diff --git a/spring-security-oauth/spring-security-oauth-resource-demo/pom.xml b/spring-security-oauth/spring-security-oauth-resource-demo/pom.xml index a1a7e045fb..8a6eb8a2d4 100644 --- a/spring-security-oauth/spring-security-oauth-resource-demo/pom.xml +++ b/spring-security-oauth/spring-security-oauth-resource-demo/pom.xml @@ -1,37 +1,41 @@ - - 4.0.0 - spring-security-oauth-resource-demo - spring-security-oauth-resource-demo - war + + 4.0.0 + spring-security-oauth-resource-demo + spring-security-oauth-resource-demo + war - - org.baeldung - spring-security-oauth - 1.0.0-SNAPSHOT - + + org.baeldung + spring-security-oauth + 1.0.0-SNAPSHOT + - - - - org.springframework.boot - spring-boot-starter-web - - - - - org.springframework.security.oauth - spring-security-oauth2 - ${oauth.version} - - - - org.apache.commons - commons-lang3 - ${commons-lang3.version} - - - + + + + org.springframework.boot + spring-boot-starter-web + + + + + org.springframework.security.oauth + spring-security-oauth2 + ${oauth.version} + + + org.springframework.security + spring-security-jwt + + + + + org.apache.commons + commons-lang3 + ${commons-lang3.version} + + + spring-security-oauth-resource-demo diff --git a/spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig2.java b/spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig2.java index d69f3366a8..49d258c985 100644 --- a/spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig2.java +++ b/spring-security-oauth/spring-security-oauth-resource-demo/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig2.java @@ -2,12 +2,16 @@ package org.baeldung.config; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; +import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.TokenStore; -import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; +import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; +import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; @Configuration @EnableResourceServer @@ -25,9 +29,31 @@ public class OAuth2ResourceServerConfig2 extends ResourceServerConfigurerAdapter // @formatter:on } + @Override + public void configure(final ResourceServerSecurityConfigurer config) { + config.tokenServices(tokenServices()); + } + + // JWT + + @Bean + @Primary + public DefaultTokenServices tokenServices() { + final DefaultTokenServices tokenServices = new DefaultTokenServices(); + tokenServices.setTokenStore(tokenStore()); + return tokenServices; + } + @Bean public TokenStore tokenStore() { - return new InMemoryTokenStore(); + return new JwtTokenStore(accessTokenConverter()); + } + + @Bean + public JwtAccessTokenConverter accessTokenConverter() { + final JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); + converter.setSigningKey("123"); + return converter; } } diff --git a/spring-security-oauth/spring-security-oauth-server-demo/pom.xml b/spring-security-oauth/spring-security-oauth-server-demo/pom.xml index ae575293e8..9ddba9d1b2 100644 --- a/spring-security-oauth/spring-security-oauth-server-demo/pom.xml +++ b/spring-security-oauth/spring-security-oauth-server-demo/pom.xml @@ -24,6 +24,10 @@ spring-security-oauth2 ${oauth.version} + + org.springframework.security + spring-security-jwt + diff --git a/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig1.java b/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig1.java index b0f5872430..331b4cacf6 100644 --- a/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig1.java +++ b/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig1.java @@ -31,10 +31,9 @@ public class OAuth2AuthorizationServerConfig1 extends AuthorizationServerConfigu clients.inMemory() .withClient("fooClientIdPassword") .secret("secret") - .authorizedGrantTypes("password", "authorization_code", "refresh_token") + .authorizedGrantTypes("password", "authorization_code") .scopes("foo", "read", "write") .accessTokenValiditySeconds(3600) // 1 hour - .refreshTokenValiditySeconds(2592000) // 30 days ; } // @formatter:on diff --git a/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig2.java b/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig2.java index 3bbda6e3fa..808a2351a0 100644 --- a/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig2.java +++ b/spring-security-oauth/spring-security-oauth-server-demo/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig2.java @@ -4,14 +4,18 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; +import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; +import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.TokenStore; -import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore; +import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; +import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; @Configuration @EnableAuthorizationServer @@ -33,21 +37,42 @@ public class OAuth2AuthorizationServerConfig2 extends AuthorizationServerConfigu clients.inMemory() .withClient("fooClientIdPassword") .secret("secret") - .authorizedGrantTypes("password", "authorization_code", "refresh_token") + .authorizedGrantTypes("password", "authorization_code" ) .scopes("foo", "read", "write") .accessTokenValiditySeconds(3600) // 1 hour - .refreshTokenValiditySeconds(2592000) // 30 days ; } // @formatter:on @Override - public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception { - endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager); + public void configure(final AuthorizationServerEndpointsConfigurer conf) { // @formatter:off + conf. + tokenStore(tokenStore()) + .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST) + .accessTokenConverter(accessTokenConverter()) + .authenticationManager(authenticationManager) + ; + } // @formatter:on + + // JWT + + @Bean + @Primary + public DefaultTokenServices tokenServices() { + final DefaultTokenServices tokenServices = new DefaultTokenServices(); + tokenServices.setTokenStore(tokenStore()); + return tokenServices; } @Bean public TokenStore tokenStore() { - return new InMemoryTokenStore(); + return new JwtTokenStore(accessTokenConverter()); + } + + @Bean + public JwtAccessTokenConverter accessTokenConverter() { + final JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); + converter.setSigningKey("123"); + return converter; } }