//////////////////////////////////////////////
SecurityConfig.java
/**
-
@author Joe Grandja
*/
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
// @Formatter:off
@OverRide
public void configure(WebSecurity web) {
web.ignoring().antMatchers("/authorize/**");
}
// @Formatter:on
// @Formatter:off
@OverRide
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/", "/index.html", "/sign-in-widget-config").permitAll()
.antMatchers("/authorize").permitAll().antMatchers(HttpMethod.GET, "/authorize").permitAll().and()
.oauth2Client();
}
// @Formatter:on
// @Formatter:off
@bean
public UserDetailsService users() {
UserDetails user = User.withDefaultPasswordEncoder().username("user1").password("password").roles("USER")
.build();
return new InMemoryUserDetailsManager(user);
}
// @Formatter:on
}
////////////////// application.yml ////////////////////
security:
oauth2:
client:
registration:
ping-federate:
provider: ***********
client-id: im_oic_client
client-name: ***********
client-secret: 37dH9j3f8yhYnOE53ak1z1UxMnfU0h7BT7qI556wpe0Jajz7WGQRQEq4DD2F5coz
authorization-grant-type: implicit
redirect-uri: http://127.0.0.1:8080/authorize
scope: email,phone,profile
//////////////////////////////////////
///////////////////////////// authorization controller ////////////////////////////////////
/*
- Copyright 2012-2019 the original author or authors.
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
http://www.apache.org/licenses/LICENSE-2.0
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
*/
import static org.springframework.security.oauth2.client.web.reactive.function.client.ServletOAuth2AuthorizedClientExchangeFilterFunction.clientRegistrationId;
import java.util.Arrays;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.reactive.function.client.WebClient;
/**
-
@author Joe Grandja
*/
@controller
public class AuthorizationController {
@value("${messages.base-uri}")
private String messagesBaseUri;
@Autowired
private WebClient webClient;
@GetMapping(value = "/authorize")
public String authorization_code_grant(Model model) {
System.out.println("I AM HERE");
String[] messages = retrieveMessages("messaging-client-auth-code");
Arrays.asList(messages).forEach(p -> System.out.println(p));
model.addAttribute("messages", messages);
return "index";
}
// @GetMapping("/authorized") // registered redirect_uri for authorization_code
// public String authorized(Model model) {
// String[] messages = retrieveMessages("messaging-client-auth-code");
// model.addAttribute("messages", messages);
// return "index";
// }
//
// @GetMapping(value = "/authorize", params = "grant_type=client_credentials")
// public String client_credentials_grant(Model model) {
// String[] messages = retrieveMessages("messaging-client-client-creds");
// model.addAttribute("messages", messages);
// return "index";
// }
//
// @PostMapping(value = "/authorize", params = "grant_type=password")
// public String password_grant(Model model) {
// String[] messages = retrieveMessages("messaging-client-password");
// model.addAttribute("messages", messages);
// return "index";
// }
private String[] retrieveMessages(String clientRegistrationId) {
return this.webClient.get().uri(this.messagesBaseUri).attributes(clientRegistrationId(clientRegistrationId))
.retrieve().bodyToMono(String[].class).block();
}
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////