org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer Java Examples

The following examples show how to use org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ResourceServerConfiguration.java    From onetwo with Apache License 2.0 6 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
	if(tokenStore!=null){
		resources.tokenStore(tokenStore);
	}
	String resourceId = oauth2Properties.getResourceServer().getResourceId();
	if(resourceId!=null){
		resources.resourceId(resourceId);//see OAuth2AuthenticationProcessingFilter#doFilter -> OAuth2AuthenticationManager#authenticate
	}
	if(oauth2AuthenticationEntryPoint!=null){
		resources.authenticationEntryPoint(oauth2AuthenticationEntryPoint);
	}
	if(oauth2AccessDeniedHandler!=null){
		resources.accessDeniedHandler(oauth2AccessDeniedHandler);
	}
}
 
Example #2
Source File: ResSvrApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
	return new ResourceServerConfigurer() {
		@Override
		public void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests().antMatchers("/hello").access("#oauth2.hasAnyScope('account', 'message', 'email')");
		}

		@Override
		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
			resources.resourceId("resource");
		}
	};
}
 
Example #3
Source File: ResourceServerConfig.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-base");
}
 
Example #4
Source File: ResourceServerConfig.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-article");
}
 
Example #5
Source File: CustomResourceServerConfiguration.java    From spring-microservice-boilerplate with MIT License 5 votes vote down vote up
/**
 * Resource of api
 *
 * @return {@link ResourceServerConfiguration}
 */
@Bean protected ResourceServerConfiguration adminResources() {

  ResourceServerConfiguration resource = new ResourceServerConfiguration() {
    // Switch off the Spring Boot @Autowired configurers
    public void setConfigurers(List<ResourceServerConfigurer> configurers) {
      super.setConfigurers(configurers);
    }
  };

  resource.setConfigurers(Collections.singletonList(new ResourceServerConfigurerAdapter() {

    @Override public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
      resources.resourceId(RESOURCE_ID);
    }

    @Override public void configure(HttpSecurity http) throws Exception {
      http
          .csrf().disable()
          .authorizeRequests()
          .antMatchers(OPEN_URL).permitAll()
          .antMatchers(MANAGEMENT_URL).hasAnyAuthority("root", "management")
          .antMatchers(APP_URL).hasAnyAuthority("root", "management", "app");
    }
  }));

  resource.setOrder(1);

  return resource;
}
 
Example #6
Source File: OAuth2ResourceServerConfig.java    From spring-boot-demo with MIT License 5 votes vote down vote up
@Override
  public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
    defaultTokenServices.setTokenStore(tokenStore());
    resources.tokenServices(defaultTokenServices);
//    resources.tokenStore(tokenStore());
  }
 
Example #7
Source File: BaseResourceServerConfigurerAdapter.java    From smaker with GNU Lesser General Public License v3.0 5 votes vote down vote up
/**
 * 不获取用户详细 只有用户名
 *
 * @param resources
 */
protected void notGetUser(ResourceServerSecurityConfigurer resources) {
	DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
	DefaultUserAuthenticationConverter userTokenConverter = new DefaultUserAuthenticationConverter();
	accessTokenConverter.setUserTokenConverter(userTokenConverter);

	remoteTokenServices.setRestTemplate(lbRestTemplate());
	remoteTokenServices.setAccessTokenConverter(accessTokenConverter);
	resources.authenticationEntryPoint(resourceAuthExceptionEntryPoint)
		.accessDeniedHandler(AccessDeniedHandler)
		.tokenServices(remoteTokenServices);
}
 
Example #8
Source File: RestApiSecurityConfig.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
/**
 * {@inheritDoc}
 */
@Override
public void configure(final ResourceServerSecurityConfigurer config) {
	config
		.tokenServices(tokenServices())
		.resourceId(configProps.getRequiredAudience());
}
 
Example #9
Source File: DefaultResourceServerConf.java    From microservices-platform with Apache License 2.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
    resources.tokenStore(tokenStore)
            .stateless(true)
            .authenticationEntryPoint(authenticationEntryPoint)
            .expressionHandler(expressionHandler)
            .accessDeniedHandler(oAuth2AccessDeniedHandler);
}
 
