OAuth2Configuration.java example

Explorer

tut-bookmarks-master
- hateoas
  - src
    - main
      - java
        bookmarks
        Application.java
        BookmarkControllerAdvice.java
        BookmarkResource.java
        BookmarkRestController.java
        UserNotFoundException.java
    - test
      - java
        bookmarks
        BookmarkRestControllerTest.java
- model
  - src
    - main
      - java
        bookmarks
        Account.java
        AccountRepository.java
        Bookmark.java
        BookmarkRepository.java
- rest
  - src
    - main
      - java
        bookmarks
        Application.java
        BookmarkRestController.java
        UserNotFoundException.java
    - test
      - java
        bookmarks
        BookmarkRestControllerTest.java
- security
  - src
    - main
      - java
        bookmarks
        Application.java
        BookmarkControllerAdvice.java
        BookmarkResource.java
        BookmarkRestController.java
        OAuth2Configuration.java
        UserNotFoundException.java
        WebSecurityConfiguration.java
    - test
      - java
        security
        ApplicationTests.java

/*
 * Copyright 2016 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package bookmarks;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;

/**
 * @author Josh Long
 * @author Greg Turnquist
 */
// tag::code[]
@Configuration
@EnableResourceServer
@EnableAuthorizationServer
class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {

	String applicationName = "bookmarks";

	// This is required for password grants, which we specify below as one of the
	// {@literal authorizedGrantTypes()}.
	@Autowired
	AuthenticationManagerBuilder authenticationManager;

	@Override
	public void configure(AuthorizationServerEndpointsConfigurer endpoints)
			throws Exception {
		// Workaround for https://github.com/spring-projects/spring-boot/issues/1801
		endpoints.authenticationManager(new AuthenticationManager() {
			@Override
			public Authentication authenticate(Authentication authentication)
					throws AuthenticationException {
				return authenticationManager.getOrBuild().authenticate(authentication);
			}
		});
	}

	@Override
	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

		clients.inMemory()
			.withClient("android-" + applicationName)
			.authorizedGrantTypes("password", "authorization_code", "refresh_token")
			.authorities("ROLE_USER")
			.scopes("write")
			.resourceIds(applicationName)
			.secret("123456");
	}
}
// end::code[]