package com.moral.security;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.boot.autoconfigure.security.SecurityProperties;
|
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.core.annotation.Order;
|
import org.springframework.data.redis.connection.RedisConnectionFactory;
|
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
import org.springframework.security.oauth2.provider.approval.ApprovalStore;
|
import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
|
import org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler;
|
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
|
|
@Configuration
|
@EnableWebSecurity
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)
|
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|
@Autowired
|
private ClientDetailsService clientDetailsService;
|
|
@Autowired
|
private RedisConnectionFactory redisConnection;
|
|
@Autowired
|
private UserDetailsService userDetailsService;
|
|
@Override
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
auth.inMemoryAuthentication()
|
.withUser("bill").password("abc123").roles("ADMIN").and()
|
.withUser("bob").password("abc123").roles("USER");
|
|
// auth.userDetailsService(userDetailsService).passwordEncoder(new Md5PasswordEncoder());
|
}
|
|
@Override
|
protected void configure(HttpSecurity http) throws Exception {
|
http
|
.anonymous().disable()
|
.authorizeRequests()
|
.antMatchers("/oauth/token").permitAll();
|
}
|
|
@Override
|
@Bean
|
public AuthenticationManager authenticationManagerBean() throws Exception {
|
return super.authenticationManagerBean();
|
}
|
|
|
@Bean
|
public TokenStore tokenStore() {
|
//return new InMemoryTokenStore();
|
return new RedisTokenStore(redisConnection);
|
}
|
|
@Bean
|
@Autowired
|
public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore){
|
TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
|
handler.setTokenStore(tokenStore);
|
handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
|
handler.setClientDetailsService(clientDetailsService);
|
return handler;
|
}
|
|
@Bean
|
@Autowired
|
public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
|
TokenApprovalStore store = new TokenApprovalStore();
|
store.setTokenStore(tokenStore);
|
return store;
|
}
|
}
|
