├── sample1
├── ui
│ ├── src
│ │ ├── main
│ │ │ ├── wro
│ │ │ │ ├── main.less
│ │ │ │ ├── wro.properties
│ │ │ │ └── wro.xml
│ │ │ ├── resources
│ │ │ │ ├── static
│ │ │ │ │ ├── admin.html
│ │ │ │ │ ├── protected.html
│ │ │ │ │ ├── home.html
│ │ │ │ │ ├── index.html
│ │ │ │ │ └── js
│ │ │ │ │ │ └── hello.js
│ │ │ │ └── application.yml
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── UiApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── resource
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── ResourceApplication.java
│ │ └── test
│ │ │ └── groovy
│ │ │ └── demo
│ │ │ └── ApplicationTests.groovy
│ └── pom.xml
├── authserver
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── AuthserverApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── gateway
│ ├── src
│ │ ├── main
│ │ │ ├── java
│ │ │ │ └── demo
│ │ │ │ │ └── GatewayApplication.java
│ │ │ └── resources
│ │ │ │ └── application.yml
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── pom.xml
└── README.md
├── sample2
├── ui
│ ├── src
│ │ ├── main
│ │ │ ├── wro
│ │ │ │ ├── main.less
│ │ │ │ ├── wro.properties
│ │ │ │ └── wro.xml
│ │ │ ├── resources
│ │ │ │ ├── static
│ │ │ │ │ ├── admin.html
│ │ │ │ │ ├── protected.html
│ │ │ │ │ ├── home.html
│ │ │ │ │ ├── index.html
│ │ │ │ │ └── js
│ │ │ │ │ │ └── hello.js
│ │ │ │ └── application.yml
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ ├── ResourceConfiguration.java
│ │ │ │ ├── MethodSecurityConfiguration.java
│ │ │ │ ├── UIService.java
│ │ │ │ └── UiApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── gateway
│ ├── src
│ │ ├── main
│ │ │ ├── wro
│ │ │ │ ├── main.less
│ │ │ │ ├── wro.properties
│ │ │ │ └── wro.xml
│ │ │ ├── resources
│ │ │ │ ├── static
│ │ │ │ │ └── index.html
│ │ │ │ └── application.yml
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── GatewayApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── ui-admin
│ └── src
│ │ ├── main
│ │ ├── wro
│ │ │ ├── main.less
│ │ │ ├── wro.properties
│ │ │ └── wro.xml
│ │ ├── resources
│ │ │ ├── static
│ │ │ │ ├── admin.html
│ │ │ │ ├── protected.html
│ │ │ │ ├── home.html
│ │ │ │ ├── index.html
│ │ │ │ └── js
│ │ │ │ │ └── hello.js
│ │ │ └── application.yml
│ │ └── java
│ │ │ └── demo
│ │ │ └── UiAdminApplication.java
│ │ └── test
│ │ └── java
│ │ └── demo
│ │ └── ApplicationTests.java
├── authserver-customlogin
│ ├── README.md
│ ├── src
│ │ ├── main
│ │ │ ├── wro
│ │ │ │ ├── main.less
│ │ │ │ ├── wro.properties
│ │ │ │ └── wro.xml
│ │ │ ├── resources
│ │ │ │ ├── public
│ │ │ │ │ └── images
│ │ │ │ │ │ └── login.png
│ │ │ │ ├── application.properties
│ │ │ │ └── templates
│ │ │ │ │ ├── login.ftl
│ │ │ │ │ └── authorize.ftl
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── AuthserverApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── authserver
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ ├── keystore.jks
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── AuthserverApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── resource1
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ ├── Greeting.java
│ │ │ │ └── ResourceApplication.java
│ │ └── test
│ │ │ └── groovy
│ │ │ └── demo
│ │ │ └── ApplicationTests.groovy
│ └── pom.xml
├── resource2
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ └── application.properties
│ │ │ └── groovy
│ │ │ │ └── demo
│ │ │ │ └── ResourceApplication.java
│ │ └── test
│ │ │ └── groovy
│ │ │ └── demo
│ │ │ └── ApplicationTests.groovy
│ └── pom.xml
├── authserver-formlogin
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ ├── keystore.jks
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ ├── ResourceConfiguration.java
│ │ │ │ └── AuthserverApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
└── pom.xml
├── sample3
├── ui
│ ├── src
│ │ ├── main
│ │ │ ├── wro
│ │ │ │ ├── main.less
│ │ │ │ ├── wro.properties
│ │ │ │ └── wro.xml
│ │ │ ├── resources
│ │ │ │ ├── static
│ │ │ │ │ ├── admin.html
│ │ │ │ │ ├── protected.html
│ │ │ │ │ ├── home.html
│ │ │ │ │ ├── index.html
│ │ │ │ │ └── js
│ │ │ │ │ │ └── hello.js
│ │ │ │ └── application.yml
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ ├── ResourceConfiguration.java
│ │ │ │ ├── MethodSecurityConfiguration.java
│ │ │ │ ├── UIService.java
│ │ │ │ └── UiApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── gateway
│ └── src
│ │ ├── main
│ │ ├── wro
│ │ │ ├── main.less
│ │ │ ├── wro.properties
│ │ │ └── wro.xml
│ │ ├── resources
│ │ │ ├── static
│ │ │ │ └── index.html
│ │ │ └── application.yml
│ │ └── java
│ │ │ └── demo
│ │ │ ├── DynamicOauth2ClientContextFilter.java
│ │ │ └── GatewayApplication.java
│ │ └── test
│ │ └── java
│ │ └── demo
│ │ └── ApplicationTests.java
├── authserver
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ ├── keystore.jks
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ └── AuthserverApplication.java
│ │ └── test
│ │ │ └── java
│ │ │ └── demo
│ │ │ └── ApplicationTests.java
│ └── pom.xml
├── resource1
│ ├── src
│ │ ├── main
│ │ │ ├── resources
│ │ │ │ └── application.properties
│ │ │ └── java
│ │ │ │ └── demo
│ │ │ │ ├── Greeting.java
│ │ │ │ └── ResourceApplication.java
│ │ └── test
│ │ │ └── groovy
│ │ │ └── demo
│ │ │ └── ApplicationTests.groovy
│ └── pom.xml
├── README.md
└── pom.xml
├── images
└── sample1.png
├── TODOs.md
├── sample0
└── authserver
│ ├── src
│ ├── main
│ │ ├── resources
│ │ │ ├── application.properties
│ │ │ └── keystore.jks
│ │ └── java
│ │ │ └── demo
│ │ │ └── BasicSecurityApp.java
│ └── test
│ │ └── java
│ │ └── demo
│ │ └── ApplicationTests.java
│ └── pom.xml
├── .gitignore
└── Questions.md
/sample1/ui/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/sample3/ui/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/sample2/gateway/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/sample3/gateway/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/README.md:
--------------------------------------------------------------------------------
1 | Docs
2 |
--------------------------------------------------------------------------------
/sample1/ui/src/main/resources/static/admin.html:
--------------------------------------------------------------------------------
1 | only admin can see this.
--------------------------------------------------------------------------------
/sample2/ui/src/main/resources/static/admin.html:
--------------------------------------------------------------------------------
1 | only admin can see this.
--------------------------------------------------------------------------------
/sample3/ui/src/main/resources/static/admin.html:
--------------------------------------------------------------------------------
1 | only admin can see this.
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/main/wro/main.less:
--------------------------------------------------------------------------------
1 | @brand-primary: #de8579;
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/resources/static/admin.html:
--------------------------------------------------------------------------------
1 | only admin can see this.
--------------------------------------------------------------------------------
/sample1/ui/src/main/resources/static/protected.html:
--------------------------------------------------------------------------------
1 | only users with role user can see this.
--------------------------------------------------------------------------------
/sample2/ui/src/main/resources/static/protected.html:
--------------------------------------------------------------------------------
1 | only users with role user can see this.
--------------------------------------------------------------------------------
/sample3/ui/src/main/resources/static/protected.html:
--------------------------------------------------------------------------------
1 | only users with role user can see this.
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/resources/static/protected.html:
--------------------------------------------------------------------------------
1 | only users with role user can see this.
--------------------------------------------------------------------------------
/images/sample1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ddewaele/spring-cloud-security-samples/HEAD/images/sample1.png
--------------------------------------------------------------------------------
/TODOs.md:
--------------------------------------------------------------------------------
1 | Stuff to discuss
2 |
3 | ## Auto-approving scopes
4 |
5 | auto-approve-scopes: '.*'
6 |
7 | ## JWT
8 |
9 |
--------------------------------------------------------------------------------
/sample0/authserver/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9999
2 | server.contextPath: /uaa
3 | security.user.password: password
4 |
--------------------------------------------------------------------------------
/sample1/ui/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample2/ui/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample3/ui/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample2/gateway/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample3/gateway/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/main/wro/wro.properties:
--------------------------------------------------------------------------------
1 | #List of preProcessors
2 | preProcessors=lessCssImport
3 | #List of postProcessors
4 | postProcessors=less4j,jsMin
--------------------------------------------------------------------------------
/sample0/authserver/src/main/resources/keystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ddewaele/spring-cloud-security-samples/HEAD/sample0/authserver/src/main/resources/keystore.jks
--------------------------------------------------------------------------------
/sample2/authserver/src/main/resources/keystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ddewaele/spring-cloud-security-samples/HEAD/sample2/authserver/src/main/resources/keystore.jks
--------------------------------------------------------------------------------
/sample3/authserver/src/main/resources/keystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ddewaele/spring-cloud-security-samples/HEAD/sample3/authserver/src/main/resources/keystore.jks
--------------------------------------------------------------------------------
/sample1/resource/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9000
2 | server.address: 127.0.0.1
3 | security.oauth2.resource.userInfoUri: http://localhost:9999/uaa/user
4 |
--------------------------------------------------------------------------------
/sample2/resource1/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9000
2 | server.address: 127.0.0.1
3 | security.oauth2.resource.userInfoUri: http://localhost:9999/uaa/user
4 |
--------------------------------------------------------------------------------
/sample2/resource2/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9001
2 | server.address: 127.0.0.1
3 | security.oauth2.resource.userInfoUri: http://localhost:9999/uaa/user
4 |
--------------------------------------------------------------------------------
/sample3/resource1/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9000
2 | server.address: 127.0.0.1
3 | security.oauth2.resource.userInfoUri: http://localhost:8888/uaa/user
4 |
--------------------------------------------------------------------------------
/sample2/authserver-formlogin/src/main/resources/keystore.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ddewaele/spring-cloud-security-samples/HEAD/sample2/authserver-formlogin/src/main/resources/keystore.jks
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/main/resources/public/images/login.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/ddewaele/spring-cloud-security-samples/HEAD/sample2/authserver-customlogin/src/main/resources/public/images/login.png
--------------------------------------------------------------------------------
/sample3/README.md:
--------------------------------------------------------------------------------
1 | In this example we've put everything behind the Zuul Gateway, including the auth server.
2 |
3 | Based on [uaa-behind-zuul-sample](https://github.com/kakawait/uaa-behind-zuul-sample/)
4 |
5 | [complete doc about this]
--------------------------------------------------------------------------------
/sample2/gateway/src/main/resources/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Gateway index
6 |
7 |
8 | Gateway index
9 |
10 |
--------------------------------------------------------------------------------
/sample3/gateway/src/main/resources/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Gateway index
6 |
7 |
8 | Gateway index
9 |
10 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | /Servers
2 | /.metadata
3 | /application.yml
4 | /application.properties
5 | *~
6 | .#*
7 | *#
8 | target
9 | bin
10 | /data
11 | .classpath
12 | .project
13 | .settings
14 | .springBeans
15 | .DS_Store
16 | *.sw*
17 | *.iml
18 | .idea
19 |
--------------------------------------------------------------------------------
/sample1/ui/src/main/resources/static/home.html:
--------------------------------------------------------------------------------
1 | Greeting
2 |
3 |
The ID is {{controller.greeting.id}}
4 |
The content is {{controller.greeting.content}}
5 |
7 |
Login to see your greeting
8 |
Greeting
2 |
3 |
The ID is {{controller.greeting.id}}
4 |
The content is {{controller.greeting.content}}
5 |
7 |
Login to see your greeting
8 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.min.js
6 |
7 |
--------------------------------------------------------------------------------
/sample1/ui/src/main/wro/wro.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.js
6 | webjar:angularjs/1.3.8/angular.js
7 | webjar:angularjs/1.3.8/angular-route.js
8 |
9 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/wro/wro.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.js
6 | webjar:angularjs/1.3.8/angular.js
7 | webjar:angularjs/1.3.8/angular-route.js
8 |
9 |
--------------------------------------------------------------------------------
/sample3/ui/src/main/wro/wro.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.js
6 | webjar:angularjs/1.3.8/angular.js
7 | webjar:angularjs/1.3.8/angular-route.js
8 |
9 |
--------------------------------------------------------------------------------
/sample1/ui/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | debug: true
2 |
3 | spring:
4 | aop:
5 | proxy-target-class: true
6 |
7 | security:
8 | oauth2:
9 | resource:
10 | userInfoUri: http://localhost:9999/uaa/user
11 |
12 | logging:
13 | level:
14 | org.springframework.security: DEBUG
15 | org.springframework.web: DEBUG
16 |
17 | server:
18 | context-path: /ui
19 | use-forward-headers: true
--------------------------------------------------------------------------------
/sample2/authserver/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9999
2 | server.contextPath: /uaa
3 | security.sessions: if-required
4 | security.oauth2.client.clientId: acme
5 | security.oauth2.client.clientSecret: acmesecret
6 | security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password
7 | security.oauth2.client.scope: openid
8 | # logging.level.org.springframework.security: DEBUG
--------------------------------------------------------------------------------
/sample2/gateway/src/main/wro/wro.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.js
6 | webjar:angularjs/1.3.8/angular.js
7 | webjar:angularjs/1.3.8/angular-route.js
8 |
9 |
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/wro/wro.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.js
6 | webjar:angularjs/1.3.8/angular.js
7 | webjar:angularjs/1.3.8/angular-route.js
8 |
9 |
--------------------------------------------------------------------------------
/sample3/gateway/src/main/wro/wro.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | webjar:bootstrap/3.2.0/less/bootstrap.less
4 | file:@project.basedir@/src/main/wro/main.less
5 | webjar:jquery/2.1.1/jquery.js
6 | webjar:angularjs/1.3.8/angular.js
7 | webjar:angularjs/1.3.8/angular-route.js
8 |
9 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | debug: true
2 |
3 | spring:
4 | aop:
5 | proxy-target-class: true
6 |
7 |
8 | security:
9 |
10 | oauth2:
11 | resource:
12 | userInfoUri: http://localhost:9999/uaa/user
13 | user:
14 | password: password
15 | logging:
16 | level:
17 | org.springframework.security: DEBUG
18 | org.springframework.web: DEBUG
19 |
20 | server:
21 | context-path: /ui
--------------------------------------------------------------------------------
/sample3/ui/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | debug: true
2 |
3 | spring:
4 | aop:
5 | proxy-target-class: true
6 |
7 |
8 | security:
9 |
10 | oauth2:
11 | resource:
12 | userInfoUri: http://localhost:8888/uaa/user
13 | user:
14 | password: password
15 | logging:
16 | level:
17 | org.springframework.security: DEBUG
18 | org.springframework.web: DEBUG
19 |
20 | server:
21 | context-path: /ui
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9999
2 | server.contextPath: /uaa
3 | security.oauth2.client.clientId: acme
4 | security.oauth2.client.clientSecret: acmesecret
5 | security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password
6 | security.oauth2.client.scope: openid
7 | logging.level.org.springframework.security: DEBUG
8 | logging.level.org.springframework.web: DEBUG
9 |
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | debug: true
2 |
3 | spring:
4 | aop:
5 | proxy-target-class: true
6 |
7 |
8 | security:
9 |
10 | oauth2:
11 | resource:
12 | userInfoUri: http://localhost:9999/uaa/user
13 | user:
14 | password: password
15 | logging:
16 | level:
17 | org.springframework.security: DEBUG
18 | org.springframework.web: DEBUG
19 |
20 | server:
21 | port: 8081
22 | context-path: /ui-admin
--------------------------------------------------------------------------------
/sample3/authserver/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9999
2 | server.contextPath: /uaa
3 | server.use-forward-headers=true
4 | security.sessions: if-required
5 | security.oauth2.client.clientId: acme
6 | security.oauth2.client.clientSecret: acmesecret
7 | security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password
8 | security.oauth2.client.scope: openid
9 | # logging.level.org.springframework.security: DEBUG
10 |
--------------------------------------------------------------------------------
/sample2/authserver-formlogin/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9999
2 | server.contextPath: /uaa
3 | security.sessions: if-required
4 | security.oauth2.client.clientId: acme
5 | security.oauth2.client.clientSecret: acmesecret
6 | security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password
7 | security.oauth2.client.scope: openid
8 | logging.level.org.springframework.security: DEBUG
9 | logging.level.org.springframework.web: DEBUG
--------------------------------------------------------------------------------
/sample1/authserver/src/main/resources/application.properties:
--------------------------------------------------------------------------------
1 | server.port: 9999
2 | server.contextPath: /uaa
3 | security.user.password: password
4 | security.sessions: if-required
5 | security.oauth2.client.clientId: acme
6 | security.oauth2.client.clientSecret: acmesecret
7 | security.oauth2.client.authorized-grant-types: authorization_code,refresh_token,password
8 | security.oauth2.client.scope: openid
9 | logging.level.org.springframework.security: DEBUG
10 | logging.level.org.springframework.web: DEBUG
11 |
12 |
--------------------------------------------------------------------------------
/sample1/gateway/src/main/java/demo/GatewayApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
6 | import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
7 |
8 | @SpringBootApplication
9 | @EnableZuulProxy
10 | @EnableOAuth2Sso
11 | public class GatewayApplication {
12 |
13 | public static void main(String[] args) {
14 | SpringApplication.run(GatewayApplication.class, args);
15 | }
16 |
17 | }
18 |
--------------------------------------------------------------------------------
/sample1/pom.xml:
--------------------------------------------------------------------------------
1 |
3 | 4.0.0
4 |
5 | org.demo
6 | pairs-oauth2-vanilla
7 | 0.0.1-SNAPSHOT
8 | pom
9 | OAuth2 Vanilla Sample1
10 |
11 |
12 | authserver
13 | gateway
14 | ui
15 | resource
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/sample3/pom.xml:
--------------------------------------------------------------------------------
1 |
3 | 4.0.0
4 |
5 | org.demo
6 | pairs-oauth2-vanilla
7 | 0.0.1-SNAPSHOT
8 | pom
9 | Spring Pairs Samples OAuth2 Vanilla
10 |
11 |
12 | authserver
13 | gateway
14 | ui
15 | resource1
16 |
17 |
18 |
19 |
--------------------------------------------------------------------------------
/sample2/resource1/src/main/java/demo/Greeting.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | /**
4 | * Created by ddewaele on 10/04/16.
