java source code of SecurityConfig

spring-boot-samples-master
- spring-boot-sample-data-mongodb
  - src
    - main
      - java
        sample
        data
        mongo
        Customer.java
        CustomerRepository.java
        SampleMongoApplication.java
    - test
      - java
        sample
        data
        mongo
        SampleMongoApplicationTests.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - .gitignore
- spring-boot-jms-javaconfig
  - src
    - main
      - java
        xpadro
        spring
        jms
        JmsJavaconfigApplication.java
        service
        RegisterService.java
        ClientServiceImpl.java
        RegisterServiceImpl.java
        StoreServiceImpl.java
        ClientService.java
        StoreService.java
        model
        Order.java
        listener
        InListener.java
        SimpleListener.java
        OutListener.java
    - test
      - java
        xpadro
        spring
        jms
        InOutListenerTest.java
        SimpleListenerTest.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - activemq-data
    - embedded
      - KahaDB
        db.redo
        db.data
  - .gitignore
- visitas
  - src
    - main
      - resources
        templates
        home.html
        admin.html
        login.html
        application.properties
      - java
        demo
        VisitasApplication.java
        MvcConfig.java
        model
        Usuario.java
        Visita.java
        repository
        VisitasRepository.java
        controller
        InicioController.java
        WebSecurityConfig.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - target
    - classes
      - templates
        home.html
        login.html
      - application.properties
- weather-app
  - .factorypath
  - src
    - main
      - resources
        templates
        summary.html
        banner.jpg
        application.properties
        static
        img
        error
        404.html
        favicon.ico
        fonts
        owfont-regular.svg
        owfont-regular.otf
        SpringOnePlatform.ttf
        SpringOnePlatform.eot
        SpringOnePlatform.woff
        owfont-regular.woff
        owfont-regular.ttf
        SpringOnePlatform.svg
        owfont-regular.eot
        css
        owfont-regular.css
        style.css
        owfont-regular.min.css
      - asciidoc
        index.adoc
      - java
        com
        example
        weather
        WeatherAppProperties.java
        web
        WeatherApiController.java
        WeatherSummaryController.java
        WeatherSummary.java
        WeatherApp.java
        integration
        ows
        Weather.java
        WeatherForecast.java
        WeatherEntry.java
        WeatherService.java
    - test
      - resources
        logback-test.xml
        com
        example
        weather
        integration
        ows
        weather-barcelona.json
        forecast-barcelona.json
      - java
        com
        example
        weather
        web
        WeatherApiDocumentationTest.java
        WeatherApiControllerTest.java
        integration
        ows
        WeatherServiceTest.java
  - pom.xml
  - .DS_Store
  - README.adoc
- LICENSE
- demo-data-jpa
  - src
    - main
      - resources
        import.sql
        application.properties
      - java
        demo
        service
        ReviewRepository.java
        CityService.java
        HotelRepository.java
        CityRepository.java
        HotelServiceImpl.java
        ReviewsSummary.java
        HotelService.java
        CitySearchCriteria.java
        CityServiceImpl.java
        DemoDataJpaApplication.java
        domain
        Rating.java
        Hotel.java
        City.java
        TripType.java
        RatingCount.java
        ReviewDetails.java
        HotelSummary.java
        Review.java
        controller
        HotelController.java
    - test
      - resources
        application-qa.properties
      - java
        demo
        service
        HotelRepositoryIntegrationTests.java
        CityRepositoryIntegrationTests.java
        DemoDataJpaApplicationTests.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - .gitignore
- demo-boot-jpa
  - src
    - main
      - resources
        templates
        inicio.ftl
        import.txt
        application.properties
      - java
        demo
        domain
        Nota.java
        Etiqueta.java
        DemoBootJpaApplication.java
        repository
        JpaEtiquetaRepository.java
        EtiquetaRepository.java
        NotaRepository.java
        JpaNotaRepository.java
        controller
        InicioController.java
    - test
      - java
        demo
        DemoBootJpaApplicationTests.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - target
    - classes
      - META-INF
        maven
        com.mycompany
        demobootjpa
        pom.xml
        pom.properties
        MANIFEST.MF
      - application.properties
  - .gitignore
- spring-boot-ws-holiday
  - src
    - main
      - resources
        META-INF
        schemas
        hr.xsd
        students.xsd
        application.properties
      - java
        demo
        endpoint
        HolidayEndpoint.java
        DemoSpringWsApplication.java
        service
        HumanResourceService.java
        StubHumanResourceService.java
        WebServiceConfig.java
    - test
      - java
        demo
        DemoSpringWsApplicationTests.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - .gitignore
- spring-boot-websocket
  - src
    - main
      - resources
