDetailsService.loadUserByUsername(userName);
-
-
-        if (userName.equalsIgnoreCase(userDetails.getUsername()) && password.equals(userDetails.getPassword())) {
-            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
-                    userDetails.getUsername(),
-                    userDetails.getPassword(),
-                    userDetails.getAuthorities());
-
-            token.setDetails(
-                    Map.of(
-                            KEY_FIRST_NAME, userDetails.getFirstName(),
-                            KEY_FATHER_NAME, userDetails.getFatherName()
-                    )
-            );
-            return token;
-        }
-
-        throw new UsernameNotFoundException("Invalid username or password.");
-    }
-
-    @Override
-    public boolean supports(final Class<?> authentication) {
-        return authentication.equals(UsernamePasswordAuthenticationToken.class);
-    }
-}
@@ -1,7 +1,6 @@
 package ru.otus.authorizationserver.services;

 import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
@@ -16,7 +15,7 @@ import java.util.Optional;
@Service
 public class InMemoryUserDetailsService implements UserDetailsService {

-    private final Map<String, User> userMap;
+    private final Map<String, CustomUser> userMap;

    public InMemoryUserDetailsService(PasswordEncoder passwordEncoder) {
        userMap = Map.of(
@@ -34,7 +33,7 @@ public class InMemoryUserDetailsService implements UserDetailsService {

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-       return Optional.ofNullable(userMap.get(username))
+       return Optional.ofNullable(userMap.get(username)).map(CustomUser::new)
               .orElseThrow(() -> new UsernameNotFoundException(String.format("User %s not found", username)));
    }
 }
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>2.2.6.RELEASE</version>
+		<version>2.3.3.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 	<groupId>ru.otus</groupId>
@@ -39,13 +39,13 @@
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
-			<version>2.3.8.RELEASE</version>
+			<version>2.5.0.RELEASE</version>
 		</dependency>

 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-jwt</artifactId>
-			<version>1.1.0.RELEASE</version>
+			<version>1.1.1.RELEASE</version>
 		</dependency>


@@ -13,7 +13,7 @@ import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

-
+@SuppressWarnings("deprecation")
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableResourceServer
@@ -12,6 +12,7 @@ import ru.otus.resourceserver.models.CurrentUserRequestResult;

 import java.util.Map;

+@SuppressWarnings("deprecation")
@RequiredArgsConstructor
@RestController
 public class ApiController {