5 | */
6 | public class Greeting {
7 |
8 | public Greeting() {
9 | }
10 |
11 | public Greeting(String id, String message) {
12 | this.id = id;
13 | this.message = message;
14 | }
15 |
16 | private String id;
17 | private String message;
18 |
19 |
20 | public String getId() {
21 | return this.id;
22 | }
23 |
24 | public void setId(String id) {
25 | this.id = id;
26 | }
27 |
28 | public String getMessage() {
29 | return this.message;
30 | }
31 |
32 | public void setMessage(String message) {
33 | this.message = message;
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/sample3/resource1/src/main/java/demo/Greeting.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | /**
4 | * Created by ddewaele on 10/04/16.
5 | */
6 | public class Greeting {
7 |
8 | public Greeting() {
9 | }
10 |
11 | public Greeting(String id, String message) {
12 | this.id = id;
13 | this.message = message;
14 | }
15 |
16 | private String id;
17 | private String message;
18 |
19 |
20 | public String getId() {
21 | return this.id;
22 | }
23 |
24 | public void setId(String id) {
25 | this.id = id;
26 | }
27 |
28 | public String getMessage() {
29 | return this.message;
30 | }
31 |
32 | public void setMessage(String message) {
33 | this.message = message;
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/sample2/pom.xml:
--------------------------------------------------------------------------------
1 |
3 | 4.0.0
4 |
5 | org.demo
6 | pairs-oauth2-vanilla
7 | 0.0.1-SNAPSHOT
8 | pom
9 | Spring Pairs Samples OAuth2 Vanilla
10 |
11 |
12 | authserver
13 | authserver-formlogin
14 | authserver-customlogin
15 | gateway
16 | ui
17 | ui-admin
18 | resource1
19 | resource2
20 |
21 |
22 |
23 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/resources/static/home.html:
--------------------------------------------------------------------------------
1 | Greeting
2 |
3 |
The ID is {{controller.greeting.id}}
4 |
The User name is {{controller.user.username}} with roles {{controller.user.authorities}}
5 |
The resposne from resource1 is {{controller.resource1}}
6 |
The resposne from resource2 is {{controller.resource2}}
7 |
8 |
managerService = {{controller.managerService}}
9 |
adminService = {{controller.adminService}}
10 |
userService = {{controller.userService}}
11 |
publicService = {{controller.publicService}}
12 |
authenticatedService = {{controller.authenticatedService}}
13 |
14 |
16 |
Login to see your greeting
17 |
Greeting
2 |
3 |
The ID is {{controller.greeting.id}}
4 |
The User name is {{controller.user.username}} with roles {{controller.user.authorities}}
5 |
The resposne from resource1 is {{controller.resource1}}
6 |
The resposne from resource2 is {{controller.resource2}}
7 |
8 |
managerService = {{controller.managerService}}
9 |
adminService = {{controller.adminService}}
10 |
userService = {{controller.userService}}
11 |
publicService = {{controller.publicService}}
12 |
authenticatedService = {{controller.authenticatedService}}
13 |
14 |
16 |
Login to see your greeting
17 |
Hello AngularJS
5 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/resources/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Hello AngularJS
5 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sample3/ui/src/main/resources/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Hello AngularJS
5 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/resources/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Hello AngularJS
5 |
24 |
25 |
26 |
27 |
28 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/java/demo/ResourceConfiguration.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.context.annotation.Configuration;
4 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
5 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
6 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
7 |
8 | @Configuration
9 | @EnableResourceServer
10 | //@Import({ MethodSecurityConfiguration.class })
11 | public class ResourceConfiguration extends ResourceServerConfigurerAdapter
12 | {
13 |
14 | @Override
15 | public void configure(final HttpSecurity http) throws Exception {
16 | http
17 | .authorizeRequests()
18 | .antMatchers("/login").permitAll()
19 | .antMatchers("/protected.html").hasRole("USER")
20 | .antMatchers("/admin.html").hasRole("ADMIN");
21 | }
22 |
23 | }
--------------------------------------------------------------------------------
/sample3/ui/src/main/java/demo/ResourceConfiguration.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.context.annotation.Configuration;
4 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
5 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
6 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
7 |
8 | @Configuration
9 | @EnableResourceServer
10 | //@Import({ MethodSecurityConfiguration.class })
11 | public class ResourceConfiguration extends ResourceServerConfigurerAdapter
12 | {
13 |
14 | @Override
15 | public void configure(final HttpSecurity http) throws Exception {
16 | http
17 | .authorizeRequests()
18 | .antMatchers("/login").permitAll()
19 | .antMatchers("/protected.html").hasRole("USER")
20 | .antMatchers("/admin.html").hasRole("ADMIN");
21 | }
22 |
23 | }
--------------------------------------------------------------------------------
/sample1/authserver/src/main/java/demo/AuthserverApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
6 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
7 | import org.springframework.web.bind.annotation.RequestMapping;
8 | import org.springframework.web.bind.annotation.RestController;
9 |
10 | import java.security.Principal;
11 |
12 | @SpringBootApplication
13 | @RestController
14 | @EnableResourceServer
15 | @EnableAuthorizationServer
16 | public class AuthserverApplication {
17 |
18 | @RequestMapping("/user")
19 | public Principal user(Principal user) {
20 | return user;
21 | }
22 |
23 | public static void main(String[] args) {
24 | SpringApplication.run(AuthserverApplication.class, args);
25 | }
26 |
27 | }
28 |
--------------------------------------------------------------------------------
/sample1/resource/src/main/java/demo/ResourceApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
6 | import org.springframework.web.bind.annotation.RequestMapping;
7 | import org.springframework.web.bind.annotation.RestController;
8 |
9 | import java.util.LinkedHashMap;
10 | import java.util.UUID;
11 |
12 | @SpringBootApplication
13 | @RestController
14 | @EnableResourceServer
15 | public class ResourceApplication {
16 | @RequestMapping("/")
17 | public LinkedHashMap home() {
18 | LinkedHashMap map = new LinkedHashMap(2);
19 | map.put("id", UUID.randomUUID().toString());
20 | map.put("content", "Hello World from resource");
21 | return map;
22 | }
23 |
24 | public static void main(String[] args) {
25 | SpringApplication.run(ResourceApplication.class, args);
26 | }
27 |
28 | }
29 |
--------------------------------------------------------------------------------
/sample2/gateway/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | debug: true
2 |
3 |
4 | spring:
5 | aop:
6 | proxy-target-class: true
7 |
8 | security:
9 | oauth2:
10 | client:
11 | accessTokenUri: http://localhost:9999/uaa/oauth/token
12 | userAuthorizationUri: http://localhost:9999/uaa/oauth/authorize
13 | clientId: acme
14 | clientSecret: acmesecret
15 | resource:
16 | userInfoUri: http://localhost:9999/uaa/user
17 |
18 | zuul:
19 | routes:
20 | resource1:
21 | path: /resource1/**
22 | url: http://localhost:9000
23 | resource2:
24 | path: /resource2/**
25 | url: http://localhost:9001
26 | ui:
27 | path: /ui/**
28 | url: http://localhost:8080/ui
29 | ui-admin:
30 | path: /ui-admin/**
31 | url: http://localhost:8081/ui-admin
32 | user:
33 | path: /user/**
34 | url: http://localhost:9999/uaa/user
35 |
36 | logging:
37 | level:
38 | org.springframework.security: DEBUG
39 | org.springframework.web: DEBUG
40 |
41 | server:
42 | port: 8888
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/main/resources/templates/login.ftl:
--------------------------------------------------------------------------------
1 |
2 |
3 |
8 | There was a problem logging in. Please try again.
9 |
10 |
11 |
12 |
13 |
25 |
7 |
Please Confirm
8 |
9 |
10 | Do you authorize "${authorizationRequest.clientId}" at "${authorizationRequest.redirectUri}" to access your protected resources
11 | with scope ${authorizationRequest.scope?join(", ")}.
12 |
13 |
20 |
26 |
response = template.getForEntity("http://localhost:${port}/", String.class)
32 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode())
33 | String auth = response.getHeaders().getFirst("WWW-Authenticate")
34 | assertTrue("Wrong location: " + auth , auth.startsWith("Bearer"))
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/sample2/resource1/src/test/groovy/demo/ApplicationTests.groovy:
--------------------------------------------------------------------------------
1 | package demo
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test
7 | import org.junit.runner.RunWith
8 | import org.springframework.test.context.web.WebAppConfiguration;
9 | import org.springframework.beans.factory.annotation.Value;
10 | import org.springframework.boot.test.IntegrationTest;
11 | import org.springframework.boot.test.SpringApplicationConfiguration
12 | import org.springframework.boot.test.TestRestTemplate;
13 | import org.springframework.http.HttpStatus;
14 | import org.springframework.http.ResponseEntity;
15 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner)
19 | @SpringApplicationConfiguration(classes = ResourceApplication)
20 | @WebAppConfiguration
21 | @IntegrationTest('server.port:0')
22 | public class ApplicationTests {
23 |
24 | @Value('${local.server.port}')
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void resourceLoads() {
31 | ResponseEntity response = template.getForEntity("http://localhost:${port}/", String.class)
32 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode())
33 | String auth = response.getHeaders().getFirst("WWW-Authenticate")
34 | assertTrue("Wrong location: " + auth , auth.startsWith("Bearer"))
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/sample2/resource2/src/test/groovy/demo/ApplicationTests.groovy:
--------------------------------------------------------------------------------
1 | package demo
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test
7 | import org.junit.runner.RunWith
8 | import org.springframework.test.context.web.WebAppConfiguration;
9 | import org.springframework.beans.factory.annotation.Value;
10 | import org.springframework.boot.test.IntegrationTest;
11 | import org.springframework.boot.test.SpringApplicationConfiguration
12 | import org.springframework.boot.test.TestRestTemplate;
13 | import org.springframework.http.HttpStatus;
14 | import org.springframework.http.ResponseEntity;
15 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner)
19 | @SpringApplicationConfiguration(classes = ResourceApplication)
20 | @WebAppConfiguration
21 | @IntegrationTest('server.port:0')
22 | public class ApplicationTests {
23 |
24 | @Value('${local.server.port}')
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void resourceLoads() {
31 | ResponseEntity response = template.getForEntity("http://localhost:${port}/", String.class)
32 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode())
33 | String auth = response.getHeaders().getFirst("WWW-Authenticate")
34 | assertTrue("Wrong location: " + auth , auth.startsWith("Bearer"))
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/sample3/resource1/src/test/groovy/demo/ApplicationTests.groovy:
--------------------------------------------------------------------------------
1 | package demo
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test
7 | import org.junit.runner.RunWith
8 | import org.springframework.test.context.web.WebAppConfiguration;
9 | import org.springframework.beans.factory.annotation.Value;
10 | import org.springframework.boot.test.IntegrationTest;
11 | import org.springframework.boot.test.SpringApplicationConfiguration
12 | import org.springframework.boot.test.TestRestTemplate;
13 | import org.springframework.http.HttpStatus;
14 | import org.springframework.http.ResponseEntity;
15 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner)
19 | @SpringApplicationConfiguration(classes = ResourceApplication)
20 | @WebAppConfiguration
21 | @IntegrationTest('server.port:0')
22 | public class ApplicationTests {
23 |
24 | @Value('${local.server.port}')
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void resourceLoads() {
31 | ResponseEntity response = template.getForEntity("http://localhost:${port}/", String.class)
32 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode())
33 | String auth = response.getHeaders().getFirst("WWW-Authenticate")
34 | assertTrue("Wrong location: " + auth , auth.startsWith("Bearer"))
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/java/demo/UIService.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.security.access.prepost.PreAuthorize;
4 | import org.springframework.web.bind.annotation.RequestMapping;
5 | import org.springframework.web.bind.annotation.RestController;
6 |
7 | @RestController
8 | @RequestMapping("/uiservice")
9 | public class UIService {
10 |
11 |
12 | @RequestMapping("/publicService")
13 | public ServiceResponse publicService() {
14 | return new ServiceResponse("public");
15 | }
16 |
17 | @RequestMapping("/authenticatedService")
18 | @PreAuthorize("hasRole('ROLE_USER')")
19 | public ServiceResponse authenticatedService() {
20 | return new ServiceResponse("authenticated");
21 | }
22 |
23 | @RequestMapping("/userService")
24 | @PreAuthorize("hasRole('ROLE_USER')")
25 | public ServiceResponse userService() {
26 | return new ServiceResponse("user");
27 | }
28 |
29 | @RequestMapping("/managerService")
30 | @PreAuthorize("hasRole('ROLE_MANAGER')")
31 | public ServiceResponse managerService() {
32 | return new ServiceResponse("manager");
33 | }
34 |
35 | @RequestMapping("/adminService")
36 | @PreAuthorize("hasRole('ROLE_ADMIN')")
37 | public ServiceResponse adminService() {
38 | return new ServiceResponse("admin");
39 | }
40 |
41 | class ServiceResponse {
42 | private String msg;
43 |
44 | ServiceResponse(String msg) {
45 | this.msg=msg;
46 | }
47 |
48 | public String getMsg() {
49 | return msg;
50 | }
51 | }
52 |
53 | }
--------------------------------------------------------------------------------
/sample3/ui/src/main/java/demo/UIService.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.security.access.prepost.PreAuthorize;
4 | import org.springframework.web.bind.annotation.RequestMapping;
5 | import org.springframework.web.bind.annotation.RestController;
6 |
7 | @RestController
8 | @RequestMapping("/uiservice")
9 | public class UIService {
10 |
11 |
12 | @RequestMapping("/publicService")
13 | public ServiceResponse publicService() {
14 | return new ServiceResponse("public");
15 | }
16 |
17 | @RequestMapping("/authenticatedService")
18 | @PreAuthorize("hasRole('ROLE_USER')")
19 | public ServiceResponse authenticatedService() {
20 | return new ServiceResponse("authenticated");
21 | }
22 |
23 | @RequestMapping("/userService")
24 | @PreAuthorize("hasRole('ROLE_USER')")
25 | public ServiceResponse userService() {
26 | return new ServiceResponse("user");
27 | }
28 |
29 | @RequestMapping("/managerService")
30 | @PreAuthorize("hasRole('ROLE_MANAGER')")
31 | public ServiceResponse managerService() {
32 | return new ServiceResponse("manager");
33 | }
34 |
35 | @RequestMapping("/adminService")
36 | @PreAuthorize("hasRole('ROLE_ADMIN')")
37 | public ServiceResponse adminService() {
38 | return new ServiceResponse("admin");
39 | }
40 |
41 | class ServiceResponse {
42 | private String msg;
43 |
44 | ServiceResponse(String msg) {
45 | this.msg=msg;
46 | }
47 |
48 | public String getMsg() {
49 | return msg;
50 | }
51 | }
52 |
53 | }
--------------------------------------------------------------------------------
/sample3/gateway/src/main/java/demo/DynamicOauth2ClientContextFilter.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
4 | import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
5 | import org.springframework.security.web.DefaultRedirectStrategy;
6 | import org.springframework.security.web.RedirectStrategy;
7 | import org.springframework.web.util.UriComponentsBuilder;
8 |
9 | import javax.servlet.http.HttpServletRequest;
10 | import javax.servlet.http.HttpServletResponse;
11 | import java.io.IOException;
12 | import java.util.Map;
13 |
14 | /**
15 | * @author Thibaud Leprêtre
16 | */
17 | class DynamicOauth2ClientContextFilter extends OAuth2ClientContextFilter {
18 | private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
19 |
20 | @Override
21 | protected void redirectUser(UserRedirectRequiredException e, HttpServletRequest request,
22 | HttpServletResponse response) throws IOException {
23 | String redirectUri = e.getRedirectUri();
24 | UriComponentsBuilder builder = UriComponentsBuilder.fromUriString(redirectUri);
25 | Map requestParams = e.getRequestParams();
26 | for (Map.Entry param : requestParams.entrySet()) {
27 | builder.queryParam(param.getKey(), param.getValue());
28 | }
29 |
30 | if (e.getStateKey() != null) {
31 | builder.queryParam("state", e.getStateKey());
32 | }
33 |
34 | this.redirectStrategy.sendRedirect(request, response, builder.build().encode().toUriString());
35 | }
36 |
37 | @Override
38 | public void setRedirectStrategy(RedirectStrategy redirectStrategy) {
39 | this.redirectStrategy = redirectStrategy;
40 | }
41 | }
--------------------------------------------------------------------------------
/sample1/gateway/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 |
17 | @RunWith(SpringJUnit4ClassRunner.class)
18 | @SpringApplicationConfiguration(classes = GatewayApplication.class)
19 | @WebAppConfiguration
20 | @IntegrationTest("server.port:0")
21 | public class ApplicationTests {
22 |
23 | @Value("${local.server.port}")
24 | private int port;
25 |
26 | @Value("${security.oauth2.client.userAuthorizationUri}")
27 | private String authorizeUri;
28 |
29 | private RestTemplate template = new TestRestTemplate();
30 |
31 | @Test
32 | public void homePageLoads() {
33 | ResponseEntity response = template.getForEntity("http://localhost:"
34 | + port + "/", String.class);
35 | assertEquals(HttpStatus.OK, response.getStatusCode());
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/user", String.class);
42 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
43 | }
44 |
45 | @Test
46 | public void resourceEndpointProtected() {
47 | ResponseEntity response = template.getForEntity("http://localhost:"
48 | + port + "/resource", String.class);
49 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
50 | }
51 |
52 | // @Test
53 | // public void loginRedirects() {
54 | // ResponseEntity response = template.getForEntity("http://localhost:"
55 | // + port + "/login", String.class);
56 | // assertEquals(HttpStatus.FOUND, response.getStatusCode());
57 | // String location = response.getHeaders().getFirst("Location");
58 | // assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
59 | // }
60 |
61 | }
62 |
--------------------------------------------------------------------------------
/sample2/gateway/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 |
17 | @RunWith(SpringJUnit4ClassRunner.class)
18 | @SpringApplicationConfiguration(classes = GatewayApplication.class)
19 | @WebAppConfiguration
20 | @IntegrationTest("server.port:0")
21 | public class ApplicationTests {
22 |
23 | @Value("${local.server.port}")
24 | private int port;
25 |
26 | @Value("${security.oauth2.client.userAuthorizationUri}")
27 | private String authorizeUri;
28 |
29 | private RestTemplate template = new TestRestTemplate();
30 |
31 | @Test
32 | public void homePageLoads() {
33 | ResponseEntity response = template.getForEntity("http://localhost:"
34 | + port + "/", String.class);
35 | assertEquals(HttpStatus.OK, response.getStatusCode());
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/user", String.class);
42 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
43 | }
44 |
45 | @Test
46 | public void resourceEndpointProtected() {
47 | ResponseEntity response = template.getForEntity("http://localhost:"
48 | + port + "/resource", String.class);
49 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
50 | }
51 |
52 | // @Test
53 | // public void loginRedirects() {
54 | // ResponseEntity response = template.getForEntity("http://localhost:"
55 | // + port + "/login", String.class);
56 | // assertEquals(HttpStatus.FOUND, response.getStatusCode());
57 | // String location = response.getHeaders().getFirst("Location");
58 | // assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
59 | // }
60 |
61 | }
62 |
--------------------------------------------------------------------------------
/sample3/gateway/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 |
17 | @RunWith(SpringJUnit4ClassRunner.class)
18 | @SpringApplicationConfiguration(classes = GatewayApplication.class)
19 | @WebAppConfiguration
20 | @IntegrationTest("server.port:0")
21 | public class ApplicationTests {
22 |
23 | @Value("${local.server.port}")
24 | private int port;
25 |
26 | @Value("${security.oauth2.client.userAuthorizationUri}")
27 | private String authorizeUri;
28 |
29 | private RestTemplate template = new TestRestTemplate();
30 |
31 | @Test
32 | public void homePageLoads() {
33 | ResponseEntity response = template.getForEntity("http://localhost:"
34 | + port + "/", String.class);
35 | assertEquals(HttpStatus.OK, response.getStatusCode());
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/user", String.class);
42 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
43 | }
44 |
45 | @Test
46 | public void resourceEndpointProtected() {
47 | ResponseEntity response = template.getForEntity("http://localhost:"
48 | + port + "/resource", String.class);
49 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
50 | }
51 |
52 | // @Test
53 | // public void loginRedirects() {
54 | // ResponseEntity response = template.getForEntity("http://localhost:"
55 | // + port + "/login", String.class);
56 | // assertEquals(HttpStatus.FOUND, response.getStatusCode());
57 | // String location = response.getHeaders().getFirst("Location");
58 | // assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
59 | // }
60 |
61 | }
62 |
--------------------------------------------------------------------------------
/sample1/ui/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test;
7 | import org.junit.runner.RunWith;
8 | import org.springframework.beans.factory.annotation.Value;
9 | import org.springframework.boot.test.IntegrationTest;
10 | import org.springframework.boot.test.SpringApplicationConfiguration;
11 | import org.springframework.boot.test.TestRestTemplate;
12 | import org.springframework.http.HttpStatus;
13 | import org.springframework.http.ResponseEntity;
14 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
15 | import org.springframework.test.context.web.WebAppConfiguration;
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = UiApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | @Value("${security.oauth2.client.userAuthorizationUri}")
28 | private String authorizeUri;
29 |
30 | private RestTemplate template = new TestRestTemplate();
31 |
32 | @Test
33 | public void homePageLoads() {
34 | ResponseEntity response = template.getForEntity("http://localhost:"
35 | + port + "/", String.class);
36 | assertEquals(HttpStatus.OK, response.getStatusCode());
37 | }
38 |
39 | @Test
40 | public void userEndpointProtected() {
41 | ResponseEntity response = template.getForEntity("http://localhost:"
42 | + port + "/user", String.class);
43 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
44 | }
45 |
46 | @Test
47 | public void resourceEndpointProtected() {
48 | ResponseEntity response = template.getForEntity("http://localhost:"
49 | + port + "/resource", String.class);
50 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
51 | }
52 |
53 | @Test
54 | public void loginRedirects() {
55 | ResponseEntity response = template.getForEntity("http://localhost:"
56 | + port + "/login", String.class);
57 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
58 | String location = response.getHeaders().getFirst("Location");
59 | assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
60 | }
61 |
62 | }
63 |
--------------------------------------------------------------------------------
/sample2/ui/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test;
7 | import org.junit.runner.RunWith;
8 | import org.springframework.beans.factory.annotation.Value;
9 | import org.springframework.boot.test.IntegrationTest;
10 | import org.springframework.boot.test.SpringApplicationConfiguration;
11 | import org.springframework.boot.test.TestRestTemplate;
12 | import org.springframework.http.HttpStatus;
13 | import org.springframework.http.ResponseEntity;
14 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
15 | import org.springframework.test.context.web.WebAppConfiguration;
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = UiApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | @Value("${security.oauth2.client.userAuthorizationUri}")
28 | private String authorizeUri;
29 |
30 | private RestTemplate template = new TestRestTemplate();
31 |
32 | @Test
33 | public void homePageLoads() {
34 | ResponseEntity response = template.getForEntity("http://localhost:"
35 | + port + "/", String.class);
36 | assertEquals(HttpStatus.OK, response.getStatusCode());
37 | }
38 |
39 | @Test
40 | public void userEndpointProtected() {
41 | ResponseEntity response = template.getForEntity("http://localhost:"
42 | + port + "/user", String.class);
43 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
44 | }
45 |
46 | @Test
47 | public void resourceEndpointProtected() {
48 | ResponseEntity response = template.getForEntity("http://localhost:"
49 | + port + "/resource", String.class);
50 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
51 | }
52 |
53 | @Test
54 | public void loginRedirects() {
55 | ResponseEntity response = template.getForEntity("http://localhost:"
56 | + port + "/login", String.class);
57 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
58 | String location = response.getHeaders().getFirst("Location");
59 | assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
60 | }
61 |
62 | }
63 |
--------------------------------------------------------------------------------
/sample3/ui/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test;
7 | import org.junit.runner.RunWith;
8 | import org.springframework.beans.factory.annotation.Value;
9 | import org.springframework.boot.test.IntegrationTest;
10 | import org.springframework.boot.test.SpringApplicationConfiguration;
11 | import org.springframework.boot.test.TestRestTemplate;
12 | import org.springframework.http.HttpStatus;
13 | import org.springframework.http.ResponseEntity;
14 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
15 | import org.springframework.test.context.web.WebAppConfiguration;
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = UiApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | @Value("${security.oauth2.client.userAuthorizationUri}")
28 | private String authorizeUri;
29 |
30 | private RestTemplate template = new TestRestTemplate();
31 |
32 | @Test
33 | public void homePageLoads() {
34 | ResponseEntity response = template.getForEntity("http://localhost:"
35 | + port + "/", String.class);
36 | assertEquals(HttpStatus.OK, response.getStatusCode());
37 | }
38 |
39 | @Test
40 | public void userEndpointProtected() {
41 | ResponseEntity response = template.getForEntity("http://localhost:"
42 | + port + "/user", String.class);
43 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
44 | }
45 |
46 | @Test
47 | public void resourceEndpointProtected() {
48 | ResponseEntity response = template.getForEntity("http://localhost:"
49 | + port + "/resource", String.class);
50 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
51 | }
52 |
53 | @Test
54 | public void loginRedirects() {
55 | ResponseEntity response = template.getForEntity("http://localhost:"
56 | + port + "/login", String.class);
57 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
58 | String location = response.getHeaders().getFirst("Location");
59 | assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
60 | }
61 |
62 | }
63 |
--------------------------------------------------------------------------------
/sample2/ui-admin/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import org.junit.Test;
7 | import org.junit.runner.RunWith;
8 | import org.springframework.beans.factory.annotation.Value;
9 | import org.springframework.boot.test.IntegrationTest;
10 | import org.springframework.boot.test.SpringApplicationConfiguration;
11 | import org.springframework.boot.test.TestRestTemplate;
12 | import org.springframework.http.HttpStatus;
13 | import org.springframework.http.ResponseEntity;
14 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
15 | import org.springframework.test.context.web.WebAppConfiguration;
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = UiAdminApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | @Value("${security.oauth2.client.userAuthorizationUri}")
28 | private String authorizeUri;
29 |
30 | private RestTemplate template = new TestRestTemplate();
31 |
32 | @Test
33 | public void homePageLoads() {
34 | ResponseEntity response = template.getForEntity("http://localhost:"
35 | + port + "/", String.class);
36 | assertEquals(HttpStatus.OK, response.getStatusCode());
37 | }
38 |
39 | @Test
40 | public void userEndpointProtected() {
41 | ResponseEntity response = template.getForEntity("http://localhost:"
42 | + port + "/user", String.class);
43 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
44 | }
45 |
46 | @Test
47 | public void resourceEndpointProtected() {
48 | ResponseEntity response = template.getForEntity("http://localhost:"
49 | + port + "/resource", String.class);
50 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
51 | }
52 |
53 | @Test
54 | public void loginRedirects() {
55 | ResponseEntity response = template.getForEntity("http://localhost:"
56 | + port + "/login", String.class);
57 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
58 | String location = response.getHeaders().getFirst("Location");
59 | assertTrue("Wrong location: " + location , location.startsWith(authorizeUri));
60 | }
61 |
62 | }
63 |
--------------------------------------------------------------------------------
/sample0/authserver/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 | import static org.junit.Assert.assertTrue;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = BasicSecurityApp.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void homePageProtected() {
31 | ResponseEntity response = template.getForEntity("http://localhost:"
32 | + port + "/uaa/", String.class);
33 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
34 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
35 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/uaa/user", String.class);
42 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
43 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
44 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
45 | }
46 |
47 | //TODO: Find out why this fails as soon as you implement WebSecurityConfigurerAdapter
48 | @Test
49 | public void authorizationRedirects() {
50 | ResponseEntity response = template.getForEntity("http://localhost:"
51 | + port + "/uaa/oauth/authorize", String.class);
52 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
53 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
54 | assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));
55 | }
56 |
57 | }
58 |
--------------------------------------------------------------------------------
/sample1/authserver/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 | import static org.junit.Assert.assertTrue;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = AuthserverApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void homePageProtected() {
31 | ResponseEntity response = template.getForEntity("http://localhost:"
32 | + port + "/uaa/", String.class);
33 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
34 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
35 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/uaa/user", String.class);
42 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
43 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
44 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
45 | }
46 |
47 | //TODO: Find out why this fails as soon as you implement WebSecurityConfigurerAdapter
48 | @Test
49 | public void authorizationRedirects() {
50 | ResponseEntity response = template.getForEntity("http://localhost:"
51 | + port + "/uaa/oauth/authorize", String.class);
52 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
53 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
54 | assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));
55 | }
56 |
57 | }
58 |
--------------------------------------------------------------------------------
/sample2/authserver/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 | import static org.junit.Assert.assertTrue;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = AuthserverApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void homePageProtected() {
31 | ResponseEntity response = template.getForEntity("http://localhost:"
32 | + port + "/uaa/", String.class);
33 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
34 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
35 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/uaa/user", String.class);
42 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
43 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
44 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
45 | }
46 |
47 | //TODO: Find out why this fails as soon as you implement WebSecurityConfigurerAdapter
48 | @Test
49 | public void authorizationRedirects() {
50 | ResponseEntity response = template.getForEntity("http://localhost:"
51 | + port + "/uaa/oauth/authorize", String.class);
52 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
53 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
54 | assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));
55 | }
56 |
57 | }
58 |
--------------------------------------------------------------------------------
/sample3/authserver/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 | import static org.junit.Assert.assertTrue;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = AuthserverApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void homePageProtected() {
31 | ResponseEntity response = template.getForEntity("http://localhost:"
32 | + port + "/uaa/", String.class);
33 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
34 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
35 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/uaa/user", String.class);
42 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
43 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
44 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
45 | }
46 |
47 | //TODO: Find out why this fails as soon as you implement WebSecurityConfigurerAdapter
48 | @Test
49 | public void authorizationRedirects() {
50 | ResponseEntity response = template.getForEntity("http://localhost:"
51 | + port + "/uaa/oauth/authorize", String.class);
52 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
53 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
54 | assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));
55 | }
56 |
57 | }
58 |
--------------------------------------------------------------------------------
/sample2/authserver-formlogin/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.beans.factory.annotation.Value;
6 | import org.springframework.boot.test.IntegrationTest;
7 | import org.springframework.boot.test.SpringApplicationConfiguration;
8 | import org.springframework.boot.test.TestRestTemplate;
9 | import org.springframework.http.HttpStatus;
10 | import org.springframework.http.ResponseEntity;
11 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
12 | import org.springframework.test.context.web.WebAppConfiguration;
13 | import org.springframework.web.client.RestTemplate;
14 |
15 | import static org.junit.Assert.assertEquals;
16 | import static org.junit.Assert.assertTrue;
17 |
18 | @RunWith(SpringJUnit4ClassRunner.class)
19 | @SpringApplicationConfiguration(classes = AuthserverApplication.class)
20 | @WebAppConfiguration
21 | @IntegrationTest("server.port:0")
22 | public class ApplicationTests {
23 |
24 | @Value("${local.server.port}")
25 | private int port;
26 |
27 | private RestTemplate template = new TestRestTemplate();
28 |
29 | @Test
30 | public void homePageProtected() {
31 | ResponseEntity response = template.getForEntity("http://localhost:"
32 | + port + "/uaa/", String.class);
33 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
34 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
35 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
36 | }
37 |
38 | @Test
39 | public void userEndpointProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/uaa/user", String.class);
42 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
43 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
44 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
45 | }
46 |
47 | //TODO: Find out why this fails as soon as you implement WebSecurityConfigurerAdapter
48 | @Test
49 | public void authorizationRedirects() {
50 | ResponseEntity response = template.getForEntity("http://localhost:"
51 | + port + "/uaa/oauth/authorize", String.class);
52 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
53 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
54 | assertTrue("Wrong header: " + auth, auth.startsWith("Basic realm=\""));
55 | }
56 |
57 | }
58 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/resources/static/js/hello.js:
--------------------------------------------------------------------------------
1 | angular.module('hello', [ 'ngRoute' ]).config(function($routeProvider) {
2 |
3 | $routeProvider.when('/', {
4 | templateUrl : 'home.html',
5 | controller : 'home',
6 | controllerAs : 'controller'
7 | }).otherwise('/');
8 |
9 | }).controller('navigation',
10 |
11 | function($rootScope, $http, $location, $route) {
12 |
13 | var self = this;
14 |
15 | self.tab = function(route) {
16 | return $route.current && route === $route.current.controller;
17 | };
18 |
19 | $http.get('/user').success(function(data) {
