Permalink
Browse files

Add @Configuration support

Auth server, resource server and client are all represented in Java config
here. Simple test case provided for each.

Still work in progress but here's at least something that works for sparklr
and tonr use cases.

Work started in gh-139
  • Loading branch information...
1 parent a9a53aa commit 114fbd44beef0382009f207c08f0b1d9c24e95a9 @dsyer dsyer committed Feb 14, 2014
Showing with 1,165 additions and 37 deletions.
  1. +1 −1 samples/oauth2/sparklr/src/main/webapp/WEB-INF/jsp/access_confirmation.jsp
  2. +1 −1 samples/oauth2/sparklr/src/main/webapp/WEB-INF/jsp/oauth_error.jsp
  3. +1 −1 samples/oauth2/sparklr/src/main/webapp/index.jsp
  4. +1 −1 samples/oauth2/sparklr/src/main/webapp/login.jsp
  5. +1 −1 samples/oauth2/sparklr/src/main/webapp/request_token_authorized.jsp
  6. +4 −4 spring-security-jwt/pom.xml
  7. +5 −5 spring-security-oauth2/.springBeans
  8. +3 −3 spring-security-oauth2/pom.xml
  9. +182 −0 ...y/oauth2/config/annotation/authentication/configurers/InMemoryClientDetailsServiceConfigurer.java
  10. +131 −0 ...curity/oauth2/config/annotation/web/configuration/OAuth2AuthorizationServerConfigurerAdapter.java
  11. +43 −0 ...pringframework/security/oauth2/config/annotation/web/configuration/OAuth2ClientConfiguration.java
  12. +278 −0 ...mework/security/oauth2/config/annotation/web/configurers/OAuth2AuthorizationServerConfigurer.java
  13. +155 −0 ...ngframework/security/oauth2/config/annotation/web/configurers/OAuth2ResourceServerConfigurer.java
  14. +1 −1 .../org/springframework/security/oauth2/config/{ → xml}/AuthorizationServerBeanDefinitionParser.java
  15. +1 −1 ...src/main/java/org/springframework/security/oauth2/config/{ → xml}/ClientBeanDefinitionParser.java
  16. +1 −1 ...org/springframework/security/oauth2/config/{ → xml}/ClientDetailsServiceBeanDefinitionParser.java
  17. +1 −1 ...ecurity-oauth2/src/main/java/org/springframework/security/oauth2/config/{ → xml}/ConfigUtils.java
  18. +1 −1 ...va/org/springframework/security/oauth2/config/{ → xml}/ExpressionHandlerBeanDefinitionParser.java
  19. +1 −1 ...main/java/org/springframework/security/oauth2/config/{ → xml}/OAuth2ClientContextFactoryBean.java
  20. +1 −1 ...main/java/org/springframework/security/oauth2/config/{ → xml}/OAuth2SecurityNamespaceHandler.java
  21. +1 −1 ...c/main/java/org/springframework/security/oauth2/config/{ → xml}/ProviderBeanDefinitionParser.java
  22. +1 −1 ...c/main/java/org/springframework/security/oauth2/config/{ → xml}/ResourceBeanDefinitionParser.java
  23. +1 −1 .../java/org/springframework/security/oauth2/config/{ → xml}/ResourceServerBeanDefinitionParser.java
  24. +1 −1 ...in/java/org/springframework/security/oauth2/config/{ → xml}/RestTemplateBeanDefinitionParser.java
  25. +1 −1 ...org/springframework/security/oauth2/config/{ → xml}/WebExpressionHandlerBeanDefinitionParser.java
  26. +1 −1 spring-security-oauth2/src/main/resources/META-INF/spring.handlers
  27. +140 −0 ...a/org/springframework/security/oauth2/config/annotation/TestAuthorizationServerConfiguration.java
  28. +94 −0 .../src/test/java/org/springframework/security/oauth2/config/annotation/TestClientConfiguration.java
  29. +105 −0 ...t/java/org/springframework/security/oauth2/config/annotation/TestResourceServerConfiguration.java
  30. +1 −1 .../springframework/security/oauth2/config/{ → xml}/TestAuthorizationServerBeanDefinitionParser.java
  31. +1 −1 ...org/springframework/security/oauth2/config/{ → xml}/TestAuthorizationServerCustomGrantParser.java
  32. +1 −1 ...springframework/security/oauth2/config/{ → xml}/TestClientDetailsServiceBeanDefinitionParser.java
