Java Code Examples for org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer#checkTokenAccess()
The following examples show how to use
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer#checkTokenAccess() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AuthSvrApplication.java From Spring5Tutorial with GNU Lesser General Public License v3.0 | 7 votes |
@Bean public AuthorizationServerConfigurer authorizationServerConfigurer( @Value("${client.web.name}") String clientName, @Value("${client.web.secret}") String clientSecret) { return new AuthorizationServerConfigurerAdapter() { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient(clientName) .secret(passwordEncoder.encode(clientSecret)) .scopes("account", "message", "email") .authorizedGrantTypes("client_credentials"); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.checkTokenAccess("isAuthenticated()"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.accessTokenConverter(accessTokenConverter()); } }; }
Example 2
Source File: AuthSvrApplication.java From Spring5Tutorial with GNU Lesser General Public License v3.0 | 6 votes |
@Bean public AuthorizationServerConfigurer authorizationServerConfigurer() { return new AuthorizationServerConfigurerAdapter() { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("memberclient") .secret(passwordEncoder.encode("memberclient12345678")) .scopes("message") .resourceIds("resource") .authorizedGrantTypes("password", "refresh_token"); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.checkTokenAccess("isAuthenticated()"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(webSecurityConfigurerAdapter.authenticationManagerBean()) .userDetailsService(webSecurityConfigurerAdapter.userDetailsServiceBean()); } }; }
Example 3
Source File: AuthSvrApplication.java From Spring5Tutorial with GNU Lesser General Public License v3.0 | 6 votes |
@Bean public AuthorizationServerConfigurer authorizationServerConfigurer() { return new AuthorizationServerConfigurerAdapter() { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("authcodeclient") .secret(passwordEncoder.encode("authcodeclient12345678")) .scopes("account", "message", "email") .resourceIds("resource") .authorizedGrantTypes("authorization_code", "refresh_token") .redirectUris("http://localhost:8082/HELLO"); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.checkTokenAccess("isAuthenticated()"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(webSecurityConfigurerAdapter.authenticationManagerBean()) .userDetailsService(webSecurityConfigurerAdapter.userDetailsServiceBean()); } }; }
Example 4
Source File: AuthSvrApplication.java From Spring5Tutorial with GNU Lesser General Public License v3.0 | 6 votes |
@Bean public AuthorizationServerConfigurer authorizationServerConfigurer() { return new AuthorizationServerConfigurerAdapter() { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("browserclient") .secret(passwordEncoder.encode("browserclient12345678")) .scopes("account", "message", "email") .resourceIds("resource") .authorizedGrantTypes("implicit") .redirectUris("http://localhost:8082/hello.html"); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.checkTokenAccess("isAuthenticated()"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(webSecurityConfigurerAdapter.authenticationManagerBean()) .userDetailsService(webSecurityConfigurerAdapter.userDetailsServiceBean()); } }; }
Example 5
Source File: AuthSvrApplication.java From Spring5Tutorial with GNU Lesser General Public License v3.0 | 6 votes |
@Bean public AuthorizationServerConfigurer authorizationServerConfigurer() { return new AuthorizationServerConfigurerAdapter() { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("webclient") .secret(passwordEncoder.encode("webclient12345678")) .scopes("account", "message", "email") .resourceIds("resource") .authorizedGrantTypes("client_credentials"); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.checkTokenAccess("isAuthenticated()"); } }; }
Example 6
Source File: AuthorizationServerConfiguration.java From onetwo with Apache License 2.0 | 5 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { // security.and().requestMatchers() AuthorizationServerProps authProps = oauth2Properties.getAuthorizationServer(); if(authProps.isAllowFormAuthenticationForClients()){ security.allowFormAuthenticationForClients(); //FIX: AuthorizationServerSecurityConfigurer创建form验证filter的时,没有使用配置的oauth2AuthenticationEntryPoint security.addObjectPostProcessor(new ClientCredentialsTokenEndpointFilterPostProcessor()); } if(authProps.isSslOnly()){ security.sslOnly(); } if(StringUtils.isNotBlank(authProps.getRealm())){ security.realm(authProps.getRealm()); } if(StringUtils.isNotBlank(authProps.getCheckTokenAccess())){ security.checkTokenAccess(authProps.getCheckTokenAccess()); } if(StringUtils.isNotBlank(authProps.getTokenKeyAccess())){ security.tokenKeyAccess(authProps.getTokenKeyAccess()); } if(oauth2AuthenticationEntryPoint!=null){ security.authenticationEntryPoint(oauth2AuthenticationEntryPoint); } if(oauth2AccessDeniedHandler!=null){ security.accessDeniedHandler(oauth2AccessDeniedHandler); } if(passwordEncoder!=null){ security.passwordEncoder(passwordEncoder); } }
Example 7
Source File: OAuth2AuthorizationServerConfiguration.java From spring-security-oauth2-boot with Apache License 2.0 | 5 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.passwordEncoder(NoOpPasswordEncoder.getInstance()); if (this.properties.getCheckTokenAccess() != null) { security.checkTokenAccess(this.properties.getCheckTokenAccess()); } if (this.properties.getTokenKeyAccess() != null) { security.tokenKeyAccess(this.properties.getTokenKeyAccess()); } if (this.properties.getRealm() != null) { security.realm(this.properties.getRealm()); } }
Example 8
Source File: AuthSvrApplication.java From Spring5Tutorial with GNU Lesser General Public License v3.0 | 5 votes |
@Bean public AuthorizationServerConfigurer authorizationServerConfigurer() { return new AuthorizationServerConfigurerAdapter() { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("authcodeclient") .secret(passwordEncoder.encode("authcodeclient12345678")) .scopes("account", "message", "email") .resourceIds("resource") .authorizedGrantTypes("authorization_code", "refresh_token") .redirectUris("http://localhost:8082/HELLO"); } @Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.checkTokenAccess("isAuthenticated()"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.accessTokenConverter(accessTokenConverter()) .authenticationManager(webSecurityConfigurerAdapter.authenticationManagerBean()) .userDetailsService(webSecurityConfigurerAdapter.userDetailsServiceBean()); } }; }
Example 9
Source File: AuthorizationServerConfig.java From java-tutorial with MIT License | 5 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) { security.allowFormAuthenticationForClients(); // 获取 token 的策略 security.tokenKeyAccess("permitAll()"); security.checkTokenAccess("isAuthenticated()"); }
Example 10
Source File: AuthorizationServerConfig.java From Spring with Apache License 2.0 | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) { security.checkTokenAccess("permitAll()"); }
Example 11
Source File: Oauth2AuthorizationServerConfig.java From spring-security-oauth2-demo with GNU General Public License v3.0 | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) { security .checkTokenAccess("isAuthenticated()"); }
Example 12
Source File: OAuth2Config.java From spring-cloud-study with Apache License 2.0 | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.allowFormAuthenticationForClients(); security.checkTokenAccess("isAuthenticated()"); security.tokenKeyAccess("isAuthenticated()"); }
Example 13
Source File: AuthorizationServerConfig.java From spring-security-oauth2-boot with Apache License 2.0 | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { // @formatter:off security.checkTokenAccess("isAuthenticated()"); // @formatter:on }
Example 14
Source File: OAuth2AuthorizationServer.java From OAuth-2.0-Cookbook with MIT License | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.checkTokenAccess("hasAuthority('introspection')"); }
Example 15
Source File: OAuth2AuthorizationServer.java From OAuth-2.0-Cookbook with MIT License | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.checkTokenAccess("hasAuthority('introspection')"); }
Example 16
Source File: AuthorizationServerConfiguration.java From demo-spring-boot-security-oauth2 with MIT License | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { oauthServer.tokenKeyAccess("isAnonymous() || hasAuthority('ROLE_TRUSTED_CLIENT')"); oauthServer.checkTokenAccess("hasAuthority('ROLE_TRUSTED_CLIENT')"); }
Example 17
Source File: OAuth2Config.java From spring-cloud-study with Apache License 2.0 | 4 votes |
@Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.allowFormAuthenticationForClients(); security.checkTokenAccess("isAuthenticated()"); security.tokenKeyAccess("isAuthenticated()"); }
Example 18
Source File: AuthorizationServerConfiguration.java From fw-spring-cloud with Apache License 2.0 | 2 votes |
/** * springSecurity 授权表达式, * * @param security * @throws Exception */ @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.tokenKeyAccess("permitAll()"); security.checkTokenAccess("isAuthenticated()"); }
Example 19
Source File: Oauth2AuthorizationServerConfig.java From spring-security-oauth2-demo with GNU General Public License v3.0 | 2 votes |
/** * 资源服务器所需,后面会讲 * 具体作用见本系列的第二篇文章授权服务器最后一部分 * 具体原因见本系列的第三篇文章资源服务器 * * @param security security */ @Override public void configure(AuthorizationServerSecurityConfigurer security) { security .checkTokenAccess("isAuthenticated()"); }
Example 20
Source File: Oauth2AuthorizationServerConfig.java From spring-security-oauth2-demo with GNU General Public License v3.0 | 2 votes |
/** * 资源服务器所需,后面会讲 * 具体作用见本系列的第二篇文章授权服务器最后一部分 * 具体原因见本系列的第三篇文章资源服务器 * * @param security security */ @Override public void configure(AuthorizationServerSecurityConfigurer security) { security .checkTokenAccess("isAuthenticated()"); }