        static
        stomp.js
        sockjs-0.3.4.js
        index.html
      - java
        hello
        GreetingController.java
        Greeting.java
        HelloMessage.java
        WebSocketConfig.java
        Application.java
  - gradle
    - wrapper
      - gradle-wrapper.properties
  - pom.xml
  - gradlew.bat
  - gradlew
  - build.gradle
- .DS_Store
- SpringWS
  - src
    - main
      - resources
        countries.xsd
      - java
        hello
        CountryRepository.java
        WebServiceConfig.java
        Application.java
        CountryEndpoint.java
        .gitignore
    - test
      - java
        hello
        ApplicationIntegrationTests.java
  - gradle
    - wrapper
      - gradle-wrapper.properties
  - pom.xml
  - mvnw
  - gradlew.bat
  - gradlew
  - build.gradle
  - request.xml
  - .mvn
    - wrapper
      - maven-wrapper.properties
  - mvnw.cmd
- bootangular
  - src
    - main
      - resources
        application.properties
        static
        js
        app.js
        service
        user_service.js
        controller
        user_controller.js
        css
        app.css
        bootstrap.css
      - java
        pe
        joedayz
        BootangularApplication.java
        modelo
        User.java
        service
        UserService.java
        UserServiceImpl.java
        repository
        UserRepository.java
        rest
        UserRestController.java
        IndexController.java
      - webapp
        WEB-INF
        jsp
        UserManagement.jsp
    - test
      - java
        pe
        joedayz
        BootangularApplicationTests.java
  - pom.xml
  - mvnw
  - .DS_Store
  - mvnw.cmd
- cfp-example
  - src
    - main
      - resources
        db
        migration
        V1__Initial_Setup.sql
        V1_1__Add_Notes.sql
        application-local.properties
        application-secrets.properties
        templates
        admin
        index.html
        error
        4xx.html
        submit.html
        news.html
        index.html
        layouts
        main.html
        login.html
        application.properties
        static
        bootstrap
        js
        bootstrap.min.js
        css
        bootstrap.min.css
        bootstrap-theme.min.css
        bootstrap-theme.min.css.map
        img
        css
        main.css
      - java
        com
        example
        cfp
        security
        SecurityConfig.java
        web
        NewsController.java
        Navigation.java
        CfpController.java
        WebConfig.java
        HomeController.java
        SubmissionForm.java
        Section.java
        AdminController.java
        integration
        github
        GithubUser.java
        CommitDeserializer.java
        GithubClient.java
        Commit.java
        CfpApplication.java
        domain
        Submission.java
        SubmissionRepository.java
        SubmissionStatus.java
        Track.java
        User.java
        UserRepository.java
        submission
        SubmissionRequest.java
        SubmissionService.java
        CfpProperties.java
    - test
      - resources
        logback-test.xml
        github
        no-commit.json
        spring-framework-commits-no-polish.json
        jsmith.json
        spring-framework-commits.json
      - java
        com
        example
        cfp
        web
        CfpControllerTest.java
        integration
        github
        GithubClientTest.java
        domain
        UserTest.java
        SubmissionTest.java
        submission
        SubmissionServiceTest.java
  - pom.xml
  - .DS_Store
  - README.adoc
- CacheDemo
  - src
    - main
      - java
        hello
        Book.java
        AppRunner.java
        BookRepository.java
        SimpleBookRepository.java
        Application.java
  - gradle
    - wrapper
      - gradle-wrapper.properties
  - pom.xml
  - mvnw
  - gradlew.bat
  - gradlew
  - build.gradle
  - .mvn
    - wrapper
      - maven-wrapper.properties
  - mvnw.cmd
- README.md
- DemoBatch
  - src
    - main
      - resources
        schema-all.sql
        sample-data.csv
      - java
        hello
        BatchConfiguration.java
        Person.java
        JobCompletionNotificationListener.java
        Application.java
        PersonItemProcessor.java
  - gradle
    - wrapper
      - gradle-wrapper.properties
  - pom.xml
  - mvnw
  - gradlew.bat
  - gradlew
  - build.gradle
  - .mvn
    - wrapper
      - maven-wrapper.properties
  - mvnw.cmd
- spring-boot-messaging
  - src
    - main
      - resources
        application.properties
        static
        index.html
      - java
        demo
        dto
        MessageDTO.java
        handlers
        QueueHandler.java
        config
        SecurityConfig.java
        CamelConfig.java
        WebSocketConfig.java
        controllers
        WebSocketController.java
        APIController.java
        Application.java
    - test
      - java
        demo
        Demowebsocket3ApplicationTests.java
  - demo.iml
  - build.gradle
- .gitignore
- spring-boot-activemq
  - src
    - main
      - resources
        application.properties
      - java
        demo
        Producer.java
        ActiveMQConfig.java
        Consumer.java
        DemoActiveMqApplication.java
    - test
      - java
        demo
        DemoActiveMqApplicationTests.java
  - pom.xml
  - .settings
    - org.eclipse.wst.common.project.facet.core.xml
    - org.eclipse.m2e.core.prefs
    - org.eclipse.jdt.core.prefs
    - org.eclipse.core.resources.prefs
  - .gitignore

package com.example.cfp.security;

import com.example.cfp.CfpProperties;
import com.example.cfp.domain.User;
import com.example.cfp.domain.UserRepository;
import com.example.cfp.integration.github.GithubClient;
import com.example.cfp.integration.github.GithubUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.boot.autoconfigure.security.oauth2.resource.AuthoritiesExtractor;
import org.springframework.boot.autoconfigure.security.oauth2.resource.PrincipalExtractor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.authority.AuthorityUtils;

@Configuration
@EnableOAuth2Sso
public class SecurityConfig extends WebSecurityConfigurerAdapter {

	private static final Logger logger = LoggerFactory.getLogger(SecurityConfig.class);

	private final CfpProperties cfpProperties;

	public SecurityConfig(CfpProperties cfpProperties) {
		this.cfpProperties = cfpProperties;
	}

	@Override
	protected void configure(HttpSecurity http) throws Exception {
		http.authorizeRequests()
				.antMatchers("/admin/**").hasRole("ADMIN")
				.antMatchers("/", "/news", "/login**", "/css/**", "/img/**", "/webjars/**", "/bootstrap/**").permitAll()
				.anyRequest().authenticated()
				.and()
			.csrf()
				.ignoringAntMatchers("/admin/h2-console/*")
				.and()
			.logout()
				.logoutSuccessUrl("/")
				.permitAll()
				.and()
			.headers()
				.frameOptions().sameOrigin();
	}

	@Bean
	public AuthoritiesExtractor authoritiesExtractor() {
		return map -> {
			String username = (String) map.get("login");
			if (this.cfpProperties.getSecurity().getAdmins().contains(username)) {
				return AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER,ROLE_ADMIN");
			}
			else {
				return AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER");
			}
		};
	}

	@Bean
	public PrincipalExtractor principalExtractor(GithubClient githubClient, UserRepository userRepository) {
		return map -> {
			String githubLogin = (String) map.get("login");
			User speaker = userRepository.findByGithub(githubLogin);
			if (speaker == null) {
				logger.info("Initialize user with githubId {}", githubLogin);
				GithubUser user = githubClient.getUser(githubLogin);
				speaker = new User();
				speaker.setEmail(user.getEmail());
				speaker.setName(user.getName());
				speaker.setGithub(githubLogin);
				speaker.setAvatarUrl(user.getAvatar());
				userRepository.save(speaker);
			}
			return speaker;
		};
	}

}