  33. +1 −1 .../org/springframework/security/oauth2/config/{ → xml}/TestInvalidResourceBeanDefinitionParser.java
  34. +1 −1 ...st/java/org/springframework/security/oauth2/config/{ → xml}/TestResourceBeanDefinitionParser.java
  35. +1 −1 ...a/org/springframework/security/oauth2/config/{ → xml}/TestResourceServerBeanDefinitionParser.java
  36. 0 ...ramework/security/oauth2/config/{ → xml}/TestClientDetailsServiceBeanDefinitionParser-context.xml
  37. 0 .../org/springframework/security/oauth2/config/{ → xml}/TestResourceBeanDefinitionParser-context.xml
  38. +1 −1 ...sources/org/springframework/security/oauth2/config/{ → xml}/authorization-server-custom-grant.xml
  39. 0 ...est/resources/org/springframework/security/oauth2/config/{ → xml}/authorization-server-extras.xml
  40. 0 ...test/resources/org/springframework/security/oauth2/config/{ → xml}/authorization-server-types.xml
  41. 0 ...st/resources/org/springframework/security/oauth2/config/{ → xml}/authorization-server-vanilla.xml
  42. 0 ...urces/org/springframework/security/oauth2/config/{ → xml}/resource-server-authmanager-context.xml
  43. 0 ...rc/test/resources/org/springframework/security/oauth2/config/{ → xml}/resource-server-context.xml
@@ -43,7 +43,7 @@
</authz:authorize>
</div>
- <div id="footer">Sample application for <a href="http://github.com/SpringSource/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
+ <div id="footer">Sample application for <a href="http://github.com/spring-projects/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
</body>
@@ -16,7 +16,7 @@
<p>Please go back to your client application and try again, or contact the owner and ask for support</p>
</div>
- <div id="footer">Sample application for <a href="http://github.com/SpringSource/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
+ <div id="footer">Sample application for <a href="http://github.com/spring-projects/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
</body>
@@ -48,7 +48,7 @@
</authz:authorize>
</div>
- <div id="footer">Sample application for <a href="http://github.com/SpringSource/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
+ <div id="footer">Sample application for <a href="http://github.com/spring-projects/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
</body>
@@ -49,7 +49,7 @@
<div id="footer">
Sample application for <a
- href="http://github.com/SpringSource/spring-security-oauth"
+ href="http://github.com/spring-projects/spring-security-oauth"
target="_blank">Spring Security OAuth</a>
</div>
@@ -18,7 +18,7 @@
<p>You have successfully authorized the request for a protected resource.</p>
</div>
- <div id="footer">Sample application for <a href="http://github.com/SpringSource/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
+ <div id="footer">Sample application for <a href="http://github.com/spring-projects/spring-security-oauth" target="_blank">Spring Security OAuth</a></div>
</body>
@@ -13,7 +13,7 @@
It belongs to the family of Spring Security crypto libraries that handle encoding and decoding text as
a general, useful thing to be able to do.</description>
- <url>http://github.com/SpringSource/spring-security-oauth</url>
+ <url>http://github.com/spring-projects/spring-security-oauth</url>
<organization>
<name>SpringSource</name>
<url>http://www.springsource.com</url>
@@ -184,9 +184,9 @@
</profiles>
<scm>
- <url>http://github.com/SpringSource/spring-security-oauth</url>
- <connection>scm:git:git://github.com/SpringSource/spring-security-oauth.git</connection>
- <developerConnection>scm:git:ssh://git@github.com/SpringSource/spring-security-oauth.git</developerConnection>