Example #10
Source File: ResourceServerConfig.java    From springcloud-oauth2 with MIT License 5 votes vote down vote up
/**
 * 这个是跟服务绑定的,注意要跟client配置一致,如果客户端没有,则不能访问
 * @param resources
 * @throws Exception
 */
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId(RESOURCE_ID).stateless(true);
    userInfoTokenServices.setPrincipalExtractor(principalExtractor());
    // 配置了user-info-uri默认使用的就是userInfoTokenServices,这个这么配置只是为了设置principalExtractor
    resources.tokenServices(userInfoTokenServices);
}
 
Example #11
Source File: SophiaResourceServerConfig.java    From sophia_scaffolding with Apache License 2.0 5 votes vote down vote up
@Override
@CrossOrigin
public void configure(ResourceServerSecurityConfigurer resources) {
    // String resourceIds = publicMapper.getResourceIdsByClientId(clientId);
    // //设置客户端所能访问的资源id集合(默认取第一个是本服务的资源)
    // resources.resourceId(resourceIds.split(",")[0]).stateless(true);
    // resources.resourceId("admin").stateless(true);
    resources
            .tokenStore(tokenStore())
            //自定义Token异常信息,用于token校验失败返回信息
            .authenticationEntryPoint(new MyAuthExceptionEntryPoint())
            //授权异常处理
            .accessDeniedHandler(new MyAccessDeniedHandler());
}
 
Example #12
Source File: SophiaResourceServerConfig.java    From sophia_scaffolding with Apache License 2.0 5 votes vote down vote up
@Override
@CrossOrigin
public void configure(ResourceServerSecurityConfigurer resources) {
    // String resourceIds = publicMapper.getResourceIdsByClientId(clientId);
    // //设置客户端所能访问的资源id集合(默认取第一个是本服务的资源)
    // resources.resourceId(resourceIds.split(",")[0]).stateless(true);
    // resources.resourceId("admin").stateless(true);
    resources
            .tokenStore(tokenStore())
            //自定义Token异常信息,用于token校验失败返回信息
            .authenticationEntryPoint(new MyAuthExceptionEntryPoint())
            //授权异常处理
            .accessDeniedHandler(new MyAccessDeniedHandler());
}
 
Example #13
Source File: SophiaResourceServerConfig.java    From sophia_scaffolding with Apache License 2.0 5 votes vote down vote up
@Override
@CrossOrigin
public void configure(ResourceServerSecurityConfigurer resources) {
    // String resourceIds = publicMapper.getResourceIdsByClientId(clientId);
    // //设置客户端所能访问的资源id集合(默认取第一个是本服务的资源)
    // resources.resourceId(resourceIds.split(",")[0]).stateless(true);
    // resources.resourceId("admin").stateless(true);
    resources
            .tokenStore(tokenStore())
            //自定义Token异常信息,用于token校验失败返回信息
            .authenticationEntryPoint(new MyAuthExceptionEntryPoint())
            //授权异常处理
            .accessDeniedHandler(new MyAccessDeniedHandler());
}
 
Example #14
Source File: ResourceServerConfig.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-article");
}
 
Example #15
Source File: ResourceServerConfig.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-user");
}
 
Example #16
Source File: MsgApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
    return new ResourceServerConfigurer() {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                .anyRequest().access("#oauth2.hasScope('message')");
        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.tokenStore(tokenStore());
        }
    };
}
 
Example #17
Source File: AcctApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
    return new ResourceServerConfigurer() {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                .anyRequest().access("#oauth2.hasScope('account')");
        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.tokenStore(tokenStore());
        }
    };
}
 
Example #18
Source File: EmailApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
    return new ResourceServerConfigurer() {
        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.authorizeRequests()
                .anyRequest().access("#oauth2.hasScope('email')");
        }

        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.tokenStore(tokenStore());
        }
    };
}
 
Example #19
Source File: ResSvrApplication.java    From Spring5Tutorial with GNU Lesser General Public License v3.0 5 votes vote down vote up
@Bean
public ResourceServerConfigurer resourceServerConfigurer() {
	return new ResourceServerConfigurer() {
		@Override
		public void configure(HttpSecurity http) throws Exception {
			http.authorizeRequests().antMatchers("/hello").access("#oauth2.hasAnyScope('account', 'message', 'email')");
		}

		@Override
		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
			resources.resourceId("resource");
		}
	};
}
 
Example #20
Source File: ResourceServerConfig.java    From lion with Apache License 2.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources
            /**
             * redis 存储有状态方式
             */
            .tokenStore(new RedisTokenStore(redisConnectionFactory))
            /**
             * jwt 无状态方式
             */
            //.tokenStore(new JwtTokenStore(accessTokenConverter()));
            //.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
            .authenticationEntryPoint(new CustomAuthenticationEntryPoint())
            .accessDeniedHandler(new CustomAccessDeniedHandler());
}
 
Example #21
Source File: OAuth2ResourceServerConfiguration.java    From spring-cloud-shop with MIT License 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {

    resources
            .tokenServices(tokenServices())
            .resourceId("users-info");
}
 
Example #22
Source File: OAuth2ResourceServer.java    From OAuth-2.0-Cookbook with MIT License 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.tokenExtractor(new PoPTokenExtractor(new BearerTokenExtractor()));
    OAuth2AuthenticationManager oauth = new OAuth2AuthenticationManager();
    oauth.setTokenServices(tokenServices());
    resources.authenticationManager(new PoPAuthenticationManager(oauth));
}
 
Example #23
Source File: SecurityConfiguration.java    From nakadi with MIT License 5 votes vote down vote up
@Override
public void configure(final ResourceServerSecurityConfigurer resources) throws Exception {
    final OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
    oAuth2AuthenticationEntryPoint.setExceptionRenderer(new ProblemOauthExceptionRenderer());
    resources.authenticationEntryPoint(oAuth2AuthenticationEntryPoint);
    resources.tokenServices(tokenServices);
    resources.expressionHandler(new ExtendedOAuth2WebSecurityExpressionHandler());
    final OAuth2AccessDeniedHandler oAuth2AccessDeniedHandler = new OAuth2AccessDeniedHandler();
    oAuth2AccessDeniedHandler.setExceptionRenderer(new ProblemOauthExceptionRenderer());
    resources.accessDeniedHandler(oAuth2AccessDeniedHandler);
}
 
Example #24
Source File: ResourceServerConfig.java    From codeway_service with GNU General Public License v3.0 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resourceServerSecurityConfigurer) {
    resourceServerSecurityConfigurer
            .tokenStore(tokenStore())
            .authenticationEntryPoint(customAuthenticationEntryPoint)
            .accessDeniedHandler(customAccessDeniedHandler)
            .resourceId("service-user");
}
 
Example #25
Source File: ResourceServerConfiguration.java    From demo-spring-boot-security-oauth2 with MIT License 5 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
	// @formatter:off
	resources.resourceId(resourceId);
	resources.tokenServices(defaultTokenServices());
	// @formatter:on
}
 
Example #26
Source File: ResourceServerConfig.java    From java-tutorial with MIT License 4 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId("test-api");
    super.configure(resources);
}
 
Example #27
Source File: UaaConfiguration.java    From tutorials with MIT License 4 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId("jhipster-uaa").tokenStore(tokenStore);
}
 
Example #28
Source File: ResourceServerConfig.java    From springboot-vue.js-bbs with Apache License 2.0 4 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer config) {
    config.resourceId(resourceId);
}
 
Example #29
Source File: Oauth2AuthorizationServerApplication.java    From spring-oauth2-jwt-jdbc with MIT License 4 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources)
        throws Exception {
    resources.tokenStore(tokenStore);
}
 
Example #30
Source File: ResourceServerConfig.java    From incubator-wikift with Apache License 2.0 4 votes vote down vote up
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
    resources.resourceId(AuthorizationSupport.RESOURCE_ID).tokenServices(tokenServices);
}