org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository Java Examples

The following examples show how to use org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CredHubTemplateAutoConfigurationTests.java    From spring-credhub with Apache License 2.0 6 votes vote down vote up
@Test
public void credHubTemplatesConfiguredWithOAuth2() {
	this.context.withPropertyValues("spring.credhub.url=https://localhost",
			"spring.credhub.oauth2.registration-id=credhub-client",

			"spring.security.oauth2.client.registration.credhub-client.provider=uaa",
			"spring.security.oauth2.client.registration.credhub-client.client-id=test-client",
			"spring.security.oauth2.client.registration.credhub-client.client-secret=test-secret",
			"spring.security.oauth2.client.registration.credhub-client.authorization-grant-type=client_credentials",
			"spring.security.oauth2.client.provider.uaa.token-uri=https://example.com/uaa/oauth/token")
			.run((context) -> {
				assertThat(context).hasSingleBean(CredHubTemplate.class);
				assertThat(context).hasSingleBean(ClientRegistrationRepository.class);
				assertThat(context).hasSingleBean(OAuth2AuthorizedClientRepository.class);
				assertThat(context).doesNotHaveBean(OAuth2AuthorizedClientManager.class);
				CredHubTemplate credHubTemplate = context.getBean(CredHubTemplate.class);
				assertThat(credHubTemplate.isUsingOAuth2()).isTrue();

				assertThat(context).hasSingleBean(ReactiveCredHubTemplate.class);
				assertThat(context).hasSingleBean(ReactiveClientRegistrationRepository.class);
				assertThat(context).hasSingleBean(ServerOAuth2AuthorizedClientRepository.class);
				assertThat(context).doesNotHaveBean(ReactiveOAuth2AuthorizedClientManager.class);
				ReactiveCredHubTemplate reactiveCredHubTemplate = context.getBean(ReactiveCredHubTemplate.class);
				assertThat(reactiveCredHubTemplate.isUsingOAuth2()).isTrue();
			});
}
 
Example #2
Source File: CredHubWebClientFactory.java    From spring-credhub with Apache License 2.0 5 votes vote down vote up
private static DefaultReactiveOAuth2AuthorizedClientManager buildClientManager(
		ReactiveClientRegistrationRepository clientRegistrationRepository,
		ServerOAuth2AuthorizedClientRepository authorizedClientRepository,
		ReactiveOAuth2AuthorizedClientProvider clientProvider) {
	DefaultReactiveOAuth2AuthorizedClientManager clientManager = new DefaultReactiveOAuth2AuthorizedClientManager(
			clientRegistrationRepository, authorizedClientRepository);
	clientManager.setAuthorizedClientProvider(clientProvider);
	return clientManager;
}
 
Example #3
Source File: Spring5ReactiveOauthApplication.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
public WebClient webClient(ReactiveClientRegistrationRepository clientRegistrationRepo, ServerOAuth2AuthorizedClientRepository authorizedClientRepo) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction filter = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrationRepo, authorizedClientRepo);
    return WebClient.builder()
        .filter(filter)
        .build();
}
 
Example #4
Source File: WebClientConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
WebClient webClientForAuthorized(ReactiveClientRegistrationRepository clientRegistrations, ServerOAuth2AuthorizedClientRepository authorizedClients) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients);
    return WebClient.builder()
        .filter(oauth)
        .build();
}
 
Example #5
Source File: WebClientConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
WebClient otherWebClient(ReactiveClientRegistrationRepository clientRegistrations, ServerOAuth2AuthorizedClientRepository authorizedClients) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients);
    return WebClient.builder()
        .filter(oauth)
        .build();
}
 
Example #6
Source File: WebClientConfig.java    From tutorials with MIT License 5 votes vote down vote up
@Bean
@Primary
WebClient webClientForAuthorized(ReactiveClientRegistrationRepository clientRegistrations, ServerOAuth2AuthorizedClientRepository authorizedClients) {
    ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients);
    oauth.setDefaultOAuth2AuthorizedClient(true);
    return WebClient.builder()
        .filter(oauth)
        .build();
}
 
Example #7
Source File: OAuth2SecurityConfigUtils.java    From syncope with Apache License 2.0 5 votes vote down vote up
public static void forLogin(
        final ServerHttpSecurity http,
        final AMType amType,
        final ApplicationContext ctx) {

    ReactiveClientRegistrationRepository clientRegistrationRepository =
            ctx.getBean(ReactiveClientRegistrationRepository.class);

    ReactiveOAuth2AuthorizedClientService authorizedClientService =
            new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrationRepository);
    ServerOAuth2AuthorizedClientRepository authorizedClientRepository =
            new AuthenticatedPrincipalServerOAuth2AuthorizedClientRepository(authorizedClientService);

    OAuth2AuthorizationRequestRedirectWebFilter authRequestRedirectFilter =
            new OAuth2AuthorizationRequestRedirectWebFilter(clientRegistrationRepository);

    AuthenticationWebFilter authenticationFilter =
            new OAuth2LoginAuthenticationWebFilter(authenticationManager(amType), authorizedClientRepository);
    authenticationFilter.setRequiresAuthenticationMatcher(
            new PathPatternParserServerWebExchangeMatcher("/login/oauth2/code/{registrationId}"));
    authenticationFilter.setServerAuthenticationConverter(
            new ServerOAuth2AuthorizationCodeAuthenticationTokenConverter(clientRegistrationRepository));
    authenticationFilter.setAuthenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler());
    authenticationFilter.setAuthenticationFailureHandler((exchange, ex) -> Mono.error(ex));
    authenticationFilter.setSecurityContextRepository(new WebSessionServerSecurityContextRepository());

    MediaTypeServerWebExchangeMatcher htmlMatcher = new MediaTypeServerWebExchangeMatcher(MediaType.TEXT_HTML);
    htmlMatcher.setIgnoredMediaTypes(Collections.singleton(MediaType.ALL));
    ServerAuthenticationEntryPoint entrypoint =
            new RedirectServerAuthenticationEntryPoint("/oauth2/authorization/" + amType.name());
    http.exceptionHandling().authenticationEntryPoint(new DelegateEntry(htmlMatcher, entrypoint).getEntryPoint());

    http.addFilterAt(authRequestRedirectFilter, SecurityWebFiltersOrder.HTTP_BASIC);
    http.addFilterAt(authenticationFilter, SecurityWebFiltersOrder.AUTHENTICATION);
}
 
Example #8
Source File: TokenRelayGatewayFilterFactoryTests.java    From spring-cloud-security with Apache License 2.0 5 votes vote down vote up
@Before
public void init() {
	repository = mock(ServerOAuth2AuthorizedClientRepository.class);
	request = MockServerHttpRequest.get("/hello").build();
	mockExchange = MockServerWebExchange.from(request);
	filterChain = mock(GatewayFilterChain.class);
	when(filterChain.filter(any(ServerWebExchange.class))).thenReturn(Mono.empty());
	filter = new TokenRelayGatewayFilterFactory(repository).apply();
}
 
Example #9
Source File: SecurityConfig.java    From spring-security-samples with MIT License 5 votes vote down vote up
@Bean
WebClient tokenAugmentingWebClient(final ReactiveClientRegistrationRepository clientRegistrationRepository,
								   final ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {
	return WebClient.builder()
		.filter(new ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrationRepository, authorizedClientRepository))
		.build();
}
 
Example #10
Source File: CredHubWebClientFactory.java    From spring-credhub with Apache License 2.0 5 votes vote down vote up
/**
 * Create a {@link WebClient} configured for communication with a CredHub server.
 * @param properties the CredHub connection properties
 * @param clientHttpConnector the {@link ClientHttpConnector} to use when creating new
 * connections
 * @param clientRegistrationRepository a repository of OAuth2 client registrations
 * @param authorizedClientRepository a repository of OAuth2 authorized clients
 * @return a configured {@link WebClient}
 */
static WebClient createWebClient(CredHubProperties properties, ClientHttpConnector clientHttpConnector,
		ReactiveClientRegistrationRepository clientRegistrationRepository,
		ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {
	ReactiveOAuth2AuthorizedClientProvider clientProvider = buildClientProvider(clientHttpConnector);

	DefaultReactiveOAuth2AuthorizedClientManager defaultClientManager = buildClientManager(
			clientRegistrationRepository, authorizedClientRepository, clientProvider);

	return createWebClient(properties, clientHttpConnector, defaultClientManager);
}
 
Example #11
Source File: ReactiveCredHubTemplate.java    From spring-credhub with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new {@link ReactiveCredHubTemplate} using the provided base URI and
 * {@link ClientHttpRequestFactory}.
 * @param credHubProperties connection properties for the CredHub server
 * @param clientHttpConnector the {@link ClientHttpConnector} to use when creating new
 * connections
 * @param clientRegistrationRepository a repository of OAuth2 client registrations
 * @param authorizedClientRepository a repository of authorized OAuth2 clients
 */
public ReactiveCredHubTemplate(CredHubProperties credHubProperties, ClientHttpConnector clientHttpConnector,
		ReactiveClientRegistrationRepository clientRegistrationRepository,
		ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {
	Assert.notNull(credHubProperties, "credHubProperties must not be null");
	Assert.notNull(clientHttpConnector, "clientHttpConnector must not be null");
	Assert.notNull(clientRegistrationRepository, "clientRegistrationRepository must not be null");
	Assert.notNull(authorizedClientRepository, "authorizedClientRepository must not be null");

	this.webClient = CredHubWebClientFactory.createWebClient(credHubProperties, clientHttpConnector,
			clientRegistrationRepository, authorizedClientRepository);
	this.usingOAuth2 = true;
}
 
Example #12
Source File: CredHubTemplateAutoConfigurationTests.java    From spring-credhub with Apache License 2.0 5 votes vote down vote up
@Test
public void credHubTemplatesConfiguredWithOAuth2AndCustomClientManager() {
	this.context.withPropertyValues("spring.credhub.url=https://localhost",
			"spring.credhub.oauth2.registration-id=credhub-client",

			"spring.security.oauth2.client.registration.credhub-client.provider=uaa",
			"spring.security.oauth2.client.registration.credhub-client.client-id=test-client",
			"spring.security.oauth2.client.registration.credhub-client.client-secret=test-secret",
			"spring.security.oauth2.client.registration.credhub-client.authorization-grant-type=client_credentials",
			"spring.security.oauth2.client.provider.uaa.token-uri=https://example.com/uaa/oauth/token")
			.withUserConfiguration(ClientManagerConfiguration.class).run((context) -> {
				assertThat(context).hasSingleBean(CredHubTemplate.class);
				assertThat(context).hasSingleBean(ClientRegistrationRepository.class);
				assertThat(context).hasSingleBean(OAuth2AuthorizedClientRepository.class);
				assertThat(context).hasSingleBean(AuthorizedClientServiceOAuth2AuthorizedClientManager.class);
				CredHubTemplate credHubTemplate = context.getBean(CredHubTemplate.class);
				assertThat(credHubTemplate.isUsingOAuth2()).isTrue();

				assertThat(context).hasSingleBean(ReactiveCredHubTemplate.class);
				assertThat(context).hasSingleBean(ReactiveClientRegistrationRepository.class);
				assertThat(context).hasSingleBean(ServerOAuth2AuthorizedClientRepository.class);
				assertThat(context)
						.hasSingleBean(AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager.class);
				ReactiveCredHubTemplate reactiveCredHubTemplate = context.getBean(ReactiveCredHubTemplate.class);
				assertThat(reactiveCredHubTemplate.isUsingOAuth2()).isTrue();
			});
}
 
Example #13
Source File: ReactiveCredHubTemplateConfiguration.java    From spring-credhub with Apache License 2.0 5 votes vote down vote up
/**
 * Create the {@link ReactiveCredHubTemplate} that the application will use to
 * interact with CredHub.
 * @param credHubProperties {@link CredHubProperties} for CredHub
 * @param clientOptions client connection options
 * @param clientRegistrationRepository a repository of OAuth2 client registrations
 * @param authorizedClientRepository a repository of OAuth2 authorized clients
 * @return the {@link CredHubTemplate} bean
 */
@Bean
@ConditionalOnMissingBean
ReactiveCredHubOperations reactiveCredHubTemplate(CredHubProperties credHubProperties,
		ClientOptions clientOptions, ReactiveClientRegistrationRepository clientRegistrationRepository,
		ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {

	return new CredHubTemplateFactory().reactiveCredHubTemplate(credHubProperties, clientOptions,
			clientRegistrationRepository, authorizedClientRepository);
}
 
Example #14
Source File: CredHubOAuth2AutoConfiguration.java    From spring-credhub with Apache License 2.0 5 votes vote down vote up
/**
 * Create a {@code ServerOAuth2AuthorizedClientRepository} bean for use with an
 * OAuth2-enabled {@code ReactiveCredHubTemplate}, to override the default provided by
 * {@link ReactiveOAuth2ClientAutoConfiguration}.
 * @return the {@code ServerOAuth2AuthorizedClientRepository}
 */
@Bean
@ConditionalOnMissingBean
@ConditionalOnClass(name = "org.springframework.web.reactive.function.client.WebClient")
public ServerOAuth2AuthorizedClientRepository credHubReactiveAuthorizedClientRepository() {
	return new UnAuthenticatedServerOAuth2AuthorizedClientRepository();
}
 
Example #15
Source File: TokenRelayGatewayFilterFactory.java    From spring-cloud-security with Apache License 2.0 4 votes vote down vote up
public TokenRelayGatewayFilterFactory(
		ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {
	super(Object.class);
	this.authorizedClientRepository = authorizedClientRepository;
}
 
Example #16
Source File: TokenRelayAutoConfiguration.java    From spring-cloud-security with Apache License 2.0 4 votes vote down vote up
@Bean
public TokenRelayGatewayFilterFactory tokenRelayGatewayFilterFactory(
		ServerOAuth2AuthorizedClientRepository repository) {
	return new TokenRelayGatewayFilterFactory(repository);
}
 
Example #17
Source File: CredHubTemplateFactory.java    From spring-credhub with Apache License 2.0 3 votes vote down vote up
/**
 * Create a {@link ReactiveCredHubTemplate} for interaction with a CredHub server
 * using OAuth2 for authentication.
 * @param credHubProperties connection properties
 * @param clientOptions connection options
 * @param clientRegistrationRepository a repository of OAuth2 client registrations
 * @param authorizedClientRepository a repository of OAuth2 client authorizations
 * @return a {@code ReactiveCredHubTemplate}
 */
public ReactiveCredHubOperations reactiveCredHubTemplate(CredHubProperties credHubProperties,
		ClientOptions clientOptions, ReactiveClientRegistrationRepository clientRegistrationRepository,
		ServerOAuth2AuthorizedClientRepository authorizedClientRepository) {
	return new ReactiveCredHubTemplate(credHubProperties, clientHttpConnector(clientOptions),
			clientRegistrationRepository, authorizedClientRepository);
}