Commit 20fc3043 authored by Alexander Prendetskiy's avatar Alexander Prendetskiy Committed by Matija Obreza

JWT OAuth tokens

- update dependencies and configuration
- JWT token converter from catalog
parent d9438f62
...@@ -74,6 +74,7 @@ ...@@ -74,6 +74,7 @@
<spring-data-jpa.version>1.11.13.RELEASE</spring-data-jpa.version> <spring-data-jpa.version>1.11.13.RELEASE</spring-data-jpa.version>
<spring.security.version>4.1.5.RELEASE</spring.security.version> <spring.security.version>4.1.5.RELEASE</spring.security.version>
<spring.security.oauth2.version>2.3.3.RELEASE</spring.security.oauth2.version> <spring.security.oauth2.version>2.3.3.RELEASE</spring.security.oauth2.version>
<spring-security-jwt>1.0.8.RELEASE</spring-security-jwt>
<org.springframework.social-version>1.1.4.RELEASE</org.springframework.social-version> <org.springframework.social-version>1.1.4.RELEASE</org.springframework.social-version>
<org.springframework.social-google-version>1.0.0.RELEASE</org.springframework.social-google-version> <org.springframework.social-google-version>1.0.0.RELEASE</org.springframework.social-google-version>
<querydsl.version>4.1.4</querydsl.version> <querydsl.version>4.1.4</querydsl.version>
...@@ -294,6 +295,12 @@ ...@@ -294,6 +295,12 @@
<version>${spring-data-jpa.version}</version> <version>${spring-data-jpa.version}</version>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>${spring-security-jwt}</version>
</dependency>
<dependency> <dependency>
<groupId>org.springframework.security</groupId> <groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId> <artifactId>spring-security-test</artifactId>
......
...@@ -41,13 +41,23 @@ import org.springframework.security.oauth2.provider.ClientDetailsService; ...@@ -41,13 +41,23 @@ import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.approval.ApprovalStore; import org.springframework.security.oauth2.provider.approval.ApprovalStore;
import org.springframework.security.oauth2.provider.approval.TokenApprovalStore; import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler; import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.*;
import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import java.util.Arrays;
@Configuration @Configuration
public class OAuth2ServerConfig { public class OAuth2ServerConfig {
private static final String APPLICATION_RESOURCE_ID = "genesys"; private static final String APPLICATION_RESOURCE_ID = "genesys";
@Value("${default.jwt.signingKey}")
private String jwtSigningKey;
@Autowired
@Qualifier("userService")
private UserDetailsService userDetailsService;
@Bean @Bean
public OAuthServiceImpl oauthService() { public OAuthServiceImpl oauthService() {
return new OAuthServiceImpl(); return new OAuthServiceImpl();
...@@ -59,13 +69,49 @@ public class OAuth2ServerConfig { ...@@ -59,13 +69,49 @@ public class OAuth2ServerConfig {
return new AppBlocksInitializer(); return new AppBlocksInitializer();
} }
/**
* Token store.
*
* @return the token store
*/
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
/**
* Access token converter.
*
* @return the jwt access token converter
*/
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setSigningKey(jwtSigningKey);
// This blob is required to convert from JWT token to proper Principal
final DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
userTokenConverter.setUserDetailsService(userDetailsService);
final DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
accessTokenConverter.setUserTokenConverter(userTokenConverter);
converter.setAccessTokenConverter(accessTokenConverter);
// Done blob
return converter;
}
@Configuration @Configuration
@EnableResourceServer @EnableResourceServer
protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter { protected class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override @Override
public void configure(final ResourceServerSecurityConfigurer resources) { public void configure(final ResourceServerSecurityConfigurer resources) {
resources.resourceId(APPLICATION_RESOURCE_ID).stateless(true); final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
resources.tokenServices(defaultTokenServices).resourceId(APPLICATION_RESOURCE_ID).stateless(true);
} }
@Override @Override
...@@ -97,14 +143,7 @@ public class OAuth2ServerConfig { ...@@ -97,14 +143,7 @@ public class OAuth2ServerConfig {
@Configuration @Configuration
@EnableAuthorizationServer @EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter { protected class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@Autowired
private TokenStore tokenStore;
@Autowired
@Qualifier("userService")
private UserDetailsService userDetailsService;
@Autowired @Autowired
@Qualifier("authenticationManagerBean") @Qualifier("authenticationManagerBean")
...@@ -126,7 +165,7 @@ public class OAuth2ServerConfig { ...@@ -126,7 +165,7 @@ public class OAuth2ServerConfig {
@Bean @Bean
public ApprovalStore approvalStore() throws Exception { public ApprovalStore approvalStore() throws Exception {
final TokenApprovalStore store = new TokenApprovalStore(); final TokenApprovalStore store = new TokenApprovalStore();
store.setTokenStore(tokenStore); store.setTokenStore(tokenStore());
return store; return store;
} }
...@@ -139,7 +178,7 @@ public class OAuth2ServerConfig { ...@@ -139,7 +178,7 @@ public class OAuth2ServerConfig {
@Primary @Primary
public DefaultTokenServices tokenServices() { public DefaultTokenServices tokenServices() {
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore); defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setSupportRefreshToken(true); defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices.setAuthenticationManager(authenticationManager); defaultTokenServices.setAuthenticationManager(authenticationManager);
defaultTokenServices.setClientDetailsService(clientDetailsService); defaultTokenServices.setClientDetailsService(clientDetailsService);
...@@ -156,7 +195,14 @@ public class OAuth2ServerConfig { ...@@ -156,7 +195,14 @@ public class OAuth2ServerConfig {
@Override @Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception { public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.userDetailsService(userDetailsService).tokenStore(tokenStore).authenticationManager(authenticationManager); final TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(accessTokenConverter()));
endpoints
.tokenStore(tokenStore())
.tokenEnhancer(tokenEnhancerChain)
.userDetailsService(userDetailsService)
.authenticationManager(authenticationManager);
} }
@Override @Override
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment