Java Code Examples for org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer

The following examples show how to use org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer. These examples are extracted from open source projects. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source Project: onetwo   Source File: ResourceServerConfiguration.java    License: Apache License 2.0 6 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
	if(tokenStore!=null){
		resources.tokenStore(tokenStore);
	}
	String resourceId = oauth2Properties.getResourceServer().getResourceId();
	if(resourceId!=null){
		resources.resourceId(resourceId);//see OAuth2AuthenticationProcessingFilter#doFilter -> OAuth2AuthenticationManager#authenticate
	}
	if(oauth2AuthenticationEntryPoint!=null){
		resources.authenticationEntryPoint(oauth2AuthenticationEntryPoint);
	}
	if(oauth2AccessDeniedHandler!=null){
		resources.accessDeniedHandler(oauth2AccessDeniedHandler);
	}
}
 
Example 2
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-article");
}
 
Example 3
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-user");
}
 
Example 4
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-base");
}
 
Example 5
/**
 * {@inheritDoc}
 */
@Override
public void configure(final ResourceServerSecurityConfigurer config) {
	config
		.tokenServices(tokenServices())
		.resourceId(configProps.getRequiredAudience());
}
 
Example 6
/**
 * Resource of api
 *
 * @return {@link ResourceServerConfiguration}
 */
@Bean protected ResourceServerConfiguration adminResources() {

  ResourceServerConfiguration resource = new ResourceServerConfiguration() {
    // Switch off the Spring Boot @Autowired configurers
    public void setConfigurers(List<ResourceServerConfigurer> configurers) {
      super.setConfigurers(configurers);
    }
  };

  resource.setConfigurers(Collections.singletonList(new ResourceServerConfigurerAdapter() {

    @Override public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
      resources.resourceId(RESOURCE_ID);
    }

    @Override public void configure(HttpSecurity http) throws Exception {
      http
          .csrf().disable()
          .authorizeRequests()
          .antMatchers(OPEN_URL).permitAll()
          .antMatchers(MANAGEMENT_URL).hasAnyAuthority("root", "management")
          .antMatchers(APP_URL).hasAnyAuthority("root", "management", "app");
    }
  }));

  resource.setOrder(1);

  return resource;
}
 
Example 7
/**
 * 不获取用户详细 只有用户名
 *
 * @param resources
 */
protected void notGetUser(ResourceServerSecurityConfigurer resources) {
	DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
	DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
	accessTokenConverter.setUserTokenConverter(userTokenConverter);

	remoteTokenServices.setRestTemplate(lbRestTemplate());
	remoteTokenServices.setAccessTokenConverter(accessTokenConverter);
	resources.authenticationEntryPoint(resourceAuthExceptionEntryPoint)
		.accessDeniedHandler(AccessDeniedHandler)
		.tokenServices(remoteTokenServices);
}
 
Example 8
Source Project: spring-boot-demo   Source File: OAuth2ResourceServerConfig.java    License: MIT License 5 votes vote down vote up
@Override
  public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
    defaultTokenServices.setTokenStore(tokenStore());
    resources.tokenServices(defaultTokenServices);
//    resources.tokenStore(tokenStore());
  }
 
Example 9
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
    resources.tokenStore(tokenStore)
            .stateless(true)
            .authenticationEntryPoint(authenticationEntryPoint)
            .expressionHandler(expressionHandler)
            .accessDeniedHandler(oAuth2AccessDeniedHandler);
}
 
Example 10
Source Project: springcloud-oauth2   Source File: ResourceServerConfig.java    License: MIT License 5 votes vote down vote up
/**
 * 这个是跟服务绑定的,注意要跟client配置一致,如果客户端没有,则不能访问
 * @param resources
 * @throws Exception
 */
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId(RESOURCE_ID).stateless(true);
    userInfoTokenServices.setPrincipalExtractor(principalExtractor());
    // 配置了user-info-uri默认使用的就是userInfoTokenServices,这个这么配置只是为了设置principalExtractor
    resources.tokenServices(userInfoTokenServices);
}
 
Example 11
@Override
@CrossOrigin
public void configure(ResourceServerSecurityConfigurer resources) {
    // String resourceIds = publicMapper.getResourceIdsByClientId(clientId);
    // //设置客户端所能访问的资源id集合(默认取第一个是本服务的资源)
    // resources.resourceId(resourceIds.split(",")[0]).stateless(true);
    // resources.resourceId("admin").stateless(true);
    resources
            .tokenStore(tokenStore())
            //自定义Token异常信息,用于token校验失败返回信息
            .authenticationEntryPoint(new MyAuthExceptionEntryPoint())
            //授权异常处理
            .accessDeniedHandler(new MyAccessDeniedHandler());
}
 
Example 12
@Override
@CrossOrigin
public void configure(ResourceServerSecurityConfigurer resources) {
    // String resourceIds = publicMapper.getResourceIdsByClientId(clientId);
    // //设置客户端所能访问的资源id集合(默认取第一个是本服务的资源)
    // resources.resourceId(resourceIds.split(",")[0]).stateless(true);
    // resources.resourceId("admin").stateless(true);
    resources
            .tokenStore(tokenStore())
            //自定义Token异常信息,用于token校验失败返回信息
            .authenticationEntryPoint(new MyAuthExceptionEntryPoint())
            //授权异常处理
            .accessDeniedHandler(new MyAccessDeniedHandler());
}
 
Example 13
@Override
@CrossOrigin
public void configure(ResourceServerSecurityConfigurer resources) {
    // String resourceIds = publicMapper.getResourceIdsByClientId(clientId);
    // //设置客户端所能访问的资源id集合(默认取第一个是本服务的资源)
    // resources.resourceId(resourceIds.split(",")[0]).stateless(true);
    // resources.resourceId("admin").stateless(true);
    resources
            .tokenStore(tokenStore())
            //自定义Token异常信息,用于token校验失败返回信息
            .authenticationEntryPoint(new MyAuthExceptionEntryPoint())
            //授权异常处理
            .accessDeniedHandler(new MyAccessDeniedHandler());
}
 
Example 14
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
	// @formatter:off
	resources.resourceId(resourceId);
	resources.tokenServices(defaultTokenServices());
	// @formatter:on
}
 
Example 15
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-article");
}
 
Example 16
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-user");
}
 
Example 17
Source Project: nakadi   Source File: SecurityConfiguration.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(final ResourceServerSecurityConfigurer resources) throws Exception {
    final OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
    oAuth2AuthenticationEntryPoint.setExceptionRenderer(new ProblemOauthExceptionRenderer());
    resources.authenticationEntryPoint(oAuth2AuthenticationEntryPoint);
    resources.tokenServices(tokenServices);
    resources.expressionHandler(new ExtendedOAuth2WebSecurityExpressionHandler());
    final OAuth2AccessDeniedHandler oAuth2AccessDeniedHandler = new OAuth2AccessDeniedHandler();
    oAuth2AccessDeniedHandler.setExceptionRenderer(new ProblemOauthExceptionRenderer());
    resources.accessDeniedHandler(oAuth2AccessDeniedHandler);
}
 
Example 18
Source Project: OAuth-2.0-Cookbook   Source File: OAuth2ResourceServer.java    License: MIT License 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.tokenExtractor(new PoPTokenExtractor(new BearerTokenExtractor()));
    OAuth2AuthenticationManager oauth = new OAuth2AuthenticationManager();
    oauth.setTokenServices(tokenServices());
    resources.authenticationManager(new PoPAuthenticationManager(oauth));
}
 
Example 19
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {

    resources
            .tokenServices(tokenServices())
            .resourceId("users-info");
}
 
Example 20
Source Project: lion   Source File: ResourceServerConfig.java    License: Apache License 2.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources
            /**
             * redis 存储有状态方式
             */
            .tokenStore(new RedisTokenStore(redisConnectionFactory))
            /**
             * jwt 无状态方式
             */
            //.tokenStore(new JwtTokenStore(accessTokenConverter()));
            //.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
            .authenticationEntryPoint(new CustomAuthenticationEntryPoint())
            .accessDeniedHandler(new CustomAccessDeniedHandler());
}
 
Example 21
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
	return new ResourceServerConfigurer() {
		@Override
		public void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests().antMatchers("/hello").access("#oauth2.hasAnyScope('account', 'message', 'email')");
		}

		@Override
		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
			resources.resourceId("resource");
		}
	};
}
 
Example 22
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
    return new ResourceServerConfigurer() {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                .anyRequest().access("#oauth2.hasScope('email')");
        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.tokenStore(tokenStore());
        }
    };
}
 
Example 23
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
    return new ResourceServerConfigurer() {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                .anyRequest().access("#oauth2.hasScope('account')");
        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.tokenStore(tokenStore());
        }
    };
}
 
Example 24
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
    return new ResourceServerConfigurer() {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                .anyRequest().access("#oauth2.hasScope('message')");
        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.tokenStore(tokenStore());
        }
    };
}
 
Example 25
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
	return new ResourceServerConfigurer() {
		@Override
		public void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests().antMatchers("/hello").access("#oauth2.hasAnyScope('account', 'message', 'email')");
		}

		@Override
		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
			resources.resourceId("resource");
		}
	};
}
 
Example 26
Source Project: fullstop   Source File: OAuth2Configuration.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void configure(final ResourceServerSecurityConfigurer resources) throws Exception {
    // add support for #oauth2.hasUidScopeAndAnyRealm() expressions
    resources
            .expressionHandler(new ExtendedOAuth2WebSecurityExpressionHandler());
}
 
Example 27
@Override
public void configure(ResourceServerSecurityConfigurer resources)
        throws Exception {
    resources.tokenStore(tokenStore);
}
 
Example 28
Source Project: incubator-wikift   Source File: ResourceServerConfig.java    License: Apache License 2.0 4 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId(AuthorizationSupport.RESOURCE_ID).tokenServices(tokenServices);
}
 
Example 29
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId(apiBootOauthProperties.getResourceId());
}
 
Example 30
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    // 配置资源 ID
    resources.resourceId("backend-resources");
}