Commit 20fc3043 authored by Alexander Prendetskiy's avatar Alexander Prendetskiy Committed by Matija Obreza

JWT OAuth tokens

- update dependencies and configuration
- JWT token converter from catalog
parent d9438f62
......@@ -74,6 +74,7 @@
<spring-data-jpa.version>1.11.13.RELEASE</spring-data-jpa.version>
<spring.security.version>4.1.5.RELEASE</spring.security.version>
<spring.security.oauth2.version>2.3.3.RELEASE</spring.security.oauth2.version>
<spring-security-jwt>1.0.8.RELEASE</spring-security-jwt>
<org.springframework.social-version>1.1.4.RELEASE</org.springframework.social-version>
<org.springframework.social-google-version>1.0.0.RELEASE</org.springframework.social-google-version>
<querydsl.version>4.1.4</querydsl.version>
......@@ -294,6 +295,12 @@
<version>${spring-data-jpa.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>${spring-security-jwt}</version>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
......
......@@ -41,13 +41,23 @@ import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.approval.ApprovalStore;
import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.*;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import java.util.Arrays;
@Configuration
public class OAuth2ServerConfig {
private static final String APPLICATION_RESOURCE_ID = "genesys";
@Value("${default.jwt.signingKey}")
private String jwtSigningKey;
@Autowired
@Qualifier("userService")
private UserDetailsService userDetailsService;
@Bean
public OAuthServiceImpl oauthService() {
return new OAuthServiceImpl();
......@@ -59,13 +69,49 @@ public class OAuth2ServerConfig {
return new AppBlocksInitializer();
}
/**
* Token store.
*
* @return the token store
*/
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
/**
* Access token converter.
*
* @return the jwt access token converter
*/
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey(jwtSigningKey);
// This blob is required to convert from JWT token to proper Principal
final DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
userTokenConverter.setUserDetailsService(userDetailsService);
final DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
accessTokenConverter.setUserTokenConverter(userTokenConverter);
converter.setAccessTokenConverter(accessTokenConverter);
// Done blob
return converter;
}
@Configuration
@EnableResourceServer
protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
protected class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(final ResourceServerSecurityConfigurer resources) {
resources.resourceId(APPLICATION_RESOURCE_ID).stateless(true);
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
resources.tokenServices(defaultTokenServices).resourceId(APPLICATION_RESOURCE_ID).stateless(true);
}
@Override
......@@ -97,14 +143,7 @@ public class OAuth2ServerConfig {
@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private TokenStore tokenStore;
@Autowired
@Qualifier("userService")
private UserDetailsService userDetailsService;
protected class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("authenticationManagerBean")
......@@ -126,7 +165,7 @@ public class OAuth2ServerConfig {
@Bean
public ApprovalStore approvalStore() throws Exception {
final TokenApprovalStore store = new TokenApprovalStore();
store.setTokenStore(tokenStore);
store.setTokenStore(tokenStore());
return store;
}
......@@ -139,7 +178,7 @@ public class OAuth2ServerConfig {
@Primary
public DefaultTokenServices tokenServices() {
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore);
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setAuthenticationManager(authenticationManager);
defaultTokenServices.setClientDetailsService(clientDetailsService);
......@@ -156,7 +195,14 @@ public class OAuth2ServerConfig {
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.userDetailsService(userDetailsService).tokenStore(tokenStore).authenticationManager(authenticationManager);
final TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(accessTokenConverter()));
endpoints
.tokenStore(tokenStore())
.tokenEnhancer(tokenEnhancerChain)
.userDetailsService(userDetailsService)
.authenticationManager(authenticationManager);
}
@Override
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment