Update Multi Tenancy Sample to Convert Jwts

Issue spring-projectsgh-7346
jzheaux · Sep 3, 2019 · 2716738 · 2716738
1 parent a1f74fd
commit 2716738
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 6 deletions.
diff --git a/...auth2resourceserver-multitenancy/src/main/java/sample/OAuth2ResourceServerController.java b/...auth2resourceserver-multitenancy/src/main/java/sample/OAuth2ResourceServerController.java
@@ -15,7 +15,8 @@
  */
 package sample;
 
-import org.springframework.security.oauth2.server.resource.authentication.AbstractOAuth2TokenAuthenticationToken;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;
@@ -27,8 +28,8 @@
 public class OAuth2ResourceServerController {
 
 	@GetMapping("/{tenantId}")
-	public String index(AbstractOAuth2TokenAuthenticationToken token, @PathVariable("tenantId") String tenantId) {
-		String subject = (String) token.getTokenAttributes().get("sub");
+	public String index(@AuthenticationPrincipal OAuth2AuthenticatedPrincipal token, @PathVariable("tenantId") String tenantId) {
+		String subject = token.getAttribute("sub");
 		return String.format("Hello, %s for %s!", subject, tenantId);
 	}
 

diff --git a/...ceserver-multitenancy/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java b/...ceserver-multitenancy/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
@@ -30,7 +30,8 @@
 import org.springframework.security.oauth2.jwt.JwtDecoder;
 import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
 import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationProvider;
-import org.springframework.security.oauth2.server.resource.authentication.OAuth2IntrospectionAuthenticationProvider;
+import org.springframework.security.oauth2.server.resource.authentication.JwtBearerTokenAuthenticationConverter;
+import org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider;
 import org.springframework.security.oauth2.server.resource.introspection.NimbusOpaqueTokenIntrospector;
 import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
 
@@ -84,13 +85,15 @@ AuthenticationManagerResolver<HttpServletRequest> multitenantAuthenticationManag
 
 	AuthenticationManager jwt() {
 		JwtDecoder jwtDecoder = NimbusJwtDecoder.withJwkSetUri(this.jwkSetUri).build();
-		return new JwtAuthenticationProvider(jwtDecoder)::authenticate;
+		JwtAuthenticationProvider authenticationProvider = new JwtAuthenticationProvider(jwtDecoder);
+		authenticationProvider.setJwtAuthenticationConverter(new JwtBearerTokenAuthenticationConverter());
+		return authenticationProvider::authenticate;
 	}
 
 	AuthenticationManager opaque() {
 		OpaqueTokenIntrospector introspectionClient =
 				new NimbusOpaqueTokenIntrospector(this.introspectionUri,
 						this.introspectionClientId, this.introspectionClientSecret);
-		return new OAuth2IntrospectionAuthenticationProvider(introspectionClient)::authenticate;
+		return new OpaqueTokenAuthenticationProvider(introspectionClient)::authenticate;
 	}
 }