From 8b2bb54ce6286f148877f11f6818af0d0b41d9bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=80=20?= =?UTF-8?q?=D0=9E=D1=80=D1=83=D0=B4=D0=B6=D0=B5=D0=B2?= Date: Wed, 19 Aug 2020 18:28:34 +0400 Subject: [PATCH] oauth2-example updated --- .../authorization-server/pom.xml | 6 +- .../config/AuthorizationServerConfig.java | 7 ++- .../config/SecurityConfig.java | 3 +- .../config/TokenStoreConfig.java | 11 +--- .../authorizationserver/model/CustomUser.java | 6 ++ .../services/CustomTokenEnhancer.java | 15 +++-- .../InMemoryAuthenticationProvider.java | 60 ------------------- .../services/InMemoryUserDetailsService.java | 5 +- .../oauth2-example/resource-server/pom.xml | 6 +- .../config/ResourceServerConfig.java | 2 +- .../controllers/ApiController.java | 1 + 11 files changed, 36 insertions(+), 86 deletions(-) delete mode 100644 examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryAuthenticationProvider.java diff --git a/examples/oauth2-example/authorization-server/pom.xml b/examples/oauth2-example/authorization-server/pom.xml index 547638cb..8dd70e7e 100644 --- a/examples/oauth2-example/authorization-server/pom.xml +++ b/examples/oauth2-example/authorization-server/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.2.6.RELEASE + 2.3.3.RELEASE ru.otus @@ -39,13 +39,13 @@ org.springframework.security.oauth spring-security-oauth2 - 2.3.8.RELEASE + 2.5.0.RELEASE org.springframework.security spring-security-jwt - 1.1.0.RELEASE + 1.1.1.RELEASE diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/AuthorizationServerConfig.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/AuthorizationServerConfig.java index 8cedd2fe..502ee502 100644 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/AuthorizationServerConfig.java +++ b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/AuthorizationServerConfig.java @@ -1,6 +1,7 @@ package ru.otus.authorizationserver.config; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; @@ -8,6 +9,7 @@ import org.springframework.security.oauth2.config.annotation.configurers.ClientD import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; +import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.TokenEnhancerChain; import org.springframework.security.oauth2.provider.token.TokenStore; @@ -18,6 +20,7 @@ import ru.otus.authorizationserver.services.CustomTokenEnhancer; import javax.sql.DataSource; import java.util.List; +@SuppressWarnings("deprecation") @Configuration @EnableAuthorizationServer public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { @@ -43,7 +46,9 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap tokenEnhancerChain.setTokenEnhancers(List.of(new CustomTokenEnhancer(), jwtAccessTokenConverter)); endpoints.authenticationManager(authManager) .tokenEnhancer(tokenEnhancerChain) - .tokenStore(tokenStore); + .tokenStore(tokenStore) + .reuseRefreshTokens(false) + ; } @Override diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/SecurityConfig.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/SecurityConfig.java index 9bae433c..de0b9483 100644 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/SecurityConfig.java +++ b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/SecurityConfig.java @@ -11,7 +11,6 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.password.NoOpPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; -import ru.otus.authorizationserver.services.InMemoryAuthenticationProvider; @Configuration @EnableWebSecurity @@ -35,6 +34,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception { - auth.authenticationProvider(new InMemoryAuthenticationProvider(userDetailsService)); + auth.userDetailsService(userDetailsService); } } \ No newline at end of file diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/TokenStoreConfig.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/TokenStoreConfig.java index fb20bf51..8b6fe664 100644 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/TokenStoreConfig.java +++ b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/config/TokenStoreConfig.java @@ -3,11 +3,14 @@ package ru.otus.authorizationserver.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; +import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; +@SuppressWarnings("deprecation") @Configuration public class TokenStoreConfig { @@ -25,12 +28,4 @@ public class TokenStoreConfig { converter.setSigningKey(oAuthProps.getSigningKey()); return converter; } - - @Bean - public DefaultTokenServices tokenServices(TokenStore tokenStore) { - DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); - defaultTokenServices.setTokenStore(tokenStore); - defaultTokenServices.setSupportRefreshToken(true); - return defaultTokenServices; - } } diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/model/CustomUser.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/model/CustomUser.java index 4d20d10e..89c4e175 100644 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/model/CustomUser.java +++ b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/model/CustomUser.java @@ -24,4 +24,10 @@ public class CustomUser extends User { this.firstName = firstName; this.fatherName = fatherName; } + + public CustomUser(CustomUser user) { + super(user.getUsername(), user.getPassword(), user.getAuthorities()); + this.firstName = user.getFirstName(); + this.fatherName = user.getFatherName(); + } } diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/CustomTokenEnhancer.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/CustomTokenEnhancer.java index dfbc1425..ef8a899a 100644 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/CustomTokenEnhancer.java +++ b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/CustomTokenEnhancer.java @@ -4,18 +4,23 @@ import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.security.oauth2.provider.token.TokenEnhancer; +import ru.otus.authorizationserver.model.CustomUser; import java.util.HashMap; import java.util.Map; +@SuppressWarnings("deprecation") public class CustomTokenEnhancer implements TokenEnhancer { + public static final String KEY_FIRST_NAME = "firstName"; + public static final String KEY_FATHER_NAME = "fatherName"; + @Override public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { - Map additionalInfo = new HashMap<>(); - Map details = (Map) authentication.getUserAuthentication() - .getDetails(); - additionalInfo.putAll(details); - ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInfo); + CustomUser user = (CustomUser) authentication.getPrincipal(); + ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(Map.of( + KEY_FIRST_NAME, user.getFirstName(), + KEY_FATHER_NAME, user.getFatherName() + )); return accessToken; } } diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryAuthenticationProvider.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryAuthenticationProvider.java deleted file mode 100644 index 79bc8dcf..00000000 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryAuthenticationProvider.java +++ /dev/null @@ -1,60 +0,0 @@ -package ru.otus.authorizationserver.services; - -import lombok.RequiredArgsConstructor; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import ru.otus.authorizationserver.model.CustomUser; - -import java.util.Map; - -@RequiredArgsConstructor -public class InMemoryAuthenticationProvider implements AuthenticationProvider { - - public static final String KEY_FIRST_NAME = "firstName"; - public static final String KEY_FATHER_NAME = "fatherName"; - private final UserDetailsService userDetailsService; - - @Override - public Authentication authenticate(final Authentication authentication) throws AuthenticationException { - - if (authentication.getName() == null || authentication.getCredentials() == null) { - return null; - } - - if (authentication.getName().isEmpty() || authentication.getCredentials().toString().isEmpty()) { - return null; - } - - final String userName = authentication.getName(); - final Object password = authentication.getCredentials(); - - CustomUser userDetails = (CustomUser) userDetailsService.loadUserByUsername(userName); - - - if (userName.equalsIgnoreCase(userDetails.getUsername()) && password.equals(userDetails.getPassword())) { - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken( - userDetails.getUsername(), - userDetails.getPassword(), - userDetails.getAuthorities()); - - token.setDetails( - Map.of( - KEY_FIRST_NAME, userDetails.getFirstName(), - KEY_FATHER_NAME, userDetails.getFatherName() - ) - ); - return token; - } - - throw new UsernameNotFoundException("Invalid username or password."); - } - - @Override - public boolean supports(final Class authentication) { - return authentication.equals(UsernamePasswordAuthenticationToken.class); - } -} diff --git a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryUserDetailsService.java b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryUserDetailsService.java index ac07975f..893c5922 100644 --- a/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryUserDetailsService.java +++ b/examples/oauth2-example/authorization-server/src/main/java/ru/otus/authorizationserver/services/InMemoryUserDetailsService.java @@ -1,7 +1,6 @@ package ru.otus.authorizationserver.services; import org.springframework.security.core.authority.SimpleGrantedAuthority; -import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; @@ -16,7 +15,7 @@ import java.util.Optional; @Service public class InMemoryUserDetailsService implements UserDetailsService { - private final Map userMap; + private final Map userMap; public InMemoryUserDetailsService(PasswordEncoder passwordEncoder) { userMap = Map.of( @@ -34,7 +33,7 @@ public class InMemoryUserDetailsService implements UserDetailsService { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - return Optional.ofNullable(userMap.get(username)) + return Optional.ofNullable(userMap.get(username)).map(CustomUser::new) .orElseThrow(() -> new UsernameNotFoundException(String.format("User %s not found", username))); } } diff --git a/examples/oauth2-example/resource-server/pom.xml b/examples/oauth2-example/resource-server/pom.xml index b957a21c..47aa30ed 100644 --- a/examples/oauth2-example/resource-server/pom.xml +++ b/examples/oauth2-example/resource-server/pom.xml @@ -5,7 +5,7 @@ org.springframework.boot spring-boot-starter-parent - 2.2.6.RELEASE + 2.3.3.RELEASE ru.otus @@ -39,13 +39,13 @@ org.springframework.security.oauth spring-security-oauth2 - 2.3.8.RELEASE + 2.5.0.RELEASE org.springframework.security spring-security-jwt - 1.1.0.RELEASE + 1.1.1.RELEASE diff --git a/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/config/ResourceServerConfig.java b/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/config/ResourceServerConfig.java index 43deeb47..5e144645 100644 --- a/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/config/ResourceServerConfig.java +++ b/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/config/ResourceServerConfig.java @@ -13,7 +13,7 @@ import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; - +@SuppressWarnings("deprecation") @Configuration @EnableGlobalMethodSecurity(prePostEnabled = true) @EnableResourceServer diff --git a/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/controllers/ApiController.java b/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/controllers/ApiController.java index b82e2e7e..1a466ccc 100644 --- a/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/controllers/ApiController.java +++ b/examples/oauth2-example/resource-server/src/main/java/ru/otus/resourceserver/controllers/ApiController.java @@ -12,6 +12,7 @@ import ru.otus.resourceserver.models.CurrentUserRequestResult; import java.util.Map; +@SuppressWarnings("deprecation") @RequiredArgsConstructor @RestController public class ApiController {