upgrade spring security cloud

This commit is contained in:
DOHA
2019-06-06 14:46:56 +02:00
parent 7117d947e4
commit cf68c5c771
12 changed files with 46 additions and 36 deletions
@@ -38,7 +38,7 @@
</dependencies>
<properties>
<spring-cloud-starter-oauth2.version>1.1.2.RELEASE</spring-cloud-starter-oauth2.version>
<spring-cloud-starter-oauth2.version>2.1.2.RELEASE</spring-cloud-starter-oauth2.version>
</properties>
</project>
@@ -9,6 +9,7 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.core.io.Resource;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -19,9 +20,7 @@ import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFacto
@Configuration
@EnableAuthorizationServer
@Order(6)
public class AuthServerConfigurer
extends
AuthorizationServerConfigurerAdapter {
public class AuthServerConfigurer extends AuthorizationServerConfigurerAdapter {
@Value("${jwt.certificate.store.file}")
private Resource keystore;
@@ -37,6 +36,9 @@ public class AuthServerConfigurer
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@Override
public void configure(
@@ -45,8 +47,8 @@ public class AuthServerConfigurer
clients
.inMemory()
.withClient("authserver")
.secret("passwordforauthserver")
.redirectUris("http://localhost:8080/")
.secret(passwordEncoder.encode("passwordforauthserver"))
.redirectUris("http://localhost:8080/login")
.authorizedGrantTypes("authorization_code",
"refresh_token")
.scopes("myscope")
@@ -2,10 +2,10 @@ package com.baeldung.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebMvcConfigurer extends WebMvcConfigurerAdapter {
public class WebMvcConfig implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {
@@ -6,8 +6,8 @@ import org.springframework.security.config.annotation.authentication.builders.Au
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
@Configuration
@@ -34,7 +34,7 @@ public class WebSecurityConfigurer
AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("user")
.withUser("user").password(passwordEncoder().encode("user"))
.roles("USER")
.and()
.withUser("admin").password("admin")
@@ -48,5 +48,9 @@ public class WebSecurityConfigurer
return super.userDetailsServiceBean();
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
@@ -1,7 +1,8 @@
# Make the application available at http://localhost:7070/authserver
server:
port: 7070
contextPath: /authserver
servlet:
context-path: /authserver
# Our certificate settings for enabling JWT tokens
jwt:
@@ -11,11 +12,4 @@ jwt:
password: abirkhan04
key:
alias: myauthkey
password: abirkhan04
security:
oauth2:
resource:
filter-order: 3
password: abirkhan04