Commit b4987f1

author

dimMaryanto@win10

committed

update application project

1 parent c71f97c commit b4987f1Copy full SHA for b4987f1

File tree

6 files changed

+95

-86

lines changed

README.md
pom.xml
src/main
- java/com/maryanto/dimas/example/config
- resources
  - application.properties

6 files changed

+95

-86

lines changed

`‎README.md‎`

Lines changed: 29 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,31 @@`
`1`		`-# Security Oauth2 with LDAP`
	`1`	`+# Spring Security - Oauth2 SSO example`
`2`	`2`
`3`		`-## Request token`
	`3`	`+Belajar Web Security dengan fitur single sign on (SSO)`
`4`	`4`
`5`		-```bash
`6`		`-curl -X POST \`
`7`		`- 'http://localhost:8080/oauth/token?grant_type=password&username=user&password=password&client_id=mandiri_mits' \`
`8`		`- -H 'Authorization: Basic bWFuZGlyaV9taXRzOjEyMzQ1Ng=='`
`9`		-```
	`5`	`+- Fitur Grant type Authorization code`
	`6`	`+`
	`7`	`+ - request code : [klick disini](http://localhost:8080/oauth/authorize?grant_type=authorization_code&client_id=client-code&client_secret=123456&redirectUrl=http://localhost:8080/&response_type=code)`
	`8`	`+`
	`9`	+ ```bash
	`10`	`+ http://localhost:8080/oauth/authorize?grant_type=authorization_code&client_id=client-code&client_secret=123456&redirectUrl=http://localhost:8080/&response_type=code`
	`11`	+ ```
	`12`	`+`
	`13`	`+ - request token :`
	`14`	`+`
	`15`	+ ```bash
	`16`	`+ curl -X POST \`
	`17`	`+ http://localhost:8080/oauth/token \`
	`18`	`+ -H 'Authorization: Basic Y2xpZW50LWNvZGU6MTIzNDU2' \`
	`19`	`+ -H 'Cache-Control: no-cache' \`
	`20`	`+ -H 'Content-Type: application/x-www-form-urlencoded' \`
	`21`	`+ -d 'grant_type=authorization_code&code=1HQ2Gh'`
	`22`	+ ```
	`23`	`+`
	`24`	`+- Fitur Grant type Password`
	`25`	`+`
	`26`	+ ```bash
	`27`	`+ curl -X POST \`
	`28`	`+ 'http://localhost:8080/oauth/token?grant_type=password&client_id=client-code&username=user&password=password' \`
	`29`	`+ -H 'Authorization: Basic Y2xpZW50LWNvZGU6MTIzNDU2' \`
	`30`	`+ -H 'Postman-Token: f2b78553-073a-46c7-8a3e-dca6ccdc1fef'`
	`31`	+ ```

`‎pom.xml‎`

Lines changed: 0 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -25,10 +25,6 @@`
`25`	`25`	`</properties>`
`26`	`26`
`27`	`27`	`<dependencies>`
`28`		`- <dependency>`
`29`		`- <groupId>org.springframework.boot</groupId>`
`30`		`- <artifactId>spring-boot-starter-data-ldap</artifactId>`
`31`		`- </dependency>`
`32`	`28`	`<dependency>`
`33`	`29`	`<groupId>org.springframework.boot</groupId>`
`34`	`30`	`<artifactId>spring-boot-starter-security</artifactId>`
`@@ -37,10 +33,6 @@`
`37`	`33`	`<groupId>org.springframework.security.oauth</groupId>`
`38`	`34`	`<artifactId>spring-security-oauth2</artifactId>`
`39`	`35`	`</dependency>`
`40`		`- <dependency>`
`41`		`- <groupId>org.springframework.security</groupId>`
`42`		`- <artifactId>spring-security-jwt</artifactId>`
`43`		`- </dependency>`
`44`	`36`	`<dependency>`
`45`	`37`	`<groupId>net.sourceforge.collections</groupId>`
`46`	`38`	`<artifactId>collections-generic</artifactId>`

`‎src/main/java/com/maryanto/dimas/example/configurations/OauthResourceServerConfiguration.java‎ renamed to ‎src/main/java/com/maryanto/dimas/example/config/OauthAuthorizationServer.java‎`

Lines changed: 3 additions & 9 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,6 @@`
`1`		`-package com.maryanto.dimas.example.configurations;`
	`1`	`+package com.maryanto.dimas.example.config;`
`2`	`2`
`3`	`3`	`import org.springframework.beans.factory.annotation.Autowired;`
`4`		`-import org.springframework.beans.factory.annotation.Value;`
`5`	`4`	`import org.springframework.context.annotation.Configuration;`
`6`	`5`	`import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;`
`7`	`6`	`import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;`
`@@ -11,22 +10,17 @@`
`11`	`10`
`12`	`11`	`@EnableResourceServer`
`13`	`12`	`@Configuration`
`14`		`-public class OauthResourceServerConfiguration extends ResourceServerConfigurerAdapter {`
`15`		`-`
	`13`	`+public class OauthAuthorizationServer extends ResourceServerConfigurerAdapter {`
`16`	`14`
`17`	`15`	`@Autowired`
`18`	`16`	`private OAuth2AccessDeniedHandler handler;`
`19`	`17`
`20`	`18`	`@Autowired`
`21`	`19`	`private TokenStore tokenStore;`
`22`	`20`
`23`		`- @Value("${oauth2.resource_id}")`
`24`		`- private String RESOURCE_ID;`
`25`		`-`
`26`	`21`	`@Override`
`27`	`22`	`public void configure(ResourceServerSecurityConfigurer resources) throws Exception {`
`28`		`-// super.configure(resources);`
`29`		`- resources.resourceId(RESOURCE_ID)`
	`23`	`+ resources.resourceId("client-code")`
`30`	`24`	`.tokenStore(tokenStore)`
`31`	`25`	`.accessDeniedHandler(handler)`
`32`	`26`	`.stateless(false);`

`‎src/main/java/com/maryanto/dimas/example/configurations/OauthServerConfiguration.java‎ renamed to ‎src/main/java/com/maryanto/dimas/example/config/OauthResourceServer.java‎`

Lines changed: 7 additions & 15 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,7 @@`
`1`		`-package com.maryanto.dimas.example.configurations;`
	`1`	`+package com.maryanto.dimas.example.config;`
`2`	`2`
`3`	`3`	`import org.springframework.beans.factory.annotation.Autowired;`
`4`	`4`	`import org.springframework.beans.factory.annotation.Qualifier;`
`5`		`-import org.springframework.beans.factory.annotation.Value;`
`6`	`5`	`import org.springframework.context.annotation.Bean;`
`7`	`6`	`import org.springframework.context.annotation.Configuration;`
`8`	`7`	`import org.springframework.security.authentication.AuthenticationManager;`
`@@ -16,14 +15,7 @@`
`16`	`15`
`17`	`16`	`@Configuration`
`18`	`17`	`@EnableAuthorizationServer`
`19`		`-public class OauthServerConfiguration extends AuthorizationServerConfigurerAdapter {`
`20`		`-`
`21`		`- @Value("${oauth2.resource_id}")`
`22`		`- private String RESOURCE_ID;`
`23`		`- @Value("${oauth2.client_id}")`
`24`		`- private String CLIENT_ID;`
`25`		`- @Value("${oauth2.client_secret}")`
`26`		`- private String CLIENT_SECRET;`
	`18`	`+public class OauthResourceServer extends AuthorizationServerConfigurerAdapter {`
`27`	`19`
`28`	`20`	`@Autowired`
`29`	`21`	`private TokenStore tokenStore;`
`@@ -37,7 +29,6 @@ public OAuth2AccessDeniedHandler oauthAccessDeniedHandler() {`
`37`	`29`	`return new OAuth2AccessDeniedHandler();`
`38`	`30`	`}`
`39`	`31`
`40`		`-`
`41`	`32`	`@Override`
`42`	`33`	`public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {`
`43`	`34`	`oauthServer.checkTokenAccess("permitAll()");`
`@@ -46,12 +37,13 @@ public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws`
`46`	`37`	`@Override`
`47`	`38`	`public void configure(ClientDetailsServiceConfigurer clients) throws Exception {`
`48`	`39`	`clients.inMemory()`
`49`		`- .withClient(CLIENT_ID)`
`50`		`- .secret(CLIENT_SECRET)`
	`40`	`+ .withClient("client-code")`
	`41`	`+ .resourceIds("resource-example")`
	`42`	`+ .secret("123456")`
`51`	`43`	`.scopes("read", "write", "trust")`
`52`	`44`	`.authorizedGrantTypes("password", "authorization_code", "refresh_token")`
`53`		`- .authorities("CLIENT_APP")`
`54`		`- .resourceIds(RESOURCE_ID)`
	`45`	`+ .authorities("module-users-management")`
	`46`	`+ .redirectUris("http://localhost:8080/")`
`55`	`47`	`.autoApprove(true);`
`56`	`48`	`}`
`57`	`49`

`‎src/main/java/com/maryanto/dimas/example/configurations/WebSecurityConfiguration.java‎ renamed to ‎src/main/java/com/maryanto/dimas/example/config/WebSecurityConfiguration.java‎`

Lines changed: 56 additions & 42 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,68 +1,97 @@`
`1`		`-package com.maryanto.dimas.example.configurations;`
	`1`	`+package com.maryanto.dimas.example.config;`
`2`	`2`
`3`		`-import com.google.common.collect.ImmutableList;`
`4`	`3`	`import org.springframework.beans.factory.annotation.Autowired;`
`5`		`-import org.springframework.boot.autoconfigure.security.SecurityProperties;`
`6`	`4`	`import org.springframework.boot.web.servlet.FilterRegistrationBean;`
`7`	`5`	`import org.springframework.context.annotation.Bean;`
`8`	`6`	`import org.springframework.context.annotation.Configuration;`
`9`	`7`	`import org.springframework.core.annotation.Order;`
`10`	`8`	`import org.springframework.security.authentication.AuthenticationManager;`
`11`		`-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;`
`12`	`9`	`import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication;`
`13`	`10`	`import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;`
`14`	`11`	`import org.springframework.security.config.annotation.web.builders.HttpSecurity;`
`15`	`12`	`import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;`
`16`	`13`	`import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;`
`17`	`14`	`import org.springframework.security.config.http.SessionCreationPolicy;`
	`15`	`+import org.springframework.security.core.userdetails.User;`
	`16`	`+import org.springframework.security.core.userdetails.UserDetails;`
	`17`	`+import org.springframework.security.core.userdetails.UserDetailsService;`
`18`	`18`	`import org.springframework.security.oauth2.provider.ClientDetailsService;`
`19`	`19`	`import org.springframework.security.oauth2.provider.approval.ApprovalStore;`
`20`	`20`	`import org.springframework.security.oauth2.provider.approval.TokenApprovalStore;`
`21`	`21`	`import org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler;`
`22`	`22`	`import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;`
`23`	`23`	`import org.springframework.security.oauth2.provider.token.TokenStore;`
`24`	`24`	`import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;`
	`25`	`+import org.springframework.security.provisioning.InMemoryUserDetailsManager;`
	`26`	`+import org.springframework.security.web.csrf.CookieCsrfTokenRepository;`
`25`	`27`	`import org.springframework.web.cors.CorsConfiguration;`
`26`		`-import org.springframework.web.cors.CorsConfigurationSource;`
`27`	`28`	`import org.springframework.web.cors.UrlBasedCorsConfigurationSource;`
`28`	`29`	`import org.springframework.web.filter.CorsFilter;`
`29`	`30`
`30`	`31`	`@Configuration`
`31`	`32`	`@EnableWebSecurity`
`32`	`33`	`@EnableGlobalMethodSecurity(securedEnabled = true)`
`33`	`34`	`@EnableGlobalAuthentication`
`34`		`-@Order(SecurityProperties.ACCESS_OVERRIDE_ORDER)`
`35`		`-public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {`
`36`		`-`
	`35`	`+public class WebSecurityConfiguration {`
`37`	`36`
`38`	`37`	`@Autowired`
`39`	`38`	`private ClientDetailsService clientDetailsService;`
`40`	`39`
`41`	`40`	`@Bean`
`42`		`- @Override`
`43`		`- public AuthenticationManager authenticationManagerBean() throws Exception {`
`44`		`- return super.authenticationManagerBean();`
	`41`	`+ public UserDetailsService userDetailsService() {`
	`42`	`+ InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();`
	`43`	`+ UserDetails user = User.withUsername("user").password("password").roles("USER").build();`
	`44`	`+ UserDetails admin = User.withUsername("admin").password("password").roles("USER", "ADMIN").build();`
	`45`	`+ manager.createUser(user);`
	`46`	`+ manager.createUser(admin);`
	`47`	`+ return manager;`
`45`	`48`	`}`
`46`	`49`
`47`		`- @Override`
`48`		`- protected void configure(AuthenticationManagerBuilder auth) throws Exception {`
`49`		`-// super.configure(auth);`
`50`		`- auth.inMemoryAuthentication()`
`51`		`- .withUser("user").password("password").roles("USER").and()`
`52`		`- .withUser("admin").password("password").roles("ADMIN", "USER");`