20 | if (data.username) {
21 | $rootScope.authenticated = true;
22 | } else {
23 | $rootScope.authenticated = false;
24 | }
25 | }).error(function() {
26 | $rootScope.authenticated = false;
27 | });
28 |
29 | self.credentials = {};
30 |
31 | self.logout = function() {
32 | $http.post('logout', {}).finally(function() {
33 | $rootScope.authenticated = false;
34 | $location.path("/");
35 | });
36 | }
37 |
38 | }).controller('home', function($http) {
39 | var self = this;
40 | $http.get('/resource1/greeting').success(function(data) {
41 | self.resource1 = data;
42 | })
43 |
44 | $http.post('/resource1/greeting', {"id":"123","message":"Hello from AngularJS"}).then(
45 | function() {
46 | console.log("POST OK");
47 | }, function () {
48 | console.log("POST NOK");
49 | }
50 | );
51 |
52 | $http.get('/resource2/').success(function(data) {
53 | self.resource2 = data;
54 | })
55 | $http.get('/user/').success(function(data) {
56 | self.user= data;
57 | })
58 |
59 | $http.get('/ui//uiservice/managerService').success(function(data) {
60 | self.managerService= data;
61 | }).error(function(data) {
62 | self.managerService = data;
63 | });
64 |
65 | $http.get('/ui//uiservice/adminService').success(function(data) {
66 | self.adminService= data;
67 | }).error(function(data) {
68 | self.adminService = data;
69 | });
70 |
71 | $http.get('/ui/uiservice/userService').success(function(data) {
72 | self.userService= data;
73 | }).error(function(data) {
74 | self.userService = data;
75 | });
76 |
77 | $http.get('/ui/uiservice/publicService').success(function(data) {
78 | self.publicService= data;
79 | }).error(function(data) {
80 | self.publicService = data;
81 | });
82 |
83 | $http.get('/ui/uiservice/authenticatedService').success(function(data) {
84 | self.authenticatedService= data;
85 | }).error(function(data) {
86 | self.authenticatedService = data;
87 | });
88 |
89 |
90 | });
91 |
--------------------------------------------------------------------------------
/sample3/ui/src/main/resources/static/js/hello.js:
--------------------------------------------------------------------------------
1 | angular.module('hello', [ 'ngRoute' ]).config(function($routeProvider) {
2 |
3 | $routeProvider.when('/', {
4 | templateUrl : 'home.html',
5 | controller : 'home',
6 | controllerAs : 'controller'
7 | }).otherwise('/');
8 |
9 | }).controller('navigation',
10 |
11 | function($rootScope, $http, $location, $route) {
12 |
13 | var self = this;
14 |
15 | self.tab = function(route) {
16 | return $route.current && route === $route.current.controller;
17 | };
18 |
19 | $http.get('/user').success(function(data) {
20 | if (data.username) {
21 | $rootScope.authenticated = true;
22 | } else {
23 | $rootScope.authenticated = false;
24 | }
25 | }).error(function() {
26 | $rootScope.authenticated = false;
27 | });
28 |
29 | self.credentials = {};
30 |
31 | self.logout = function() {
32 | $http.post('/logout', {}).finally(function() {
33 | $http.post('/uaa/logout', {}).finally(function() {
34 | $rootScope.authenticated = false;
35 | $location.path("/");
36 | });
37 | });
38 | }
39 |
40 | }).controller('home', function($http) {
41 | var self = this;
42 | $http.get('/resource1/greeting').success(function(data) {
43 | self.resource1 = data;
44 | })
45 |
46 | $http.post('/resource1/greeting', {"id":"123","message":"Hello from AngularJS"}).then(
47 | function() {
48 | console.log("POST OK");
49 | }, function () {
50 | console.log("POST NOK");
51 | }
52 | );
53 |
54 | $http.get('/resource2/').success(function(data) {
55 | self.resource2 = data;
56 | })
57 | $http.get('/user/').success(function(data) {
58 | self.user= data;
59 | })
60 |
61 | $http.get('/ui//uiservice/managerService').success(function(data) {
62 | self.managerService= data;
63 | }).error(function(data) {
64 | self.managerService = data;
65 | });
66 |
67 | $http.get('/ui//uiservice/adminService').success(function(data) {
68 | self.adminService= data;
69 | }).error(function(data) {
70 | self.adminService = data;
71 | });
72 |
73 | $http.get('/ui/uiservice/userService').success(function(data) {
74 | self.userService= data;
75 | }).error(function(data) {
76 | self.userService = data;
77 | });
78 |
79 | $http.get('/ui/uiservice/publicService').success(function(data) {
80 | self.publicService= data;
81 | }).error(function(data) {
82 | self.publicService = data;
83 | });
84 |
85 | $http.get('/ui/uiservice/authenticatedService').success(function(data) {
86 | self.authenticatedService= data;
87 | }).error(function(data) {
88 | self.authenticatedService = data;
89 | });
90 |
91 |
92 | });
93 |
--------------------------------------------------------------------------------
/sample2/ui/src/main/java/demo/UiApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 | import org.springframework.security.web.csrf.CsrfFilter;
7 | import org.springframework.security.web.csrf.CsrfToken;
8 | import org.springframework.security.web.csrf.CsrfTokenRepository;
9 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
10 | import org.springframework.web.filter.OncePerRequestFilter;
11 | import org.springframework.web.util.WebUtils;
12 |
13 | import javax.servlet.Filter;
14 | import javax.servlet.FilterChain;
15 | import javax.servlet.ServletException;
16 | import javax.servlet.http.Cookie;
17 | import javax.servlet.http.HttpServletRequest;
18 | import javax.servlet.http.HttpServletResponse;
19 | import java.io.IOException;
20 |
21 | @SpringBootApplication
22 | public class UiApplication { //} extends WebSecurityConfigurerAdapter {
23 |
24 | public static void main(String[] args) {
25 | SpringApplication.run(UiApplication.class, args);
26 | }
27 |
28 | public void configure(HttpSecurity http) throws Exception {
29 | http
30 | .httpBasic()
31 | // .antMatcher("/**")
32 | .and()
33 | .authorizeRequests()
34 | .antMatchers("/index.html", "/home.html", "/").permitAll()
35 | .antMatchers("/protected.html").hasRole("USER")
36 | .antMatchers("/admin.html").hasRole("USER")
37 | .anyRequest().authenticated()
38 | .and()
39 | .csrf()
40 | .csrfTokenRepository(csrfTokenRepository())
41 | .and()
42 | .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
43 |
44 | private Filter csrfHeaderFilter() {
45 | return new OncePerRequestFilter() {
46 | @Override
47 | protected void doFilterInternal(HttpServletRequest request,
48 | HttpServletResponse response, FilterChain filterChain)
49 | throws ServletException, IOException {
50 | CsrfToken csrf = (CsrfToken) request
51 | .getAttribute(CsrfToken.class.getName());
52 | if (csrf != null) {
53 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
54 | String token = csrf.getToken();
55 | if (cookie == null
56 | || token != null && !token.equals(cookie.getValue())) {
57 | cookie = new Cookie("XSRF-TOKEN", token);
58 | cookie.setPath("/");
59 | response.addCookie(cookie);
60 | }
61 | }
62 | filterChain.doFilter(request, response);
63 | }
64 | };
65 | }
66 |
67 | private CsrfTokenRepository csrfTokenRepository() {
68 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
69 | repository.setHeaderName("X-XSRF-TOKEN");
70 | return repository;
71 | }
72 |
73 | }
74 |
--------------------------------------------------------------------------------
/sample3/ui/src/main/java/demo/UiApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 | import org.springframework.security.web.csrf.CsrfFilter;
7 | import org.springframework.security.web.csrf.CsrfToken;
8 | import org.springframework.security.web.csrf.CsrfTokenRepository;
9 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
10 | import org.springframework.web.filter.OncePerRequestFilter;
11 | import org.springframework.web.util.WebUtils;
12 |
13 | import javax.servlet.Filter;
14 | import javax.servlet.FilterChain;
15 | import javax.servlet.ServletException;
16 | import javax.servlet.http.Cookie;
17 | import javax.servlet.http.HttpServletRequest;
18 | import javax.servlet.http.HttpServletResponse;
19 | import java.io.IOException;
20 |
21 | @SpringBootApplication
22 | public class UiApplication { //} extends WebSecurityConfigurerAdapter {
23 |
24 | public static void main(String[] args) {
25 | SpringApplication.run(UiApplication.class, args);
26 | }
27 |
28 | public void configure(HttpSecurity http) throws Exception {
29 | http
30 | .httpBasic()
31 | // .antMatcher("/**")
32 | .and()
33 | .authorizeRequests()
34 | .antMatchers("/index.html", "/home.html", "/").permitAll()
35 | .antMatchers("/protected.html").hasRole("USER")
36 | .antMatchers("/admin.html").hasRole("USER")
37 | .anyRequest().authenticated()
38 | .and()
39 | .csrf()
40 | .csrfTokenRepository(csrfTokenRepository())
41 | .and()
42 | .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
43 |
44 | private Filter csrfHeaderFilter() {
45 | return new OncePerRequestFilter() {
46 | @Override
47 | protected void doFilterInternal(HttpServletRequest request,
48 | HttpServletResponse response, FilterChain filterChain)
49 | throws ServletException, IOException {
50 | CsrfToken csrf = (CsrfToken) request
51 | .getAttribute(CsrfToken.class.getName());
52 | if (csrf != null) {
53 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
54 | String token = csrf.getToken();
55 | if (cookie == null
56 | || token != null && !token.equals(cookie.getValue())) {
57 | cookie = new Cookie("XSRF-TOKEN", token);
58 | cookie.setPath("/");
59 | response.addCookie(cookie);
60 | }
61 | }
62 | filterChain.doFilter(request, response);
63 | }
64 | };
65 | }
66 |
67 | private CsrfTokenRepository csrfTokenRepository() {
68 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
69 | repository.setHeaderName("X-XSRF-TOKEN");
70 | return repository;
71 | }
72 |
73 | }
74 |
--------------------------------------------------------------------------------
/sample2/ui-admin/src/main/java/demo/UiAdminApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
7 | import org.springframework.security.web.csrf.CsrfFilter;
8 | import org.springframework.security.web.csrf.CsrfToken;
9 | import org.springframework.security.web.csrf.CsrfTokenRepository;
10 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
11 | import org.springframework.web.filter.OncePerRequestFilter;
12 | import org.springframework.web.util.WebUtils;
13 |
14 | import javax.servlet.Filter;
15 | import javax.servlet.FilterChain;
16 | import javax.servlet.ServletException;
17 | import javax.servlet.http.Cookie;
18 | import javax.servlet.http.HttpServletRequest;
19 | import javax.servlet.http.HttpServletResponse;
20 | import java.io.IOException;
21 |
22 | @SpringBootApplication
23 | public class UiAdminApplication extends WebSecurityConfigurerAdapter {
24 |
25 | public static void main(String[] args) {
26 | SpringApplication.run(UiAdminApplication.class, args);
27 | }
28 |
29 | @Override
30 | public void configure(HttpSecurity http) throws Exception {
31 | http
32 | // .httpBasic()
33 | //.antMatcher("/**")
34 | // .and()
35 | .authorizeRequests()
36 | .antMatchers("/index.html", "/home.html", "/").permitAll()
37 | .antMatchers("/protected.html").hasRole("USER")
38 | .antMatchers("/admin.html").hasRole("ADMIN")
39 | .anyRequest().authenticated()
40 | .and()
41 | .csrf()
42 | .csrfTokenRepository(csrfTokenRepository())
43 | .and()
44 | .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
45 |
46 | private Filter csrfHeaderFilter() {
47 | return new OncePerRequestFilter() {
48 | @Override
49 | protected void doFilterInternal(HttpServletRequest request,
50 | HttpServletResponse response, FilterChain filterChain)
51 | throws ServletException, IOException {
52 | CsrfToken csrf = (CsrfToken) request
53 | .getAttribute(CsrfToken.class.getName());
54 | if (csrf != null) {
55 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
56 | String token = csrf.getToken();
57 | if (cookie == null
58 | || token != null && !token.equals(cookie.getValue())) {
59 | cookie = new Cookie("XSRF-TOKEN", token);
60 | cookie.setPath("/");
61 | response.addCookie(cookie);
62 | }
63 | }
64 | filterChain.doFilter(request, response);
65 | }
66 | };
67 | }
68 |
69 | private CsrfTokenRepository csrfTokenRepository() {
70 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
71 | repository.setHeaderName("X-XSRF-TOKEN");
72 | return repository;
73 | }
74 |
75 | }
76 |
--------------------------------------------------------------------------------
/sample2/resource2/src/main/groovy/demo/ResourceApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.boot.SpringApplication;
5 | import org.springframework.boot.autoconfigure.SpringBootApplication;
6 | import org.springframework.http.HttpEntity;
7 | import org.springframework.http.HttpHeaders;
8 | import org.springframework.http.HttpMethod;
9 | import org.springframework.http.ResponseEntity;
10 | import org.springframework.security.core.context.SecurityContextHolder;
11 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
12 | import org.springframework.security.oauth2.provider.OAuth2Authentication;
13 | import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
14 | import org.springframework.web.bind.annotation.RequestMapping;
15 | import org.springframework.web.bind.annotation.RestController;
16 | import org.springframework.web.client.RestTemplate;
17 |
18 | import javax.servlet.http.HttpServletRequest;
19 | import java.util.LinkedHashMap;
20 | import java.util.Map;
21 | import java.util.UUID;
22 |
23 | @SpringBootApplication
24 | @RestController
25 | @EnableResourceServer
26 | public class ResourceApplication {
27 |
28 | @Autowired
29 | private HttpServletRequest request;
30 |
31 | @RequestMapping("/")
32 | public LinkedHashMap home() {
33 |
34 |
35 | Object responseFromResource1 = null;
36 | try {
37 |
38 | RestTemplate restTemplate = new RestTemplate();
39 | HttpHeaders headers = new HttpHeaders();
40 | System.out.println("____ FOUND USER = " + SecurityContextHolder.getContext().getAuthentication());
41 |
42 | OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) SecurityContextHolder.getContext().getAuthentication();
43 | OAuth2AuthenticationDetails oAuth2AuthenticationDetails = (OAuth2AuthenticationDetails) oAuth2Authentication.getDetails();
44 |
45 | String accessToken = oAuth2AuthenticationDetails.getTokenValue();
46 |
47 | //TODO: Need to find a cleaner way to pass on these credentials
48 | headers.add("Cookie","JSESSIONID=" + request.getCookies()[0].getValue());
49 | //headers.add("Authorization", "Bearer: " + accessToken);
50 | HttpEntity requestEntity = new HttpEntity("parameters", headers);
51 | ResponseEntity rssResponse = restTemplate.exchange(
52 | "http://localhost:8888/resource1",
53 | HttpMethod.GET,
54 | requestEntity,
55 | Map.class);
56 |
57 | responseFromResource1 = rssResponse.getBody();
58 |
59 | } catch (Exception ex) {
60 | responseFromResource1 = ex.getMessage();
61 | }
62 |
63 |
64 | LinkedHashMap map = new LinkedHashMap(2);
65 | map.put("id", UUID.randomUUID().toString());
66 | map.put("content", "Hello World from resource 2 with content from resource 1 : [" + responseFromResource1 + "]");
67 | return map;
68 | }
69 |
70 | public static void main(String[] args) {
71 | SpringApplication.run(ResourceApplication.class, args);
72 | }
73 |
74 | }
75 |
--------------------------------------------------------------------------------
/sample1/ui/src/main/java/demo/UiApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
6 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
7 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
8 | import org.springframework.security.web.csrf.CsrfFilter;
9 | import org.springframework.security.web.csrf.CsrfToken;
10 | import org.springframework.security.web.csrf.CsrfTokenRepository;
11 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
12 | import org.springframework.web.filter.OncePerRequestFilter;
13 | import org.springframework.web.util.WebUtils;
14 |
15 | import javax.servlet.Filter;
16 | import javax.servlet.FilterChain;
17 | import javax.servlet.ServletException;
18 | import javax.servlet.http.Cookie;
19 | import javax.servlet.http.HttpServletRequest;
20 | import javax.servlet.http.HttpServletResponse;
21 | import java.io.IOException;
22 |
23 | @SpringBootApplication
24 | @EnableResourceServer
25 | public class UiApplication extends WebSecurityConfigurerAdapter {
26 |
27 | public static void main(String[] args) {
28 | SpringApplication.run(UiApplication.class, args);
29 | }
30 |
31 | /**
32 | *
33 | * It seems that this is not being picked up...... an authenticated user can see the admin role.
34 | *
35 | * @param http
36 | * @throws Exception
37 | */
38 | @Override
39 | public void configure(HttpSecurity http) throws Exception {
40 | http
41 | // .httpBasic()
42 | .antMatcher("/**")
43 | // .and()
44 | .authorizeRequests()
45 | .antMatchers("/index.html", "/home.html", "/").permitAll()
46 | .antMatchers("/protected.html").hasRole("USER")
47 | .antMatchers("/admin.html").hasRole("ADMIN")
48 | .anyRequest().authenticated()
49 | .and()
50 | .csrf()
51 | .csrfTokenRepository(csrfTokenRepository())
52 | .and()
53 | .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class); }
54 |
55 | private Filter csrfHeaderFilter() {
56 | return new OncePerRequestFilter() {
57 | @Override
58 | protected void doFilterInternal(HttpServletRequest request,
59 | HttpServletResponse response, FilterChain filterChain)
60 | throws ServletException, IOException {
61 | CsrfToken csrf = (CsrfToken) request
62 | .getAttribute(CsrfToken.class.getName());
63 | if (csrf != null) {
64 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
65 | String token = csrf.getToken();
66 | if (cookie == null
67 | || token != null && !token.equals(cookie.getValue())) {
68 | cookie = new Cookie("XSRF-TOKEN", token);
69 | cookie.setPath("/");
70 | response.addCookie(cookie);
71 | }
72 | }
73 | filterChain.doFilter(request, response);
74 | }
75 | };
76 | }
77 |
78 | private CsrfTokenRepository csrfTokenRepository() {
79 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
80 | repository.setHeaderName("X-XSRF-TOKEN");
81 | return repository;
82 | }
83 |
84 | }
85 |
--------------------------------------------------------------------------------
/sample2/authserver/src/main/java/demo/AuthserverApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.boot.SpringApplication;
5 | import org.springframework.boot.autoconfigure.SpringBootApplication;
6 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
7 | import org.springframework.security.core.GrantedAuthority;
8 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
9 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
10 | import org.springframework.security.oauth2.provider.OAuth2Authentication;
11 | import org.springframework.web.bind.annotation.RequestMapping;
12 | import org.springframework.web.bind.annotation.RestController;
13 |
14 | import java.security.Principal;
15 | import java.util.ArrayList;
16 | import java.util.Collection;
17 | import java.util.List;
18 |
19 |
20 | /**
21 | *
22 | * this auth server features
23 | *
24 | * - A custom user endpoint
25 | * - 4 test users
26 | *
27 | */
28 | @SpringBootApplication
29 | @RestController
30 | @EnableResourceServer
31 | @EnableAuthorizationServer
32 | public class AuthserverApplication {
33 |
34 |
35 | /**
36 | *
37 | * Instead of returning the principal directly, we're returning a custom user object
38 | * that exposes the username and authorities list.
39 | *
40 | * This way we bypass the issue https://github.com/spring-projects/spring-boot/issues/5482
41 | *
42 | * @param user
43 | * @return
44 | */
45 | @RequestMapping("/user")
46 | public SimpleUser user(Principal user) {
47 | List authorities = new ArrayList<>();
48 |
49 | //TODO: we should try to avoid casting like this.
50 | Collection oauthAuthorities = ((OAuth2Authentication) user).getAuthorities();
51 |
52 | for (GrantedAuthority grantedAuthority : oauthAuthorities) {
53 | authorities.add(grantedAuthority.getAuthority());
54 | }
55 |
56 | return new SimpleUser(user.getName(), authorities);
57 | }
58 |
59 | class SimpleUser {
60 |
61 | String username;
62 | List authorities;
63 |
64 | SimpleUser(String username, List authorities) {
65 | this.username=username;
66 | this.authorities =authorities;
67 | }
68 |
69 | public String getUsername() {
70 | return username;
71 | }
72 |
73 | public List getAuthorities() {
74 | return authorities;
75 | }
76 | }
77 |
78 | public static void main(String[] args) {
79 | SpringApplication.run(AuthserverApplication.class, args);
80 | }
81 |
82 | /**
83 | * Adding some user with different roles to test with.
84 | *
85 | * @param auth
86 | * @throws Exception
87 | */
88 | @Autowired
89 | protected void registerGlobal(AuthenticationManagerBuilder auth) throws Exception {
90 | auth
91 | .inMemoryAuthentication()
92 | .withUser("user").password("password").roles("USER").and()
93 | .withUser("admin").password("password").roles("ADMIN", "USER").and()
94 | .withUser("manager").password("password").roles("MANAGER","USER").and()
95 | .withUser("guest").password("password").roles("GUEST");
96 |
97 | }
98 |
99 | }
100 |
--------------------------------------------------------------------------------
/sample1/resource/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-resource
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 Resource
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.codehaus.groovy
36 | groovy
37 |
38 |
39 | org.springframework.boot
40 | spring-boot-starter-test
41 | test
42 |
43 |
44 |
45 |
46 | UTF-8
47 | 1.7
48 |
49 |
50 |
51 |
52 |
53 | org.springframework.boot
54 | spring-boot-maven-plugin
55 |
56 |
57 | maven-compiler-plugin
58 |
59 | groovy-eclipse-compiler
60 |
61 |
62 |
63 | org.codehaus.groovy
64 | groovy-eclipse-compiler
65 | 2.8.0-01
66 |
67 |
68 | org.codehaus.groovy
69 | groovy-eclipse-batch
70 | 2.1.8-01
71 |
72 |
73 |
74 |
75 | org.codehaus.groovy
76 | groovy-eclipse-compiler
77 | 2.8.0-01
78 | true
79 |
80 |
81 |
82 |
83 |
84 |
85 | spring-snapshots
86 | Spring Snapshots
87 | http://repo.spring.io/libs-snapshot-local
88 |
89 | true
90 |
91 |
92 |
93 | spring-milestones
94 | Spring Milestones
95 | http://repo.spring.io/libs-milestone-local
96 |
97 | false
98 |
99 |
100 |
101 | spring-releases
102 | Spring Releases
103 | http://repo.spring.io/libs-release-local
104 |
105 | false
106 |
107 |
108 |
109 |
110 |
111 |
--------------------------------------------------------------------------------
/sample2/resource1/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-resource
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 Resource
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.codehaus.groovy
36 | groovy
37 |
38 |
39 | org.springframework.boot
40 | spring-boot-starter-test
41 | test
42 |
43 |
44 |
45 |
46 | UTF-8
47 | 1.7
48 |
49 |
50 |
51 |
52 |
53 | org.springframework.boot
54 | spring-boot-maven-plugin
55 |
56 |
57 | maven-compiler-plugin
58 |
59 | groovy-eclipse-compiler
60 |
61 |
62 |
63 | org.codehaus.groovy
64 | groovy-eclipse-compiler
65 | 2.8.0-01
66 |
67 |
68 | org.codehaus.groovy
69 | groovy-eclipse-batch
70 | 2.1.8-01
71 |
72 |
73 |
74 |
75 | org.codehaus.groovy
76 | groovy-eclipse-compiler
77 | 2.8.0-01
78 | true
79 |
80 |
81 |
82 |
83 |
84 |
85 | spring-snapshots
86 | Spring Snapshots
87 | http://repo.spring.io/libs-snapshot-local
88 |
89 | true
90 |
91 |
92 |
93 | spring-milestones
94 | Spring Milestones
95 | http://repo.spring.io/libs-milestone-local
96 |
97 | false
98 |
99 |
100 |
101 | spring-releases
102 | Spring Releases
103 | http://repo.spring.io/libs-release-local
104 |
105 | false
106 |
107 |
108 |
109 |
110 |
111 |
--------------------------------------------------------------------------------
/sample2/resource2/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-resource2
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 Resource2
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.codehaus.groovy
36 | groovy
37 |
38 |
39 | org.springframework.boot
40 | spring-boot-starter-test
41 | test
42 |
43 |
44 |
45 |
46 | UTF-8
47 | 1.7
48 |
49 |
50 |
51 |
52 |
53 | org.springframework.boot
54 | spring-boot-maven-plugin
55 |
56 |
57 | maven-compiler-plugin
58 |
59 | groovy-eclipse-compiler
60 |
61 |
62 |
63 | org.codehaus.groovy
64 | groovy-eclipse-compiler
65 | 2.8.0-01
66 |
67 |
68 | org.codehaus.groovy
69 | groovy-eclipse-batch
70 | 2.1.8-01
71 |
72 |
73 |
74 |
75 | org.codehaus.groovy
76 | groovy-eclipse-compiler
77 | 2.8.0-01
78 | true
79 |
80 |
81 |
82 |
83 |
84 |
85 | spring-snapshots
86 | Spring Snapshots
87 | http://repo.spring.io/libs-snapshot-local
88 |
89 | true
90 |
91 |
92 |
93 | spring-milestones
94 | Spring Milestones
95 | http://repo.spring.io/libs-milestone-local
96 |
97 | false
98 |
99 |
100 |
101 | spring-releases
102 | Spring Releases
103 | http://repo.spring.io/libs-release-local
104 |
105 | false
106 |
107 |
108 |
109 |
110 |
111 |
--------------------------------------------------------------------------------
/sample3/resource1/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-resource
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 Resource
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.codehaus.groovy
36 | groovy
37 |
38 |
39 | org.springframework.boot
40 | spring-boot-starter-test
41 | test
42 |
43 |
44 |
45 |
46 | UTF-8
47 | 1.7
48 |
49 |
50 |
51 |
52 |
53 | org.springframework.boot
54 | spring-boot-maven-plugin
55 |
56 |
57 | maven-compiler-plugin
58 |
59 | groovy-eclipse-compiler
60 |
61 |
62 |
63 | org.codehaus.groovy
64 | groovy-eclipse-compiler
65 | 2.8.0-01
66 |
67 |
68 | org.codehaus.groovy
69 | groovy-eclipse-batch
70 | 2.1.8-01
71 |
72 |
73 |
74 |
75 | org.codehaus.groovy
76 | groovy-eclipse-compiler
77 | 2.8.0-01
78 | true
79 |
80 |
81 |
82 |
83 |
84 |
85 | spring-snapshots
86 | Spring Snapshots
87 | http://repo.spring.io/libs-snapshot-local
88 |
89 | true
90 |
91 |
92 |
93 | spring-milestones
94 | Spring Milestones
95 | http://repo.spring.io/libs-milestone-local
96 |
97 | false
98 |
99 |
100 |
101 | spring-releases
102 | Spring Releases
103 | http://repo.spring.io/libs-release-local
104 |
105 | false
106 |
107 |
108 |
109 |
110 |
111 |
--------------------------------------------------------------------------------
/sample2/gateway/src/main/java/demo/GatewayApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
6 | import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
8 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
9 | import org.springframework.security.web.csrf.CsrfFilter;
10 | import org.springframework.security.web.csrf.CsrfToken;
11 | import org.springframework.security.web.csrf.CsrfTokenRepository;
12 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
13 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
14 | import org.springframework.web.filter.OncePerRequestFilter;
15 | import org.springframework.web.util.WebUtils;
16 |
17 | import javax.servlet.Filter;
18 | import javax.servlet.FilterChain;
19 | import javax.servlet.ServletException;
20 | import javax.servlet.http.Cookie;
21 | import javax.servlet.http.HttpServletRequest;
22 | import javax.servlet.http.HttpServletResponse;
23 | import java.io.IOException;
24 |
25 | @SpringBootApplication
26 | @EnableZuulProxy
27 | @EnableOAuth2Sso
28 | public class GatewayApplication extends WebSecurityConfigurerAdapter {
29 |
30 | public static void main(String[] args) {
31 | SpringApplication.run(GatewayApplication.class, args);
32 | }
33 |
34 | public void configure(HttpSecurity http) throws Exception {
35 | http
36 | .antMatcher("/**").authorizeRequests()
37 | //.antMatchers("/index.html", "/home.html", "/","/assets/**").permitAll()
38 | .anyRequest().authenticated()
39 | .and().csrf().csrfTokenRepository(csrfTokenRepository())
40 | .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
41 | .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("http://localhost:9999/uaa/signout");
42 | }
43 |
44 | // public void configure(HttpSecurity http) throws Exception {
45 | // http
46 | //// .httpBasic()
47 | // .antMatcher("/**")
48 | //// .and()
49 | // .authorizeRequests()
50 | // .antMatchers("/index.html", "/home.html", "/").permitAll()
51 | //// .antMatchers("/protected.html").hasRole("USER")
52 | //// .antMatchers("/admin.html").hasRole("ADMIN")
53 | //// .anyRequest().authenticated()
54 | // .and()
55 | // .csrf()
56 | // .csrfTokenRepository(csrfTokenRepository())
57 | // .and()
58 | // .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
59 | // }
60 |
61 | private Filter csrfHeaderFilter() {
62 | return new OncePerRequestFilter() {
63 | @Override
64 | protected void doFilterInternal(HttpServletRequest request,
65 | HttpServletResponse response, FilterChain filterChain)
66 | throws ServletException, IOException {
67 | CsrfToken csrf = (CsrfToken) request
68 | .getAttribute(CsrfToken.class.getName());
69 | if (csrf != null) {
70 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
71 | String token = csrf.getToken();
72 | if (cookie == null
73 | || token != null && !token.equals(cookie.getValue())) {
74 | cookie = new Cookie("XSRF-TOKEN", token);
75 | cookie.setPath("/");
76 | response.addCookie(cookie);
77 | }
78 | }
79 | filterChain.doFilter(request, response);
80 | }
81 | };
82 | }
83 |
84 | private CsrfTokenRepository csrfTokenRepository() {
85 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
86 | repository.setHeaderName("X-XSRF-TOKEN");
87 | return repository;
88 | }
89 |
90 |
91 | }
92 |
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/test/java/demo/ApplicationTests.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import static org.junit.Assert.assertEquals;
4 | import static org.junit.Assert.assertTrue;
5 |
6 | import java.net.URI;
7 | import java.util.regex.Matcher;
8 | import java.util.regex.Pattern;
9 |
10 | import org.junit.Test;
11 | import org.junit.runner.RunWith;
12 | import org.springframework.beans.factory.annotation.Value;
13 | import org.springframework.boot.test.IntegrationTest;
14 | import org.springframework.boot.test.SpringApplicationConfiguration;
15 | import org.springframework.boot.test.TestRestTemplate;
16 | import org.springframework.http.HttpHeaders;
17 | import org.springframework.http.HttpMethod;
18 | import org.springframework.http.HttpStatus;
19 | import org.springframework.http.RequestEntity;
20 | import org.springframework.http.ResponseEntity;
21 | import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
22 | import org.springframework.test.context.web.WebAppConfiguration;
23 | import org.springframework.util.LinkedMultiValueMap;
24 | import org.springframework.util.MultiValueMap;
25 | import org.springframework.web.client.RestTemplate;
26 |
27 | @RunWith(SpringJUnit4ClassRunner.class)
28 | @SpringApplicationConfiguration(classes = AuthserverApplication.class)
29 | @WebAppConfiguration
30 | @IntegrationTest("server.port:0")
31 | public class ApplicationTests {
32 |
33 | @Value("${local.server.port}")
34 | private int port;
35 |
36 | private RestTemplate template = new TestRestTemplate();
37 |
38 | @Test
39 | public void homePageProtected() {
40 | ResponseEntity response = template.getForEntity("http://localhost:"
41 | + port + "/uaa/", String.class);
42 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
43 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
44 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
45 | }
46 |
47 | @Test
48 | public void userEndpointProtected() {
49 | ResponseEntity response = template.getForEntity("http://localhost:"
50 | + port + "/uaa/user", String.class);
51 | assertEquals(HttpStatus.UNAUTHORIZED, response.getStatusCode());
52 | String auth = response.getHeaders().getFirst("WWW-Authenticate");
53 | assertTrue("Wrong header: " + auth, auth.startsWith("Bearer realm=\""));
54 | }
55 |
56 | @Test
57 | public void authorizationRedirects() {
58 | ResponseEntity response = template.getForEntity("http://localhost:"
59 | + port + "/uaa/oauth/authorize", String.class);
60 | assertEquals(HttpStatus.FOUND, response.getStatusCode());
61 | String location = response.getHeaders().getFirst("Location");
62 | assertTrue("Wrong header: " + location,
63 | location.startsWith("http://localhost:" + port + "/uaa/login"));
64 | }
65 |
66 | @Test
67 | public void loginSucceeds() {
68 | ResponseEntity response = template.getForEntity("http://localhost:"
69 | + port + "/uaa/login", String.class);
70 | String csrf = getCsrf(response.getBody());
71 | MultiValueMap form = new LinkedMultiValueMap();
72 | form.set("username", "user");
73 | form.set("password", "password");
74 | form.set("_csrf", csrf);
75 | HttpHeaders headers = new HttpHeaders();
76 | headers.put("COOKIE", response.getHeaders().get("Set-Cookie"));
77 | RequestEntity> request = new RequestEntity>(
78 | form, headers, HttpMethod.POST, URI.create("http://localhost:" + port
79 | + "/uaa/login"));
80 | ResponseEntity location = template.exchange(request, Void.class);
81 | assertEquals("http://localhost:" + port + "/uaa/",
82 | location.getHeaders().getFirst("Location"));
83 | }
84 |
85 | private String getCsrf(String soup) {
86 | Matcher matcher = Pattern.compile("(?s).*name=\"_csrf\".*?value=\"([^\"]+).*")
87 | .matcher(soup);
88 | if (matcher.matches()) {
89 | return matcher.group(1);
90 | }
91 | return null;
92 | }
93 |
94 | }
95 |
--------------------------------------------------------------------------------
/sample1/gateway/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-gateway
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 Gateway
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 |
24 | org.springframework.boot
25 | spring-boot-starter-parent
26 | 1.3.3.RELEASE
27 | pom
28 | import
29 |
30 |
31 | org.springframework.cloud
32 | spring-cloud-starter-parent
33 | Brixton.BUILD-SNAPSHOT
34 | pom
35 | import
36 |
37 |
38 |
39 |
40 |
41 |
42 | org.springframework.cloud
43 | spring-cloud-starter-zuul
44 |
45 |
46 | org.springframework.cloud
47 | spring-cloud-starter-oauth2
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-starter-security
52 |
53 |
54 | org.springframework.boot
55 | spring-boot-starter-web
56 |
57 |
58 | org.springframework.security.oauth
59 | spring-security-oauth2
60 |
61 |
62 | org.springframework.boot
63 | spring-boot-starter-test
64 | test
65 |
66 |
67 | org.apache.httpcomponents
68 | httpclient
69 | runtime
70 |
71 |
72 |
73 |
74 | UTF-8
75 | 1.7.6
76 | 1.7
77 |
78 |
79 |
80 |
81 |
82 | ${project.basedir}/src/main/resources
83 |
84 |
85 | ${project.build.directory}/generated-resources
86 |
87 |
88 |
89 |
90 | org.springframework.boot
91 | spring-boot-maven-plugin
92 |
93 |
94 |
95 |
96 |
97 |
98 | spring-snapshots
99 | Spring Snapshots
100 | http://repo.spring.io/libs-snapshot-local
101 |
102 | true
103 |
104 |
105 |
106 | spring-milestones
107 | Spring Milestones
108 | http://repo.spring.io/libs-milestone-local
109 |
110 | false
111 |
112 |
113 |
114 | spring-releases
115 | Spring Releases
116 | http://repo.spring.io/libs-release-local
117 |
118 | false
119 |
120 |
121 |
122 |
123 |
124 |
--------------------------------------------------------------------------------
/Questions.md:
--------------------------------------------------------------------------------
1 | #Questions.md
2 |
3 |
4 | ## Mixing @EnableResource with WebSecurityConfigurerAdapter / HttpSecurity
5 |
6 | Despite having ```.antMatchers("/index.html", "/home.html", "/").permitAll()``` in the UI, I'm getting redirected to uaa. Is this a filter order thing ?
7 |
8 |
9 | ## Redirects when accessing zuul endpoints
10 |
11 | Sometimes when accessing a URL through zuul (on port 8888) it redirects back to a url using the original port (ex: 8080). For example when
12 | accessing http://localhost:8888/ui ---> http://localhost:8080/ui (Full authentication is required to access this resource)
13 |
14 |
15 | ```
16 | curl -v -H "Cookie:JSESSIONID=8AA731B33EA3D41A55016DDF41093C86" http://localhost:8888/ui
17 | * Trying ::1...
18 | * Connected to localhost (::1) port 8888 (#0)
19 | > GET /ui HTTP/1.1
20 | > Host: localhost:8888
21 | > User-Agent: curl/7.43.0
22 | > Accept: */*
23 | > Cookie:JSESSIONID=8AA731B33EA3D41A55016DDF41093C86
24 | >
25 | < HTTP/1.1 302 Found
26 | < Server: Apache-Coyote/1.1
27 | < X-Content-Type-Options: nosniff
28 | < X-XSS-Protection: 1; mode=block
29 | < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
30 | < Pragma: no-cache
31 | < Expires: 0
32 | < X-Frame-Options: DENY
33 | < X-Application-Context: application:8888
34 | < Location: http://localhost:8080/ui/
35 | < Date: Fri, 08 Apr 2016 14:42:28 GMT
36 | < Transfer-Encoding: chunked
37 | <
38 | * Connection #0 to host localhost left intact
39 | ```
40 |
41 | It occurs with the following zuul route
42 |
43 | ```
44 | ui:
45 | path: /ui/**
46 | url: http://localhost:8080/ui
47 | ```
48 |
49 | The 302 redirect to http://localhost:8080/ui/ is a container (Tomcat redirect) and there's only 2 things we can do :
50 |
51 | - Don't use http://localhost:8888/ui but add a trailing slash
52 | - Change the zuul rule and add a trailing slash
53 |
54 |
55 | ## The AuthorizationServer
56 |
57 | - Why am I still seeing the basic auth popup despite having http.formLogin() in the authServer
58 | -
59 |
60 |
61 |
62 | There is a difference in behavior when extending WebSecurityConfigurerAdapter and when not.
63 |
64 |
65 | Without WebSecurityConfigurerAdapter
66 |
67 | ```
68 | curl -v http://localhost:9999/uaa/oauth/authorize
69 |
70 | * Trying ::1...
71 | * Connected to localhost (::1) port 9999 (#0)
72 | > GET /uaa/oauth/authorize HTTP/1.1
73 | > Host: localhost:9999
74 | > User-Agent: curl/7.43.0
75 | > Accept: */*
76 | >
77 | < HTTP/1.1 401 Unauthorized
78 | < Server: Apache-Coyote/1.1
79 | < X-Content-Type-Options: nosniff
80 | < X-XSS-Protection: 1; mode=block
81 | < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
82 | < Pragma: no-cache
83 | < Expires: 0
84 | < X-Frame-Options: DENY
85 | < Strict-Transport-Security: max-age=31536000 ; includeSubDomains
86 | < Set-Cookie: JSESSIONID=0551F840D0858EBB14BEC0E0F52F3770; Path=/uaa/; HttpOnly
87 | < WWW-Authenticate: Basic realm="Spring"
88 | < Content-Type: application/json;charset=UTF-8
89 | < Transfer-Encoding: chunked
90 | < Date: Wed, 23 Mar 2016 12:28:30 GMT
91 | <
92 | * Connection #0 to host localhost left intact
93 | {"timestamp":1458736110084,"status":401,"error":"Unauthorized","message":"Full authentication is required to access this resource","path":"/uaa/oauth/authorize"}
94 | ```
95 |
96 | With WebSecurityConfigurerAdapter
97 |
98 | ```
99 | curl -v http://localhost:9999/uaa/oauth/authorize
100 | * Trying ::1...
101 | * Connected to localhost (::1) port 9999 (#0)
102 | > GET /uaa/oauth/authorize HTTP/1.1
103 | > Host: localhost:9999
104 | > User-Agent: curl/7.43.0
105 | > Accept: */*
106 | >
107 | < HTTP/1.1 302 Found
108 | < Server: Apache-Coyote/1.1
109 | < X-Content-Type-Options: nosniff
110 | < X-XSS-Protection: 1; mode=block
111 | < Cache-Control: no-cache, no-store, max-age=0, must-revalidate
112 | < Pragma: no-cache
113 | < Expires: 0
114 | < X-Frame-Options: DENY
115 | < Set-Cookie: JSESSIONID=38CC1C35323A38ACA8E10AFF1120B64C; Path=/uaa/; HttpOnly
116 | < Location: http://localhost:9999/uaa/login
117 | < Content-Length: 0
118 | < Date: Wed, 23 Mar 2016 12:28:57 GMT
119 | <
120 | * Connection #0 to host localhost left intact
121 | MacBook-Pro-3:authserver ddewaele$
122 | ```
123 |
124 |
125 |
--------------------------------------------------------------------------------
/sample0/authserver/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | basic-security
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | basic-security
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.boot
32 | spring-boot-starter-test
33 | test
34 |
35 |
36 | org.apache.httpcomponents
37 | httpclient
38 | test
39 |
40 |
41 |
42 |
43 | UTF-8
44 | demo.BasicSecurityApp
45 | 1.7.6
46 | 1.7
47 |
48 |
49 |
50 |
51 |
52 | ${project.basedir}/src/main/resources
53 |
54 |
55 | ${project.build.directory}/generated-resources
56 |
57 |
58 |
59 |
60 | org.springframework.boot
61 | spring-boot-maven-plugin
62 |
63 |
64 | maven-resources-plugin
65 |
66 |
67 |
69 | copy-resources
70 | validate
71 |
72 | copy-resources
73 |
74 |
75 | ${basedir}/target/wro
76 |
77 |
78 | src/main/wro
79 | true
80 |
81 |
82 |
83 |
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 | spring-snapshots
92 | Spring Snapshots
93 | http://repo.spring.io/libs-snapshot-local
94 |
95 | true
96 |
97 |
98 |
99 | spring-milestones
100 | Spring Milestones
101 | http://repo.spring.io/libs-milestone-local
102 |
103 | false
104 |
105 |
106 |
107 | spring-releases
108 | Spring Releases
109 | http://repo.spring.io/libs-release-local
110 |
111 | false
112 |
113 |
114 |
115 |
116 |
117 | spring-snapshots
118 | Spring Snapshots
119 | http://repo.spring.io/libs-snapshot-local
120 |
121 | true
122 |
123 |
124 |
125 | spring-milestones
126 | Spring Milestones
127 | http://repo.spring.io/libs-milestone-local
128 |
129 | false
130 |
131 |
132 |
133 |
134 |
135 |
--------------------------------------------------------------------------------
/sample3/authserver/src/main/java/demo/AuthserverApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.boot.SpringApplication;
5 | import org.springframework.boot.autoconfigure.SpringBootApplication;
6 | import org.springframework.context.annotation.Configuration;
7 | import org.springframework.core.annotation.Order;
8 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
11 | import org.springframework.security.core.GrantedAuthority;
12 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
13 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
14 | import org.springframework.security.oauth2.provider.OAuth2Authentication;
15 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
16 | import org.springframework.web.bind.annotation.RequestMapping;
17 | import org.springframework.web.bind.annotation.RestController;
18 |
19 | import java.security.Principal;
20 | import java.util.ArrayList;
21 | import java.util.Collection;
22 | import java.util.List;
23 |
24 |
25 | /**
26 | *
27 | * this auth server features
28 | *
29 | * - A custom user endpoint
30 | * - 4 test users
31 | *
32 | */
33 | @SpringBootApplication
34 | @RestController
35 | @EnableResourceServer
36 | @EnableAuthorizationServer
37 | public class AuthserverApplication {
38 |
39 |
40 | /**
41 | *
42 | * Instead of returning the principal directly, we're returning a custom user object
43 | * that exposes the username and authorities list.
44 | *
45 | * This way we bypass the issue https://github.com/spring-projects/spring-boot/issues/5482
46 | *
47 | * @param user
48 | * @return
49 | */
50 | @RequestMapping("/user")
51 | public SimpleUser user(Principal user) {
52 | List authorities = new ArrayList<>();
53 |
54 | //TODO: we should try to avoid casting like this.
55 | Collection oauthAuthorities = ((OAuth2Authentication) user).getAuthorities();
56 |
57 | for (GrantedAuthority grantedAuthority : oauthAuthorities) {
58 | authorities.add(grantedAuthority.getAuthority());
59 | }
60 |
61 | return new SimpleUser(user.getName(), authorities);
62 | }
63 |
64 | class SimpleUser {
65 |
66 | String username;
67 | List authorities;
68 |
69 | SimpleUser(String username, List authorities) {
70 | this.username=username;
71 | this.authorities =authorities;
72 | }
73 |
74 | public String getUsername() {
75 | return username;
76 | }
77 |
78 | public List getAuthorities() {
79 | return authorities;
80 | }
81 | }
82 |
83 | public static void main(String[] args) {
84 | SpringApplication.run(AuthserverApplication.class, args);
85 | }
86 |
87 | @Order(-20)
88 | @Configuration
89 | protected static class LoginConfiguration extends WebSecurityConfigurerAdapter {
90 |
91 |
92 | @Override
93 | protected void configure(HttpSecurity http) throws Exception {
94 | http
95 | .formLogin()
96 | //.httpBasic()
97 | .and()
98 | .requestMatchers()
99 | .antMatchers("/login","/signout", "/oauth/authorize", "/oauth/confirm_access")
100 | .and()
101 | .logout()
102 | .logoutRequestMatcher(new AntPathRequestMatcher("/signout"))
103 | .logoutSuccessUrl("/login")
104 | .and()
105 | .authorizeRequests()
106 | .anyRequest()
107 | .authenticated();
108 | }
109 |
110 | }
111 |
112 | /**
113 | * Adding some user with different roles to test with.
114 | *
115 | * @param auth
116 | * @throws Exception
117 | */
118 | @Autowired
119 | protected void registerGlobal(AuthenticationManagerBuilder auth) throws Exception {
120 | auth
121 | .inMemoryAuthentication()
122 | .withUser("user").password("password").roles("USER").and()
123 | .withUser("admin").password("password").roles("ADMIN", "USER").and()
124 | .withUser("manager").password("password").roles("MANAGER","USER").and()
125 | .withUser("guest").password("password").roles("GUEST");
126 |
127 | }
128 |
129 | }
130 |
--------------------------------------------------------------------------------
/sample2/authserver/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-authserver
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | vanilla-authserver
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.springframework.boot
36 | spring-boot-starter-test
37 | test
38 |
39 |
40 | org.apache.httpcomponents
41 | httpclient
42 | test
43 |
44 |
45 |
46 |
47 | UTF-8
48 | demo.AuthserverApplication
49 | 1.7.6
50 | 1.7
51 |
52 |
53 |
54 |
55 |
56 | ${project.basedir}/src/main/resources
57 |
58 |
59 | ${project.build.directory}/generated-resources
60 |
61 |
62 |
63 |
64 | org.springframework.boot
65 | spring-boot-maven-plugin
66 |
67 |
68 | maven-resources-plugin
69 |
70 |
71 |
73 | copy-resources
74 | validate
75 |
76 | copy-resources
77 |
78 |
79 | ${basedir}/target/wro
80 |
81 |
82 | src/main/wro
83 | true
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 | spring-snapshots
96 | Spring Snapshots
97 | http://repo.spring.io/libs-snapshot-local
98 |
99 | true
100 |
101 |
102 |
103 | spring-milestones
104 | Spring Milestones
105 | http://repo.spring.io/libs-milestone-local
106 |
107 | false
108 |
109 |
110 |
111 | spring-releases
112 | Spring Releases
113 | http://repo.spring.io/libs-release-local
114 |
115 | false
116 |
117 |
118 |
119 |
120 |
121 | spring-snapshots
122 | Spring Snapshots
123 | http://repo.spring.io/libs-snapshot-local
124 |
125 | true
126 |
127 |
128 |
129 | spring-milestones
130 | Spring Milestones
131 | http://repo.spring.io/libs-milestone-local
132 |
133 | false
134 |
135 |
136 |
137 |
138 |
139 |
--------------------------------------------------------------------------------
/sample3/authserver/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-authserver
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | vanilla-authserver
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.springframework.boot
36 | spring-boot-starter-test
37 | test
38 |
39 |
40 | org.apache.httpcomponents
41 | httpclient
42 | test
43 |
44 |
45 |
46 |
47 | UTF-8
48 | demo.AuthserverApplication
49 | 1.7.6
50 | 1.7
51 |
52 |
53 |
54 |
55 |
56 | ${project.basedir}/src/main/resources
57 |
58 |
59 | ${project.build.directory}/generated-resources
60 |
61 |
62 |
63 |
64 | org.springframework.boot
65 | spring-boot-maven-plugin
66 |
67 |
68 | maven-resources-plugin
69 |
70 |
71 |
73 | copy-resources
74 | validate
75 |
76 | copy-resources
77 |
78 |
79 | ${basedir}/target/wro
80 |
81 |
82 | src/main/wro
83 | true
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 | spring-snapshots
96 | Spring Snapshots
97 | http://repo.spring.io/libs-snapshot-local
98 |
99 | true
100 |
101 |
102 |
103 | spring-milestones
104 | Spring Milestones
105 | http://repo.spring.io/libs-milestone-local
106 |
107 | false
108 |
109 |
110 |
111 | spring-releases
112 | Spring Releases
113 | http://repo.spring.io/libs-release-local
114 |
115 | false
116 |
117 |
118 |
119 |
120 |
121 | spring-snapshots
122 | Spring Snapshots
123 | http://repo.spring.io/libs-snapshot-local
124 |
125 | true
126 |
127 |
128 |
129 | spring-milestones
130 | Spring Milestones
131 | http://repo.spring.io/libs-milestone-local
132 |
133 | false
134 |
135 |
136 |
137 |
138 |
139 |
--------------------------------------------------------------------------------
/sample2/authserver-formlogin/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-authserver-formlogin
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | vanilla-authserver-formlogin
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.springframework.boot
36 | spring-boot-starter-test
37 | test
38 |
39 |
40 | org.apache.httpcomponents
41 | httpclient
42 | test
43 |
44 |
45 |
46 |
47 | UTF-8
48 | demo.AuthserverApplication
49 | 1.7.6
50 | 1.7
51 |
52 |
53 |
54 |
55 |
56 | ${project.basedir}/src/main/resources
57 |
58 |
59 | ${project.build.directory}/generated-resources
60 |
61 |
62 |
63 |
64 | org.springframework.boot
65 | spring-boot-maven-plugin
66 |
67 |
68 | maven-resources-plugin
69 |
70 |
71 |
73 | copy-resources
74 | validate
75 |
76 | copy-resources
77 |
78 |
79 | ${basedir}/target/wro
80 |
81 |
82 | src/main/wro
83 | true
84 |
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
93 |
94 |
95 | spring-snapshots
96 | Spring Snapshots
97 | http://repo.spring.io/libs-snapshot-local
98 |
99 | true
100 |
101 |
102 |
103 | spring-milestones
104 | Spring Milestones
105 | http://repo.spring.io/libs-milestone-local
106 |
107 | false
108 |
109 |
110 |
111 | spring-releases
112 | Spring Releases
113 | http://repo.spring.io/libs-release-local
114 |
115 | false
116 |
117 |
118 |
119 |
120 |
121 | spring-snapshots
122 | Spring Snapshots
123 | http://repo.spring.io/libs-snapshot-local
124 |
125 | true
126 |
127 |
128 |
129 | spring-milestones
130 | Spring Milestones
131 | http://repo.spring.io/libs-milestone-local
132 |
133 | false
134 |
135 |
136 |
137 |
138 |
139 |
--------------------------------------------------------------------------------
/sample1/authserver/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-authserver
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla Oauth2 Authserver
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-web
25 |
26 |
27 | org.springframework.boot
28 | spring-boot-starter-security
29 |
30 |
31 | org.springframework.security.oauth
32 | spring-security-oauth2
33 |
34 |
35 | org.springframework.security
36 | spring-security-jwt
37 |
38 |
39 | org.springframework.boot
40 | spring-boot-starter-freemarker
41 |
42 |
43 | org.springframework.boot
44 | spring-boot-starter-test
45 | test
46 |
47 |
48 | org.apache.httpcomponents
49 | httpclient
50 | test
51 |
52 |
53 |
54 |
55 | UTF-8
56 | demo.AuthserverApplication
57 | 1.7.6
58 | 1.7
59 |
60 |
61 |
62 |
63 |
64 | ${project.basedir}/src/main/resources
65 |
66 |
67 | ${project.build.directory}/generated-resources
68 |
69 |
70 |
71 |
72 | org.springframework.boot
73 | spring-boot-maven-plugin
74 |
75 |
76 | maven-resources-plugin
77 |
78 |
79 |
81 | copy-resources
82 | validate
83 |
84 | copy-resources
85 |
86 |
87 | ${basedir}/target/wro
88 |
89 |
90 | src/main/wro
91 | true
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 |
100 |
101 |
102 |
103 | spring-snapshots
104 | Spring Snapshots
105 | http://repo.spring.io/libs-snapshot-local
106 |
107 | true
108 |
109 |
110 |
111 | spring-milestones
112 | Spring Milestones
113 | http://repo.spring.io/libs-milestone-local
114 |
115 | false
116 |
117 |
118 |
119 | spring-releases
120 | Spring Releases
121 | http://repo.spring.io/libs-release-local
122 |
123 | false
124 |
125 |
126 |
127 |
128 |
129 | spring-snapshots
130 | Spring Snapshots
131 | http://repo.spring.io/libs-snapshot-local
132 |
133 | true
134 |
135 |
136 |
137 | spring-milestones
138 | Spring Milestones
139 | http://repo.spring.io/libs-milestone-local
140 |
141 | false
142 |
143 |
144 |
145 |
146 |
147 |
--------------------------------------------------------------------------------
/sample2/authserver-formlogin/src/main/java/demo/AuthserverApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.boot.SpringApplication;
5 | import org.springframework.boot.autoconfigure.SpringBootApplication;
6 | import org.springframework.context.annotation.Configuration;
7 | import org.springframework.core.annotation.Order;
8 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
11 | import org.springframework.security.core.GrantedAuthority;
12 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
13 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
14 | import org.springframework.security.oauth2.provider.OAuth2Authentication;
15 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
16 | import org.springframework.web.bind.annotation.RequestMapping;
17 | import org.springframework.web.bind.annotation.RestController;
18 |
19 | import java.security.Principal;
20 | import java.util.ArrayList;
21 | import java.util.Collection;
22 | import java.util.List;
23 |
24 | /**
25 | *
26 | * this auth server features
27 | *
28 | * - A custom user endpoint
29 | * - 4 test users
30 | * -
31 | */
32 | @SpringBootApplication
33 | @RestController
34 | @EnableAuthorizationServer
35 | @EnableResourceServer
36 | public class AuthserverApplication { //extends WebSecurityConfigurerAdapter {
37 |
38 |
39 | /**
40 | *
41 | * Instead of returning the principal directly, we're returning a custom user object
42 | * that exposes the username and authorities list.
