|
15 | 15 | import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
16 | 16 | import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
17 | 17 | import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
|
18 |
| -import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer; |
19 | 18 | import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
|
20 | 19 | import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
|
21 | 20 | import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
|
22 | 21 | import org.springframework.security.web.SecurityFilterChain;
|
23 |
| -import org.springframework.security.web.util.matcher.RequestMatcher; |
24 | 22 |
|
25 | 23 | import java.time.Duration;
|
26 | 24 | import java.util.UUID;
|
27 | 25 |
|
28 |
| -import static org.springframework.security.config.Customizer.withDefaults; |
29 |
| - |
30 | 26 | @Configuration
|
31 | 27 | public class AuthorizationServerConfig {
|
32 | 28 |
|
@@ -78,44 +74,30 @@ public JwtEncoder jwtEncoder(JWKSource<SecurityContext> jwkSource) {
|
78 | 74 | return new NimbusJwtEncoder(jwkSource);
|
79 | 75 | }
|
80 | 76 |
|
81 |
| -// OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = |
82 |
| -// new OAuth2AuthorizationServerConfigurer(); |
83 |
| -// RequestMatcher endpointsMatcher = authorizationServerConfigurer |
84 |
| -// .getEndpointsMatcher(); |
85 |
| -// |
86 |
| -// http |
87 |
| -// .requestMatcher(endpointsMatcher) |
88 |
| -// .authorizeRequests(authorizeRequests -> |
89 |
| -// authorizeRequests.anyRequest().authenticated() |
90 |
| -// ) |
91 |
| -// .csrf(csrf -> csrf.ignoringRequestMatchers("/auth/token")) |
92 |
| -// .apply(authorizationServerConfigurer); |
93 |
| -// |
94 |
| -// return http.build(); |
95 | 77 |
|
96 | 78 | @Bean
|
97 | 79 | public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
98 | 80 | OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
|
99 | 81 | return http.formLogin(Customizer.withDefaults()).build();
|
100 | 82 | }
|
101 | 83 |
|
102 |
| -// @Bean |
103 |
| -// public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception { |
104 |
| -// |
105 |
| -// OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = |
106 |
| -// new OAuth2AuthorizationServerConfigurer(); |
107 |
| -// OAuth2AuthorizationServerConfigurer serverConfigurer = authorizationServerConfigurer |
108 |
| -// .tokenEndpoint(tokenEndpoint -> tokenEndpoint.accessTokenResponseHandler(null)); |
109 |
| -// |
110 |
| -// http.with(serverConfigurer, Customizer.withDefaults()) |
111 |
| -// .authorizeHttpRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()) |
112 |
| -// .csrf(csrf -> csrf.ignoringRequestMatchers("/oauth2/token")); |
113 |
| -//// .formLogin(withDefaults()); |
114 |
| -// return http.build(); |
115 |
| -// |
116 |
| -// } |
117 |
| - |
118 | 84 |
|
| 85 | + /* |
| 86 | + // Custom exception response |
| 87 | + @Bean |
| 88 | + public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http, |
| 89 | + CustomAuthenticationEntryPoint customAuthenticationEntryPoint) throws Exception { |
| 90 | + OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = |
| 91 | + new OAuth2AuthorizationServerConfigurer(); |
| 92 | + RequestMatcher endpointsMatcher = authorizationServerConfigurer |
| 93 | + .getEndpointsMatcher(); |
| 94 | +
|
| 95 | + http.with(authorizationServerConfigurer, Customizer.withDefaults()) |
| 96 | + .authorizeHttpRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated()) |
| 97 | + .csrf(csrf -> csrf.ignoringRequestMatchers("/oauth2/token")); |
| 98 | + .exceptionHandling((ex) -> ex.authenticationEntryPoint(customAuthenticationEntryPoint)); |
| 99 | + return http.build(); |
| 100 | + }*/ |
119 | 101 |
|
120 | 102 | }
|
121 | 103 |
|
0 commit comments