and issue the access token.
- structure
- build.gradle
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:1.4.0.RELEASE")
}
}
apply plugin: 'java'
apply plugin: 'spring-boot'
repositories {
mavenCentral()
}
dependencies {
compile group: 'org.springframework.boot', name: 'spring-boot-starter-web'
compile group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.0.11.RELEASE'
compile group: 'org.projectlombok', name: 'lombok', version: '1.16.10'
compile group: 'ch.qos.logback', name: 'logback-access', version: '1.1.7'
}
- application.properties
server.port=8081
- AuthApplication.java
package org.blog.test;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class AuthApplication {
public static void main(String[] args) {
SpringApplication.run(AuthApplication.class, args);
}
}
- OAuthConfig.java
package org.blog.test.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
@Configuration
@EnableAuthorizationServer
public class OAuthConfig implements AuthorizationServerConfigurer {
@Autowired
private AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient("test-client")
.secret("secret")
.authorities("ROLE_CLIENT")
.scopes("read", "write")
.authorities("password")
.resourceIds("test");
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
}
}
- OAuthsecurityConfiguration.java
package org.blog.test.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
@EnableWebSecurity
public class OAuthSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication().withUser("test").password("test").roles("USER");
}
}
- AuthController.java
package org.blog.test.controller;
import java.security.Principal;
import java.util.Map;
import org.blog.test.service.OAuthTokenService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import lombok.extern.slf4j.Slf4j;
@Slf4j
@RestController
public class AuthController {
@Autowired
private OAuthTokenService oAuthTokenService;
@RequestMapping(value = "/oauth/token",
method = RequestMethod.POST)
public ResponseEntity postAccessToken(Principal principal, @RequestBody Map parameters)
throws HttpRequestMethodNotSupportedException {
return oAuthTokenService.postAccessToken(principal, parameters);
}
}
- OAuthTokenService.java
package org.blog.test.service;
import java.security.Principal;
import java.util.Map;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.web.HttpRequestMethodNotSupportedException;
public interface OAuthTokenService {
ResponseEntity postAccessToken(Principal principal, Map parameters) throws HttpRequestMethodNotSupportedException;
}
- OAuthTokenServiceImpl.java
package org.blog.test.service.impl;
import java.security.Principal;
import java.util.Map;
import org.blog.test.service.OAuthTokenService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint;
import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
import org.springframework.stereotype.Service;
import org.springframework.web.HttpRequestMethodNotSupportedException;
@Service
public class OAuthTokenServiceImpl implements OAuthTokenService {
@Autowired
private TokenEndpoint tokenEndpoint;
@Autowired
private AuthorizationEndpoint authorizationEndpoint;
@Override
public ResponseEntity postAccessToken(Principal principal, Map parameters)
throws HttpRequestMethodNotSupportedException {
return tokenEndpoint.postAccessToken(principal, parameters);
}
}
- result
댓글 없음 :
댓글 쓰기