	`50`	`+ @Configuration`
	`51`	`+ @Order(1)`
	`52`	`+ public static class ApiAuthenticationServer extends WebSecurityConfigurerAdapter {`
	`53`	`+`
	`54`	`+ @Bean`
	`55`	`+ @Override`
	`56`	`+ public AuthenticationManager authenticationManagerBean() throws Exception {`
	`57`	`+ return super.authenticationManagerBean();`
	`58`	`+ }`
	`59`	`+`
	`60`	`+ @Override`
	`61`	`+ protected void configure(HttpSecurity http) throws Exception {`
	`62`	`+// super.configure(http);`
	`63`	`+ http.cors().disable()`
	`64`	`+ .csrf().disable();`
	`65`	`+ http.antMatcher("/api/**")`
	`66`	`+ .authorizeRequests()`
	`67`	`+ .antMatchers("/oauth/**", "/login").permitAll()`
	`68`	`+ .anyRequest().authenticated()`
	`69`	`+ .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);`
	`70`	`+ }`
	`71`	`+`
`53`	`72`	`}`
`54`	`73`
`55`		`- @Override`
`56`		`- protected void configure(HttpSecurity http) throws Exception {`
	`74`	`+ @Configuration`
	`75`	`+ public static class WebFormAuthenticationServer extends WebSecurityConfigurerAdapter {`
	`76`	`+`
	`77`	`+ @Bean`
	`78`	`+ @Override`
	`79`	`+ public AuthenticationManager authenticationManagerBean() throws Exception {`
	`80`	`+ return super.authenticationManagerBean();`
	`81`	`+ }`
	`82`	`+`
	`83`	`+ @Override`
	`84`	`+ protected void configure(HttpSecurity http) throws Exception {`
`57`	`85`	`// super.configure(http);`
`58`		`- http`
`59`		`- .csrf().disable()`
`60`		`- .cors().disable()`
`61`		`- .authorizeRequests()`
`62`		`- .antMatchers("/oauth/**").permitAll()`
`63`		`- .anyRequest().authenticated()`
`64`		`- .and().httpBasic()`
`65`		`- .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);`
	`86`	`+ http.cors().disable()`
	`87`	`+ .csrf().disable();`
	`88`	`+ http.authorizeRequests()`
	`89`	`+ .antMatchers("/oauth/**").permitAll()`
	`90`	`+ .anyRequest().authenticated()`
	`91`	`+ .and().formLogin().permitAll()`
	`92`	`+ .and().httpBasic();`
	`93`	`+ }`
	`94`	`+`
`66`	`95`	`}`
`67`	`96`
`68`	`97`
`@@ -99,21 +128,6 @@ public FilterRegistrationBean corsFilter() {`
`99`	`128`	`return bean;`
`100`	`129`	`}`
`101`	`130`
`102`		`-`
`103`		`- @Bean`
`104`		`- public CorsConfigurationSource corsConfigurationSource() {`
`105`		`- final CorsConfiguration configuration = new CorsConfiguration();`
`106`		`- configuration.setAllowedMethods(ImmutableList.of("HEAD",`
`107`		`- "GET", "POST", "PUT", "DELETE", "PATCH"));`
`108`		`- configuration.setAllowedOrigins(ImmutableList.of("*"));`
`109`		`- configuration.setAllowCredentials(true);`
`110`		`- configuration.setAllowedHeaders(ImmutableList.of("Authorization", "Cache-Control", "Content-Type"));`
`111`		`- final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();`
`112`		`- source.registerCorsConfiguration("/**", configuration);`
`113`		`- return source;`
`114`		`- }`
`115`		`-`
`116`		`-`
`117`	`131`	`@Bean`
`118`	`132`	`public TokenStore tokenStore() {`
`119`	`133`	`return new InMemoryTokenStore();`

`‎src/main/resources/application.properties‎`

Lines changed: 0 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +0,0 @@`
`1`		`-# oauth`
`2`		`-oauth2.client_id=mandiri_mits`
`3`		`-oauth2.client_secret=123456`
`4`		`-oauth2.resource_id=MANDIRI_RESOURCE`
`5`		`-oauth2.check_token.uri=http://localhost:8080/oauth/check_token`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit b4987f1

File tree

6 files changed

6 files changed

`‎README.md‎`

`‎pom.xml‎`

`‎src/main/java/com/maryanto/dimas/example/configurations/OauthResourceServerConfiguration.java‎ renamed to ‎src/main/java/com/maryanto/dimas/example/config/OauthAuthorizationServer.java‎`

`‎src/main/java/com/maryanto/dimas/example/configurations/OauthServerConfiguration.java‎ renamed to ‎src/main/java/com/maryanto/dimas/example/config/OauthResourceServer.java‎`

`‎src/main/java/com/maryanto/dimas/example/configurations/WebSecurityConfiguration.java‎ renamed to ‎src/main/java/com/maryanto/dimas/example/config/WebSecurityConfiguration.java‎`

`‎src/main/resources/application.properties‎`

0 commit comments