@Override public OAuth2AuthorizationRequest removeAuthorizationRequest(HttpServletRequest request, HttpServletResponse response) { OAuth2AuthorizationRequest originalRequest = loadAuthorizationRequest(request); deleteCookies(request, response); return originalRequest; }
/** * Security configuration, calling protected methods */ @Override protected void configure(HttpSecurity http) throws Exception { super.configure(http); login(http); // authentication exceptionHandling(http); // exception handling oauth2Client(http); }
public LemonOAuth2UserService( LemonUserDetailsService<U, ?> userDetailsService, LemonService<U, ?> lemonService, PasswordEncoder passwordEncoder) { this.userDetailsService = userDetailsService; this.lemonService = lemonService; this.passwordEncoder = passwordEncoder; replaceRestOperarions(); log.info("Created"); }
protected void replaceRestOperarions() { RestTemplate restTemplate = new RestTemplate(); restTemplate.setErrorHandler(new OAuth2ErrorResponseErrorHandler()); restTemplate.setMessageConverters(makeMessageConverters()); setRestOperations(restTemplate); log.info("Rest Operations replaced"); }
@Override public OAuth2User loadUser(OAuth2UserRequest userRequest) throws OAuth2AuthenticationException { OAuth2User oath2User = super.loadUser(userRequest); return buildPrincipal(oath2User, userRequest.getClientRegistration().getRegistrationId()); }
@Override public LemonPrincipal loadUserByUsername(String username) throws UsernameNotFoundException { log.debug("Loading user having username: " + username); // delegates to findUserByUsername U user = findUserByUsername(username) .orElseThrow(() -> new UsernameNotFoundException( LexUtils.getMessage("com.naturalprogrammer.spring.userNotFound", username))); log.debug("Loaded user having username: " + username); return new LemonPrincipal(user.toUserDto()); }
/** * Configures LemonOidcUserService if missing */ @Bean @ConditionalOnMissingBean(LemonOidcUserService.class) public LemonOidcUserService lemonOidcUserService(LemonOAuth2UserService<?, ?> lemonOAuth2UserService) { log.info("Configuring LemonOidcUserService"); return new LemonOidcUserService(lemonOAuth2UserService); }
/** * Configuring token authentication filter */ protected void tokenAuthentication(HttpSecurity http) throws Exception { http.addFilterBefore(new LemonJpaTokenAuthenticationFilter(blueTokenService, userDetailsService), UsernamePasswordAuthenticationFilter.class); } }
/** * Configures UserDetailsService if missing */ @Bean @ConditionalOnMissingBean(UserDetailsService.class) public <U extends AbstractUser<ID>, ID extends Serializable> LemonUserDetailsService userDetailService(AbstractUserRepository<U, ID> userRepository) { log.info("Configuring LemonUserDetailsService"); return new LemonUserDetailsService<U, ID>(userRepository); }
/** * Configures AuthenticationSuccessHandler if missing */ @Bean @ConditionalOnMissingBean(LemonAuthenticationSuccessHandler.class) public LemonAuthenticationSuccessHandler authenticationSuccessHandler( ObjectMapper objectMapper, LemonService<?, ?> lemonService, LemonProperties properties) { log.info("Configuring AuthenticationSuccessHandler"); return new LemonAuthenticationSuccessHandler(objectMapper, lemonService, properties); }
/** * Configures OAuth2AuthenticationFailureHandler if missing */ @Bean @ConditionalOnMissingBean(OAuth2AuthenticationFailureHandler.class) public OAuth2AuthenticationFailureHandler oAuth2AuthenticationFailureHandler() { log.info("Configuring OAuth2AuthenticationFailureHandler"); return new OAuth2AuthenticationFailureHandler(); }
/** * Configures OAuth2AuthenticationSuccessHandler if missing */ @Bean @ConditionalOnMissingBean(OAuth2AuthenticationSuccessHandler.class) public OAuth2AuthenticationSuccessHandler<?> oauth2AuthenticationSuccessHandler( LemonProperties properties, BlueTokenService blueTokenService) { log.info("Configuring OAuth2AuthenticationSuccessHandler"); return new OAuth2AuthenticationSuccessHandler<>(properties, blueTokenService); }
/** * Configures LemonSecurityConfig if missing */ @Bean @ConditionalOnMissingBean(LemonWebSecurityConfig.class) public LemonWebSecurityConfig lemonSecurityConfig() { log.info("Configuring LemonJpaSecurityConfig"); return new LemonJpaSecurityConfig(); }
/** * Configures LemonOAuth2UserService if missing */ @Bean @ConditionalOnMissingBean(LemonOAuth2UserService.class) public <U extends AbstractUser<ID>, ID extends Serializable> LemonOAuth2UserService<U,ID> lemonOAuth2UserService( LemonUserDetailsService<U, ?> userDetailsService, LemonService<U, ?> lemonService, PasswordEncoder passwordEncoder) { log.info("Configuring LemonOAuth2UserService"); return new LemonOAuth2UserService<U,ID>(userDetailsService, lemonService, passwordEncoder); }
@Override protected void authorizeRequests(HttpSecurity http) throws Exception { http.authorizeRequests() .mvcMatchers("/admin/**").hasRole("GOOD_ADMIN"); super.authorizeRequests(http); } }
deleteCookies(request, response); return;
/** * Configuring authentication. */ protected void login(HttpSecurity http) throws Exception { http .formLogin() // form login .loginPage(loginPage()) /****************************************** * Setting a successUrl would redirect the user there. Instead, * let's send 200 and the userDto along with an Authorization token. *****************************************/ .successHandler(authenticationSuccessHandler) /******************************************* * Setting the failureUrl will redirect the user to * that url if login fails. Instead, we need to send * 401. So, let's set failureHandler instead. *******************************************/ .failureHandler(new SimpleUrlAuthenticationFailureHandler()); }
protected void oauth2Client(HttpSecurity http) throws Exception { http.oauth2Login() .authorizationEndpoint() .authorizationRequestRepository(new HttpCookieOAuth2AuthorizationRequestRepository(properties)).and() .successHandler(oauth2AuthenticationSuccessHandler) .failureHandler(oauth2AuthenticationFailureHandler) .userInfoEndpoint() .oidcUserService(oidcUserService) .userService(oauth2UserService); }
@Override public OidcUser loadUser(OidcUserRequest userRequest) throws OAuth2AuthenticationException { OidcUser oidcUser = super.loadUser(userRequest); LemonPrincipal principal = oauth2UserService.buildPrincipal(oidcUser, userRequest.getClientRegistration().getRegistrationId()); principal.setClaims(oidcUser.getClaims()); principal.setIdToken(oidcUser.getIdToken()); principal.setUserInfo(oidcUser.getUserInfo()); return principal; } }
@Override protected UserDto fetchUserDto(JWTClaimsSet claims) { String username = claims.getSubject(); U user = userDetailsService.findUserByUsername(username) .orElseThrow(() -> new UsernameNotFoundException(username)); log.debug("User found ..."); LemonUtils.ensureCredentialsUpToDate(claims, user); UserDto userDto = user.toUserDto(); userDto.setPassword(null); return userDto; } }