Auto-configure Spring Security OAuth2 when detected on the classpath
* Automatically spin up Authorization Server and Resource Server * Automatically configures method level security included OAuth2Expression handler * Wrote extensive unit tests verifying default behavior as well as the auto-configuration backing off when custom Authorization/Resource servers are included * Created org.springframework.boot.security.oauth2 subpackage to contain it * Can also disable either resource of authorization server completely with a single property for each * Print out the auto-generated secrets and other settings * Added spring-boot-sample-secure-oauth2 to provide a sample that can be run and poked with curl as well as some automated tests. * Make users ask for which servers to install by adding @Enable* * User has to @EnableGlobalMethodSecurity instead of using properties files Add Spring Security OAuth2 support to Spring Boot CLI * Triggered from either @EnableAuthorizationServer or @EnableResourceServer * Needs to have @EnableGlobalMethodSecurity to allow picking the annotation model. * By default, comes with import support for @PreAuthorize, @PreFilter, @PostAuthorize, and @PostFilter via a single start import * Also need import support for the enable annotations mentioned above. * Added extra test case and sample (oauth2.groovy)
This commit is contained in:
committed by
Dave Syer
parent
dbc538d054
commit
53f67a448f
@@ -0,0 +1,58 @@
|
||||
/*
|
||||
<<<<<<< HEAD
|
||||
* Copyright 2012-2014 the original author or authors.
|
||||
=======
|
||||
* Copyright 2012-2013 the original author or authors.
|
||||
>>>>>>> 12b17e3... Add Spring Security OAuth2 support to Spring Boot CLI
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package org.springframework.boot.cli.compiler.autoconfigure;
|
||||
|
||||
import org.codehaus.groovy.ast.ClassNode;
|
||||
import org.codehaus.groovy.control.CompilationFailedException;
|
||||
import org.codehaus.groovy.control.customizers.ImportCustomizer;
|
||||
import org.springframework.boot.cli.compiler.AstUtils;
|
||||
import org.springframework.boot.cli.compiler.CompilerAutoConfiguration;
|
||||
import org.springframework.boot.cli.compiler.DependencyCustomizer;
|
||||
|
||||
/**
|
||||
* {@link CompilerAutoConfiguration} for Spring Security OAuth2.
|
||||
*
|
||||
* @author Greg Turnquist
|
||||
*/
|
||||
public class SpringSecurityOAuth2CompilerAutoConfiguration extends CompilerAutoConfiguration {
|
||||
|
||||
@Override
|
||||
public boolean matches(ClassNode classNode) {
|
||||
return AstUtils.hasAtLeastOneAnnotation(classNode,
|
||||
"EnableAuthorizationServer", "EnableResourceServer");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void applyDependencies(DependencyCustomizer dependencies) throws CompilationFailedException {
|
||||
dependencies.add("spring-security-oauth2").add("spring-boot-starter-web")
|
||||
.add("spring-boot-starter-security");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void applyImports(ImportCustomizer imports) throws CompilationFailedException {
|
||||
imports
|
||||
.addImports(
|
||||
"org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity")
|
||||
.addStarImports(
|
||||
"org.springframework.security.oauth2.config.annotation.web.configuration",
|
||||
"org.springframework.security.access.prepost");
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user