+ <url>http://github.com/spring-projects/spring-security-oauth</url>
+ <connection>scm:git:git://github.com/spring-projects/spring-security-oauth.git</connection>
+ <developerConnection>scm:git:ssh://git@github.com/spring-projects/spring-security-oauth.git</developerConnection>
</scm>
<developers>
@@ -7,11 +7,11 @@
</configSuffixes>
<enableImports><![CDATA[true]]></enableImports>
<configs>
- <config>src/test/resources/org/springframework/security/oauth2/config/TestClientDetailsServiceBeanDefinitionParser-context.xml</config>
- <config>src/test/resources/org/springframework/security/oauth2/config/TestResourceBeanDefinitionParser-context.xml</config>
- <config>src/test/resources/org/springframework/security/oauth2/config/authorization-server-vanilla.xml</config>
- <config>src/test/resources/org/springframework/security/oauth2/config/authorization-server-custom-grant.xml</config>
- <config>src/test/resources/org/springframework/security/oauth2/config/resource-server-context.xml</config>
+ <config>src/test/resources/org/springframework/security/oauth2/config/xml/authorization-server-custom-grant.xml</config>
+ <config>src/test/resources/org/springframework/security/oauth2/config/xml/authorization-server-vanilla.xml</config>
+ <config>src/test/resources/org/springframework/security/oauth2/config/xml/TestResourceBeanDefinitionParser-context.xml</config>
+ <config>src/test/resources/org/springframework/security/oauth2/config/xml/resource-server-context.xml</config>
+ <config>src/test/resources/org/springframework/security/oauth2/config/xml/TestClientDetailsServiceBeanDefinitionParser-context.xml</config>
</configs>
<configSets>
</configSets>
@@ -175,22 +175,22 @@
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
- <version>4.8.2</version>
+ <version>4.11</version>
<scope>compile</scope>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-module-junit4</artifactId>
- <version>1.4.10</version>
+ <version>1.5.4</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.powermock</groupId>
<artifactId>powermock-api-mockito</artifactId>
- <version>1.4.10</version>
+ <version>1.5.4</version>
<scope>test</scope>
</dependency>
@@ -0,0 +1,182 @@
+/*
+ * Copyright 2002-2013 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.springframework.security.oauth2.config.annotation.authentication.configurers;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.core.authority.AuthorityUtils;
+import org.springframework.security.oauth2.provider.BaseClientDetails;
+import org.springframework.security.oauth2.provider.ClientDetails;
+import org.springframework.security.oauth2.provider.ClientDetailsService;
+import org.springframework.security.oauth2.provider.InMemoryClientDetailsService;
+import org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService;
+
+/**
+ * @author Rob Winch
+ *
+ */
+public class InMemoryClientDetailsServiceConfigurer extends
+ SecurityConfigurerAdapter<AuthenticationManager, AuthenticationManagerBuilder> {
+ private List<ClientBuilder> clientBuilders = new ArrayList<ClientBuilder>();
+
+ public ClientBuilder withClient(String clientId) {
+ ClientBuilder clientBuilder = new ClientBuilder(clientId);
+ this.clientBuilders.add(clientBuilder);
+ return clientBuilder;
+ }
+
+ @Override
+ public void init(AuthenticationManagerBuilder builder) throws Exception {
+ Map<String, ClientDetails> clientDetails = new HashMap<String, ClientDetails>(clientBuilders.size());
+ for (ClientBuilder clientDetailsBldr : clientBuilders) {
+ clientDetails.put(clientDetailsBldr.clientId, clientDetailsBldr.build());
+ }
+ InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();
+ clientDetailsService.setClientDetailsStore(clientDetails);
+
+ ClientDetailsUserDetailsService userDetailsService = new ClientDetailsUserDetailsService(clientDetailsService);
+ builder.userDetailsService(userDetailsService);
+
+ builder.setSharedObject(ClientDetailsService.class, clientDetailsService);
+ }
+
+ @Override
+ public void configure(AuthenticationManagerBuilder builder) throws Exception {
+
+ }
+
+ public final class ClientBuilder {
+ private final String clientId;
+
+ private Collection<String> authorizedGrantTypes = new LinkedHashSet<String>();
+
+ private Collection<String> authorities = new LinkedHashSet<String>();
+
+ private Integer accessTokenValiditySeconds;
+
+ private Integer refreshTokenValiditySeconds;
+
+ private Collection<String> scopes = new LinkedHashSet<String>();
+
+ private Collection<String> autoApproveScopes = new HashSet<String>();
+
+ private String secret;
+
+ private Set<String> registeredRedirectUris = new HashSet<String>();
+
+ private Set<String> resourceIds = new HashSet<String>();
+
+ private boolean autoApprove;
+
+ private ClientDetails build() {
+ BaseClientDetails result = new BaseClientDetails();
+ result.setClientId(clientId);
+ result.setAuthorizedGrantTypes(authorizedGrantTypes);
+ result.setAccessTokenValiditySeconds(accessTokenValiditySeconds);
+ result.setRefreshTokenValiditySeconds(refreshTokenValiditySeconds);
+ result.setRegisteredRedirectUri(registeredRedirectUris);
+ result.setClientSecret(secret);
+ result.setScope(scopes);
+ result.setAuthorities(AuthorityUtils.createAuthorityList(authorities.toArray(new String[authorities.size()])));
+ result.setResourceIds(resourceIds);
+ if (autoApprove) {
+ result.setAutoApproveScopes(scopes);
+ }
+ return result;
+ }
+
+ public ClientBuilder resourceIds(String... resourceIds) {
+ for (String resourceId : resourceIds) {
+ this.resourceIds.add(resourceId);
+ }
+ return this;
+ }
+
+ public ClientBuilder redirectUris(String... registeredRedirectUris) {
+ for (String redirectUri : registeredRedirectUris) {
+ this.registeredRedirectUris.add(redirectUri);
+ }
+ return this;
+ }
+
+ public ClientBuilder authorizedGrantTypes(String... authorizedGrantTypes) {
+ for (String grant : authorizedGrantTypes) {
+ this.authorizedGrantTypes.add(grant);
+ }
+ return this;
+ }
+
+ public ClientBuilder accessTokenValiditySeconds(int accessTokenValiditySeconds) {
+ this.accessTokenValiditySeconds = accessTokenValiditySeconds;
+ return this;
+ }
+
+ public ClientBuilder refreshTokenValiditySeconds(int refreshTokenValiditySeconds) {
+ this.refreshTokenValiditySeconds = refreshTokenValiditySeconds;
+ return this;
+ }
+
+ public ClientBuilder secret(String secret) {
+ this.secret = secret;
+ return this;
+ }
+
+ public ClientBuilder scopes(String... scopes) {
+ for (String scope : scopes) {
+ this.scopes.add(scope);
+ }
+ return this;
+ }
+
+ public ClientBuilder authorities(String... authorities) {
+ for (String authority : authorities) {
+ this.authorities.add(authority);
+ }
+ return this;
+ }
+
+ public ClientBuilder autoApprove(boolean autoApprove) {
+ this.autoApprove = autoApprove;
+ return this;
+ }
+
+ public ClientBuilder autoApprove(String... scopes) {
+ for (String scope : scopes) {
+ this.autoApproveScopes.add(scope);
+ }
+ return this;
+ }
+
+ public InMemoryClientDetailsServiceConfigurer and() {
+ return InMemoryClientDetailsServiceConfigurer.this;
+ }
+
+ private ClientBuilder(String clientId) {
+ this.clientId = clientId;
+ }
+
+ }
+}
Oops, something went wrong.

0 comments on commit 114fbd4

Please sign in to comment.