43 | *
44 | * This way we bypass the issue https://github.com/spring-projects/spring-boot/issues/5482
45 | *
46 | * @param user
47 | * @return
48 | */
49 | @RequestMapping("/user")
50 | public SimpleUser user(Principal user) {
51 | List authorities = new ArrayList<>();
52 |
53 | //TODO: we should try to avoid casting like this.
54 | Collection oauthAuthorities = ((OAuth2Authentication) user).getAuthorities();
55 |
56 | for (GrantedAuthority grantedAuthority : oauthAuthorities) {
57 | authorities.add(grantedAuthority.getAuthority());
58 | }
59 |
60 | return new SimpleUser(user.getName(), authorities);
61 | }
62 |
63 | class SimpleUser {
64 |
65 | String username;
66 | List authorities;
67 |
68 | SimpleUser(String username, List authorities) {
69 | this.username=username;
70 | this.authorities =authorities;
71 | }
72 |
73 | public String getUsername() {
74 | return username;
75 | }
76 |
77 | public List getAuthorities() {
78 | return authorities;
79 | }
80 | }
81 |
82 | public static void main(String[] args) {
83 | SpringApplication.run(AuthserverApplication.class, args);
84 | }
85 |
86 |
87 | @Autowired
88 | protected void registerGlobal(AuthenticationManagerBuilder auth) throws Exception {
89 | auth
90 | .inMemoryAuthentication()
91 | .withUser("user").password("password").roles("USER").and()
92 | .withUser("admin").password("password").roles("ADMIN", "USER").and()
93 | .withUser("manager").password("password").roles("MANAGER","USER").and()
94 | .withUser("guest").password("password").roles("GUEST");
95 |
96 | }
97 |
98 |
99 | /**
100 | *
101 | * As soon as you configure httpSecurity yourself, you will get an access denied on
102 | * http://localhost:9999/uaa/oauth/authorize?client_id=acme&redirect_uri=http://localhost:8888/login&response_type=code&state=dgrM6p
103 | *
104 | * So you need to provide a means of authentication the user.
105 | *
106 | * This can be done using basic authentication
107 | * http.httpBasic
108 | *
109 | * or through form based login.
110 | * http.formLogin
111 | *
112 | * This configuration also allows you to configure our logout.
113 | * For example, if you want to expose a simple /singout GET url for logging out, you can do this.
114 | *
115 | * .logout()
116 | * .logoutRequestMatcher(new AntPathRequestMatcher("/signout"))
117 | * .logoutSuccessUrl("/login");
118 | *
119 | * Important to specify an order, otherwise the resourceserver will take over and you'll get an authorization error.
120 | *
121 | */
122 | @Configuration
123 | @Order(-20)
124 | protected static class LoginConfig extends WebSecurityConfigurerAdapter {
125 |
126 | @Override
127 | public void configure(HttpSecurity http) throws Exception {
128 | http
129 | .formLogin()
130 | .and()
131 | .requestMatchers()
132 | .antMatchers("/login","/signout", "/oauth/authorize", "/oauth/confirm_access")
133 | .and()
134 | .logout()
135 | .logoutRequestMatcher(new AntPathRequestMatcher("/signout"))
136 | .logoutSuccessUrl("/login")
137 | .and()
138 | .authorizeRequests()
139 | .anyRequest()
140 | .authenticated();
141 | }
142 |
143 | }
144 | }
145 |
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/src/main/java/demo/AuthserverApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.boot.SpringApplication;
5 | import org.springframework.boot.autoconfigure.SpringBootApplication;
6 | import org.springframework.context.annotation.Configuration;
7 | import org.springframework.core.annotation.Order;
8 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
11 | import org.springframework.security.core.GrantedAuthority;
12 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
13 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
14 | import org.springframework.security.oauth2.provider.OAuth2Authentication;
15 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
16 | import org.springframework.web.bind.annotation.RequestMapping;
17 | import org.springframework.web.bind.annotation.RestController;
18 | import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
19 | import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
20 |
21 | import java.security.Principal;
22 | import java.util.ArrayList;
23 | import java.util.Collection;
24 | import java.util.List;
25 |
26 | @SpringBootApplication
27 | @RestController
28 | @EnableResourceServer
29 | @EnableAuthorizationServer
30 | public class AuthserverApplication extends WebMvcConfigurerAdapter {
31 |
32 | // @RequestMapping("/user")
33 | // public Principal user(Principal user) {
34 | // return user;
35 | // }
36 |
37 | @RequestMapping("/user")
38 | public SimpleUser user2(Principal user) {
39 | List authorities = new ArrayList<>();
40 |
41 | //TODO: we should try to avoid casting like this.
42 | Collection oauthAuthorities = ((OAuth2Authentication) user).getAuthorities();
43 |
44 | for (GrantedAuthority grantedAuthority : oauthAuthorities) {
45 | authorities.add(grantedAuthority.getAuthority());
46 | }
47 |
48 | return new SimpleUser(user.getName(), authorities);
49 | }
50 |
51 | class SimpleUser {
52 |
53 | String username;
54 | List authorities;
55 |
56 | SimpleUser(String username, List authorities) {
57 | this.username=username;
58 | this.authorities =authorities;
59 | }
60 |
61 | public String getUsername() {
62 | return username;
63 | }
64 |
65 | public List getAuthorities() {
66 | return authorities;
67 | }
68 | }
69 |
70 | @Override
71 | public void addViewControllers(ViewControllerRegistry registry) {
72 | registry.addViewController("/login").setViewName("login");
73 | registry.addViewController("/oauth/confirm_access").setViewName("authorize");
74 | }
75 |
76 | public static void main(String[] args) {
77 | SpringApplication.run(AuthserverApplication.class, args);
78 | }
79 |
80 | @Configuration
81 | @Order(-20)
82 | protected static class LoginConfig extends WebSecurityConfigurerAdapter {
83 |
84 | @Override
85 | protected void configure(HttpSecurity http) throws Exception {
86 | // @formatter:off
87 | http
88 | .formLogin()
89 | .loginPage("/login").defaultSuccessUrl("http://localhost:8888/index.html").permitAll()
90 | .and()
91 | .logout()
92 | .logoutRequestMatcher(new AntPathRequestMatcher("/signout"))
93 | .logoutSuccessUrl("/login")
94 |
95 | //.and().logout().invalidateHttpSession(true).deleteCookies("JSESSION")
96 | .and()
97 | .requestMatchers()
98 | .antMatchers("/","/login","/logout","/signout", "/oauth/authorize", "/oauth/confirm_access","/images/**")
99 | .and()
100 | .authorizeRequests().anyRequest().authenticated();
101 | // @formatter:on
102 | }
103 |
104 | }
105 |
106 |
107 |
108 |
109 |
110 | // Too many redirects
111 | // @Configuration
112 | // @Order(-20)
113 | // protected static class LoginConfig extends WebSecurityConfigurerAdapter {
114 | //
115 | // @Override
116 | // public void configure(HttpSecurity http) throws Exception {
117 | // http
118 | // .formLogin()
119 | // .loginPage("/login")
120 | // .and()
121 | // .requestMatchers()
122 | // .antMatchers("/login","/signout", "/oauth/authorize", "/oauth/confirm_access")
123 | // .and()
124 | // .logout()
125 | // .logoutRequestMatcher(new AntPathRequestMatcher("/signout"))
126 | // .logoutSuccessUrl("/login")
127 | // .and()
128 | // .authorizeRequests()
129 | // .anyRequest()
130 | // .authenticated();
131 | // }
132 | //
133 | // }
134 |
135 | @Autowired
136 | protected void registerGlobal(AuthenticationManagerBuilder auth) throws Exception {
137 | auth
138 | .inMemoryAuthentication()
139 | .withUser("user").password("password").roles("USER").and()
140 | .withUser("admin").password("password").roles("ADMIN", "USER").and()
141 | .withUser("manager").password("password").roles("MANAGER","USER").and()
142 | .withUser("guest").password("password").roles("GUEST");
143 |
144 | }
145 |
146 |
147 | }
148 |
--------------------------------------------------------------------------------
/sample3/gateway/src/main/java/demo/GatewayApplication.java:
--------------------------------------------------------------------------------
1 | package demo;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
6 | import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
7 | import org.springframework.context.annotation.Bean;
8 | import org.springframework.context.annotation.Primary;
9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
11 | import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
12 | import org.springframework.security.web.csrf.CsrfFilter;
13 | import org.springframework.security.web.csrf.CsrfToken;
14 | import org.springframework.security.web.csrf.CsrfTokenRepository;
15 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository;
16 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
17 | import org.springframework.security.web.util.matcher.RequestMatcher;
18 | import org.springframework.web.filter.OncePerRequestFilter;
19 | import org.springframework.web.util.WebUtils;
20 |
21 | import javax.servlet.Filter;
22 | import javax.servlet.FilterChain;
23 | import javax.servlet.ServletException;
24 | import javax.servlet.http.Cookie;
25 | import javax.servlet.http.HttpServletRequest;
26 | import javax.servlet.http.HttpServletResponse;
27 | import java.io.IOException;
28 | import java.util.regex.Pattern;
29 |
30 | @SpringBootApplication
31 | @EnableZuulProxy
32 | @EnableOAuth2Sso
33 | public class GatewayApplication extends WebSecurityConfigurerAdapter {
34 |
35 | public static void main(String[] args) {
36 | SpringApplication.run(GatewayApplication.class, args);
37 | }
38 |
39 | @Bean
40 | @Primary
41 | public OAuth2ClientContextFilter dynamicOauth2ClientContextFilter() {
42 | return new DynamicOauth2ClientContextFilter();
43 | }
44 |
45 | @Override
46 | public void configure(HttpSecurity http) throws Exception {
47 | http.authorizeRequests().antMatchers("/uaa/**", "/login").permitAll().anyRequest().authenticated()
48 | .and()
49 | .csrf().requireCsrfProtectionMatcher(csrfRequestMatcher()).csrfTokenRepository(csrfTokenRepository())
50 | .and()
51 | .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
52 | .logout().permitAll()
53 | .logoutSuccessUrl("/");
54 | }
55 |
56 | // @Override
57 | // public void configure(HttpSecurity http) throws Exception {
58 | // http
59 | // .antMatcher("/**").authorizeRequests()
60 | // //.antMatchers("/index.html", "/home.html", "/","/assets/**").permitAll()
61 | // .anyRequest().authenticated()
62 | // .and().csrf().csrfTokenRepository(csrfTokenRepository())
63 | // .and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
64 | // .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("http://localhost:9999/uaa/signout");
65 | // }
66 |
67 | // public void configure(HttpSecurity http) throws Exception {
68 | // http
69 | //// .httpBasic()
70 | // .antMatcher("/**")
71 | //// .and()
72 | // .authorizeRequests()
73 | // .antMatchers("/index.html", "/home.html", "/").permitAll()
74 | //// .antMatchers("/protected.html").hasRole("USER")
75 | //// .antMatchers("/admin.html").hasRole("ADMIN")
76 | //// .anyRequest().authenticated()
77 | // .and()
78 | // .csrf()
79 | // .csrfTokenRepository(csrfTokenRepository())
80 | // .and()
81 | // .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
82 | // }
83 |
84 |
85 | private RequestMatcher csrfRequestMatcher() {
86 | return new RequestMatcher() {
87 | // Always allow the HTTP GET method
88 | private final Pattern allowedMethods = Pattern.compile("^(GET|HEAD|OPTIONS|TRACE)$");
89 |
90 | // Disable CSFR protection on the following urls:
91 | private final AntPathRequestMatcher[] requestMatchers = { new AntPathRequestMatcher("/uaa/**") };
92 |
93 | @Override
94 | public boolean matches(HttpServletRequest request) {
95 | if (allowedMethods.matcher(request.getMethod()).matches()) {
96 | return false;
97 | }
98 |
99 | for (AntPathRequestMatcher matcher : requestMatchers) {
100 | if (matcher.matches(request)) {
101 | return false;
102 | }
103 | }
104 | return true;
105 | }
106 | };
107 | }
108 |
109 | private Filter csrfHeaderFilter() {
110 | return new OncePerRequestFilter() {
111 | @Override
112 | protected void doFilterInternal(HttpServletRequest request,
113 | HttpServletResponse response, FilterChain filterChain)
114 | throws ServletException, IOException {
115 | CsrfToken csrf = (CsrfToken) request
116 | .getAttribute(CsrfToken.class.getName());
117 | if (csrf != null) {
118 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
119 | String token = csrf.getToken();
120 | if (cookie == null
121 | || token != null && !token.equals(cookie.getValue())) {
122 | cookie = new Cookie("XSRF-TOKEN", token);
123 | cookie.setPath("/");
124 | response.addCookie(cookie);
125 | }
126 | }
127 | filterChain.doFilter(request, response);
128 | }
129 | };
130 | }
131 |
132 | private CsrfTokenRepository csrfTokenRepository() {
133 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
134 | repository.setHeaderName("X-XSRF-TOKEN");
135 | return repository;
136 | }
137 |
138 |
139 | }
140 |
--------------------------------------------------------------------------------
/sample2/authserver-customlogin/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-authserver-customlogin
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | vanilla-authserver-customlogin
12 | OAuth2 Auth Server with custom login pages
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 | org.springframework.boot
24 | spring-boot-starter-security
25 |
26 |
27 | org.springframework.security.oauth
28 | spring-security-oauth2
29 |
30 |
31 | org.springframework.boot
32 | spring-boot-starter-web
33 |
34 |
35 | org.springframework.boot
36 | spring-boot-starter-freemarker
37 |
38 |
39 | org.springframework.boot
40 | spring-boot-starter-actuator
41 |
42 |
43 | org.springframework.boot
44 | spring-boot-starter-test
45 | test
46 |
47 |
48 | org.apache.httpcomponents
49 | httpclient
50 | test
51 |
52 |
53 |
54 |
55 | UTF-8
56 | demo.AuthserverApplication
57 | 1.7.6
58 | 1.7
59 |
60 |
61 |
62 |
63 |
64 | ${project.basedir}/src/main/resources
65 |
66 |
67 | ${project.build.directory}/generated-resources
68 |
69 |
70 |
71 |
72 | org.springframework.boot
73 | spring-boot-maven-plugin
74 |
75 |
76 | maven-resources-plugin
77 |
78 |
79 |
81 | copy-resources
82 | validate
83 |
84 | copy-resources
85 |
86 |
87 | ${basedir}/target/wro
88 |
89 |
90 | src/main/wro
91 | true
92 |
93 |
94 |
95 |
96 |
97 |
98 |
99 | ro.isdc.wro4j
100 | wro4j-maven-plugin
101 | ${wro4j.version}
102 |
103 |
104 | generate-resources
105 |
106 | run
107 |
108 |
109 |
110 |
111 | ro.isdc.wro.maven.plugin.manager.factory.ConfigurableWroManagerFactory
112 | ${project.build.directory}/generated-resources/static/css
113 | ${project.build.directory}/generated-resources/static/js
114 | ${project.build.directory}/wro/wro.xml
115 | ${basedir}/src/main/wro/wro.properties
116 | ${basedir}/src/main/wro
117 |
118 |
119 |
120 | org.webjars
121 | jquery
122 | 2.1.1
123 |
124 |
125 | org.webjars
126 | bootstrap
127 | 3.2.0
128 |
129 |
130 |
131 |
132 |
133 |
134 |
135 |
136 | spring-snapshots
137 | Spring Snapshots
138 | http://repo.spring.io/libs-snapshot-local
139 |
140 | true
141 |
142 |
143 |
144 | spring-milestones
145 | Spring Milestones
146 | http://repo.spring.io/libs-milestone-local
147 |
148 | false
149 |
150 |
151 |
152 | spring-releases
153 | Spring Releases
154 | http://repo.spring.io/libs-release-local
155 |
156 | false
157 |
158 |
159 |
160 |
161 |
162 | spring-snapshots
163 | Spring Snapshots
164 | http://repo.spring.io/libs-snapshot-local
165 |
166 | true
167 |
168 |
169 |
170 | spring-milestones
171 | Spring Milestones
172 | http://repo.spring.io/libs-milestone-local
173 |
174 | false
175 |
176 |
177 |
178 |
179 |
180 |
--------------------------------------------------------------------------------
/sample1/README.md:
--------------------------------------------------------------------------------
1 | ## Overview
2 |
3 | A simple authserver / gateway / ui / resource pattern.
4 |
5 | - Everything goes through the gateway
6 | - Authentication against an auth server
7 | - Both UIs and Resources are behind gateway.
8 | - Everything secured with Oauth2
9 | - Out of the box config (simple annotations)
10 |
11 | 
12 |
13 | This sample contains the following applications
14 |
15 | | Name | Gateway URL | Actual URL | Comments |
16 | | ------------- | ------------------------------------- | ------------------------------- | -------------------------------- |
17 | | authserver | http://localhost:9999/uaa | N/A | Auth Server |
18 | | gateway | http://localhost:8888/ | N/A | Zuul Proxy gateway |
19 | | resource | http://localhost:8888/ | http://localhost:9000/resource/ | simple ui app with an index.html |
20 | | ui | http://localhost:8888/ui/index.html | http://localhost:9000/ui/ | simple ui app with an index.html |
21 |
22 |
23 | - With the user endpoint on the uaa you cannot really do much. You should provide your own user endpoint.
24 |
25 | ## AuthServer
26 |
27 | As basic as can be. Acts as authorization server and resource server (for the user endpoint).
28 |
29 |
30 | ```java
31 | @SpringBootApplication
32 | @RestController
33 | @EnableResourceServer
34 | @EnableAuthorizationServer
35 | public class AuthserverApplication {
36 |
37 | @RequestMapping("/user")
38 | public Principal user(Principal user) {
39 | return user;
40 | }
41 |
42 | public static void main(String[] args) {
43 | SpringApplication.run(AuthserverApplication.class, args);
44 | }
45 |
46 | }
47 | ```
48 |
49 | There is a default user account (defined in application.yml) :
50 |
51 | - username = user
52 | - password = password
53 |
54 | There is a basic auth popup to authenticate a user (out of the box config)
55 |
56 | A ```/user``` endpoint is created that returns the user principal. It looks like this :
57 |
58 | ```
59 | {
60 | "details":{
61 | "remoteAddress":"127.0.0.1",
62 | "sessionId":null,
63 | "tokenValue":"9a4de635-3472-4c80-8c52-531ae998681c",
64 | "tokenType":"bearer",
65 | "decodedDetails":{
66 | "remoteAddress":"127.0.0.1",
67 | "sessionId":null,
68 | "tokenValue":"9a4de635-3472-4c80-8c52-531ae998681c",
69 | "tokenType":"Bearer",
70 | "decodedDetails":null
71 | }
72 | },
73 | "authorities":[
74 | {
75 | "authority":"ROLE_USER"
76 | }
77 | ],
78 | "authenticated":true,
79 | "userAuthentication":{
80 | "details":{
81 | "remoteAddress":"0:0:0:0:0:0:0:1",
82 | "sessionId":"E59AC032B7CA943C167120B26F500197"
83 | },
84 | "authorities":[
85 | {
86 | "authority":"ROLE_USER"
87 | }
88 | ],
89 | "authenticated":true,
90 | "principal":{
91 | "password":null,
92 | "username":"user",
93 | "authorities":[
94 | {
95 | "authority":"ROLE_USER"
96 | }
97 | ],
98 | "accountNonExpired":true,
99 | "accountNonLocked":true,
100 | "credentialsNonExpired":true,
101 | "enabled":true
102 | },
103 | "credentials":null,
104 | "name":"user"
105 | },
106 | "clientOnly":false,
107 | "oauth2Request":{
108 | "clientId":"acme",
109 | "scope":[
110 | "openid"
111 | ],
112 | "requestParameters":{
113 | "response_type":"code",
114 | "redirect_uri":"http://localhost:8888/login",
115 | "state":"32OSe4",
116 | "code":"z6VuXZ",
117 | "grant_type":"authorization_code",
118 | "client_id":"acme"
119 | },
120 | "resourceIds":[
121 |
122 | ],
123 | "authorities":[
124 | {
125 | "authority":"ROLE_USER"
126 | }
127 | ],
128 | "approved":true,
129 | "refresh":false,
130 | "redirectUri":"http://localhost:8888/login",
131 | "responseTypes":[
132 | "code"
133 | ],
134 | "extensions":{
135 |
136 | },
137 | "grantType":"authorization_code",
138 | "refreshTokenRequest":null
139 | },
140 | "principal":{
141 | "password":null,
142 | "username":"user",
143 | "authorities":[
144 | {
145 | "authority":"ROLE_USER"
146 | }
147 | ],
148 | "accountNonExpired":true,
149 | "accountNonLocked":true,
150 | "credentialsNonExpired":true,
151 | "enabled":true
152 | },
153 | "credentials":"",
154 | "name":"user"
155 | }
156 | ```
157 |
158 | ## Gateway
159 |
160 | Again very simple. We configure it as a Zuul Proxy and we enable SSO via Oauth.
161 |
162 | ```java
163 | @SpringBootApplication
164 | @EnableZuulProxy
165 | @EnableOAuth2Sso
166 | public class GatewayApplication {
167 |
168 | public static void main(String[] args) {
169 | SpringApplication.run(GatewayApplication.class, args);
170 | }
171 |
172 | }
173 | ```
174 |
175 | It's important that all access is going through the gateway. The only component that doesn't go via the gateway is the auth server
176 | (see sample3 for an example on how to do that)
177 |
178 |
179 | ## UI
180 |
181 | A simple spring boot application that exposes some URLs for different roles.
182 |
183 | ```java
184 | @SpringBootApplication
185 | @EnableResourceServer
186 | public class UiApplication extends WebSecurityConfigurerAdapter {
187 |
188 | public static void main(String[] args) {
189 | SpringApplication.run(UiApplication.class, args);
190 | }
191 |
192 | @Override
193 | public void configure(HttpSecurity http) throws Exception {
194 | http
195 | .authorizeRequests()
196 | .antMatchers("/index.html", "/home.html", "/").permitAll()
197 | .antMatchers("/protected.html").hasRole("USER")
198 | .antMatchers("/admin.html").hasRole("ADMIN")
199 | .anyRequest().authenticated()
200 | .and()
201 | .csrf()
202 | .csrfTokenRepository(csrfTokenRepository())
203 | .and()
204 | .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
205 | }
206 | ```
207 |
208 |
--------------------------------------------------------------------------------
/sample1/ui/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-ui
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 UI
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 |
24 | org.springframework.boot
25 | spring-boot-starter-parent
26 | 1.3.3.RELEASE
27 | pom
28 | import
29 |
30 |
31 | org.springframework.cloud
32 | spring-cloud-starter-parent
33 | Brixton.M3
34 | pom
35 | import
36 |
37 |
38 |
39 |
40 |
41 |
42 | org.springframework.cloud
43 | spring-cloud-starter-zuul
44 |
45 |
46 | org.springframework.cloud
47 | spring-cloud-starter-oauth2
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-starter-security
52 |
53 |
54 | org.springframework.boot
55 | spring-boot-starter-web
56 |
57 |
58 | org.springframework.security.oauth
59 | spring-security-oauth2
60 |
61 |
62 | org.springframework.boot
63 | spring-boot-starter-test
64 | test
65 |
66 |
67 | org.apache.httpcomponents
68 | httpclient
69 | runtime
70 |
71 |
72 |
73 |
74 | UTF-8
75 | 1.7.6
76 | 1.7
77 |
78 |
79 |
80 |
81 |
82 | ${project.basedir}/src/main/resources
83 |
84 |
85 | ${project.build.directory}/generated-resources
86 |
87 |
88 |
89 |
90 | org.springframework.boot
91 | spring-boot-maven-plugin
92 |
93 |
94 | maven-resources-plugin
95 |
96 |
97 |
99 | copy-resources
100 | validate
101 |
102 | copy-resources
103 |
104 |
105 | ${basedir}/target/wro
106 |
107 |
108 | src/main/wro
109 | true
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 | ro.isdc.wro4j
118 | wro4j-maven-plugin
119 | ${wro4j.version}
120 |
121 |
122 | generate-resources
123 |
124 | run
125 |
126 |
127 |
128 |
129 | ro.isdc.wro.maven.plugin.manager.factory.ConfigurableWroManagerFactory
130 | ${project.build.directory}/generated-resources/static/css
131 | ${project.build.directory}/generated-resources/static/js
132 | ${project.build.directory}/wro/wro.xml
133 | ${basedir}/src/main/wro/wro.properties
134 | ${basedir}/src/main/wro
135 |
136 |
137 |
138 | org.webjars
139 | jquery
140 | 2.1.1
141 |
142 |
143 | org.webjars
144 | angularjs
145 | 1.3.8
146 |
147 |
148 | org.webjars
149 | bootstrap
150 | 3.2.0
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 | spring-snapshots
160 | Spring Snapshots
161 | http://repo.spring.io/libs-snapshot-local
162 |
163 | true
164 |
165 |
166 |
167 | spring-milestones
168 | Spring Milestones
169 | http://repo.spring.io/libs-milestone-local
170 |
171 | false
172 |
173 |
174 |
175 | spring-releases
176 | Spring Releases
177 | http://repo.spring.io/libs-release-local
178 |
179 | false
180 |
181 |
182 |
183 |
184 |
185 |
--------------------------------------------------------------------------------
/sample2/ui/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-ui
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 UI
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 |
24 | org.springframework.boot
25 | spring-boot-starter-parent
26 | 1.3.3.RELEASE
27 | pom
28 | import
29 |
30 |
31 | org.springframework.cloud
32 | spring-cloud-starter-parent
33 | Brixton.BUILD-SNAPSHOT
34 | pom
35 | import
36 |
37 |
38 |
39 |
40 |
41 |
42 | org.springframework.cloud
43 | spring-cloud-starter-zuul
44 |
45 |
46 | org.springframework.cloud
47 | spring-cloud-starter-oauth2
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-starter-security
52 |
53 |
54 | org.springframework.boot
55 | spring-boot-starter-web
56 |
57 |
58 | org.springframework.security.oauth
59 | spring-security-oauth2
60 |
61 |
62 | org.springframework.boot
63 | spring-boot-starter-test
64 | test
65 |
66 |
67 | org.apache.httpcomponents
68 | httpclient
69 | runtime
70 |
71 |
72 |
73 |
74 | UTF-8
75 | 1.7.6
76 | 1.7
77 |
78 |
79 |
80 |
81 |
82 | ${project.basedir}/src/main/resources
83 |
84 |
85 | ${project.build.directory}/generated-resources
86 |
87 |
88 |
89 |
90 | org.springframework.boot
91 | spring-boot-maven-plugin
92 |
93 |
94 | maven-resources-plugin
95 |
96 |
97 |
99 | copy-resources
100 | validate
101 |
102 | copy-resources
103 |
104 |
105 | ${basedir}/target/wro
106 |
107 |
108 | src/main/wro
109 | true
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 | ro.isdc.wro4j
118 | wro4j-maven-plugin
119 | ${wro4j.version}
120 |
121 |
122 | generate-resources
123 |
124 | run
125 |
126 |
127 |
128 |
129 | ro.isdc.wro.maven.plugin.manager.factory.ConfigurableWroManagerFactory
130 | ${project.build.directory}/generated-resources/static/css
131 | ${project.build.directory}/generated-resources/static/js
132 | ${project.build.directory}/wro/wro.xml
133 | ${basedir}/src/main/wro/wro.properties
134 | ${basedir}/src/main/wro
135 |
136 |
137 |
138 | org.webjars
139 | jquery
140 | 2.1.1
141 |
142 |
143 | org.webjars
144 | angularjs
145 | 1.3.8
146 |
147 |
148 | org.webjars
149 | bootstrap
150 | 3.2.0
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 | spring-snapshots
160 | Spring Snapshots
161 | http://repo.spring.io/libs-snapshot-local
162 |
163 | true
164 |
165 |
166 |
167 | spring-milestones
168 | Spring Milestones
169 | http://repo.spring.io/libs-milestone-local
170 |
171 | false
172 |
173 |
174 |
175 | spring-releases
176 | Spring Releases
177 | http://repo.spring.io/libs-release-local
178 |
179 | false
180 |
181 |
182 |
183 |
184 |
185 |
--------------------------------------------------------------------------------
/sample3/ui/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-ui
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 UI
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 |
24 | org.springframework.boot
25 | spring-boot-starter-parent
26 | 1.3.3.RELEASE
27 | pom
28 | import
29 |
30 |
31 | org.springframework.cloud
32 | spring-cloud-starter-parent
33 | Brixton.BUILD-SNAPSHOT
34 | pom
35 | import
36 |
37 |
38 |
39 |
40 |
41 |
42 | org.springframework.cloud
43 | spring-cloud-starter-zuul
44 |
45 |
46 | org.springframework.cloud
47 | spring-cloud-starter-oauth2
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-starter-security
52 |
53 |
54 | org.springframework.boot
55 | spring-boot-starter-web
56 |
57 |
58 | org.springframework.security.oauth
59 | spring-security-oauth2
60 |
61 |
62 | org.springframework.boot
63 | spring-boot-starter-test
64 | test
65 |
66 |
67 | org.apache.httpcomponents
68 | httpclient
69 | runtime
70 |
71 |
72 |
73 |
74 | UTF-8
75 | 1.7.6
76 | 1.7
77 |
78 |
79 |
80 |
81 |
82 | ${project.basedir}/src/main/resources
83 |
84 |
85 | ${project.build.directory}/generated-resources
86 |
87 |
88 |
89 |
90 | org.springframework.boot
91 | spring-boot-maven-plugin
92 |
93 |
94 | maven-resources-plugin
95 |
96 |
97 |
99 | copy-resources
100 | validate
101 |
102 | copy-resources
103 |
104 |
105 | ${basedir}/target/wro
106 |
107 |
108 | src/main/wro
109 | true
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 | ro.isdc.wro4j
118 | wro4j-maven-plugin
119 | ${wro4j.version}
120 |
121 |
122 | generate-resources
123 |
124 | run
125 |
126 |
127 |
128 |
129 | ro.isdc.wro.maven.plugin.manager.factory.ConfigurableWroManagerFactory
130 | ${project.build.directory}/generated-resources/static/css
131 | ${project.build.directory}/generated-resources/static/js
132 | ${project.build.directory}/wro/wro.xml
133 | ${basedir}/src/main/wro/wro.properties
134 | ${basedir}/src/main/wro
135 |
136 |
137 |
138 | org.webjars
139 | jquery
140 | 2.1.1
141 |
142 |
143 | org.webjars
144 | angularjs
145 | 1.3.8
146 |
147 |
148 | org.webjars
149 | bootstrap
150 | 3.2.0
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 | spring-snapshots
160 | Spring Snapshots
161 | http://repo.spring.io/libs-snapshot-local
162 |
163 | true
164 |
165 |
166 |
167 | spring-milestones
168 | Spring Milestones
169 | http://repo.spring.io/libs-milestone-local
170 |
171 | false
172 |
173 |
174 |
175 | spring-releases
176 | Spring Releases
177 | http://repo.spring.io/libs-release-local
178 |
179 | false
180 |
181 |
182 |
183 |
184 |
185 |
--------------------------------------------------------------------------------
/sample2/gateway/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | org.test
7 | oauth2-vanilla-gateway
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | Vanilla OAuth2 Gateway
12 | Demo project for Spring Boot
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.3.3.RELEASE
18 |
20 |
21 |
22 |
23 |
24 | org.springframework.boot
25 | spring-boot-starter-parent
26 | 1.3.3.RELEASE
27 | pom
28 | import
29 |
30 |
31 | org.springframework.cloud
32 | spring-cloud-starter-parent
33 | Brixton.BUILD-SNAPSHOT
34 | pom
35 | import
36 |
37 |
38 |
39 |
40 |
41 |
42 | org.springframework.cloud
43 | spring-cloud-starter-zuul
44 |
45 |
46 | org.springframework.cloud
47 | spring-cloud-starter-oauth2
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-starter-security
52 |
53 |
54 | org.springframework.boot
55 | spring-boot-starter-web
56 |
57 |
58 | org.springframework.security.oauth
59 | spring-security-oauth2
60 |
61 |
62 | org.springframework.boot
63 | spring-boot-starter-test
64 | test
65 |
66 |
67 | org.apache.httpcomponents
68 | httpclient
69 | runtime
70 |
71 |
72 |
73 |
74 | UTF-8
75 | 1.7.6
76 | 1.7
77 |
78 |
79 |
80 |
81 |
82 | ${project.basedir}/src/main/resources
83 |
84 |
85 | ${project.build.directory}/generated-resources
86 |
87 |
88 |
89 |
90 | org.springframework.boot
91 | spring-boot-maven-plugin
92 |
93 |
94 | maven-resources-plugin
95 |
96 |
97 |
99 | copy-resources
100 | validate
101 |
102 | copy-resources
103 |
104 |
105 | ${basedir}/target/wro
106 |
107 |
108 | src/main/wro
109 | true
110 |
111 |
112 |
113 |
114 |
115 |
116 |
117 | ro.isdc.wro4j
118 | wro4j-maven-plugin
119 | ${wro4j.version}
120 |
121 |
122 | generate-resources
123 |
124 | run
125 |
126 |
127 |
128 |
129 | ro.isdc.wro.maven.plugin.manager.factory.ConfigurableWroManagerFactory
130 | ${project.build.directory}/generated-resources/static/css
131 | ${project.build.directory}/generated-resources/static/js
132 | ${project.build.directory}/wro/wro.xml
133 | ${basedir}/src/main/wro/wro.properties
134 | ${basedir}/src/main/wro
135 |
136 |
137 |
138 | org.webjars
139 | jquery
140 | 2.1.1
141 |
142 |
143 | org.webjars
144 | angularjs
145 | 1.3.8
146 |
147 |
148 | org.webjars
149 | bootstrap
150 | 3.2.0
151 |
152 |
153 |
154 |
155 |
156 |
157 |
158 |
159 | spring-snapshots
160 | Spring Snapshots
161 | http://repo.spring.io/libs-snapshot-local
162 |
163 | true
164 |
165 |
166 |
167 | spring-milestones
168 | Spring Milestones
169 | http://repo.spring.io/libs-milestone-local
170 |
171 | false
172 |
173 |
174 |
175 | spring-releases
176 | Spring Releases
177 | http://repo.spring.io/libs-release-local
178 |
179 | false
180 |
181 |
182 |
183 |
184 |
185 |
--------------------------------------------------------------------------------
13 |
25 |