From cc0e6f0d33ac4d32013125932cf64bc3ff0357c1 Mon Sep 17 00:00:00 2001 From: Steve Riesenberg <5248162+sjohnr@users.noreply.github.com> Date: Tue, 30 Jul 2024 11:35:22 -0500 Subject: [PATCH] Add sample for OAuth2 RestClient interceptor Closes gh-294 --- README.adoc | 2 + .../src/main/resources/application.yml | 30 ++- .../resource-server/restclient/build.gradle | 24 ++ .../restclient/gradle.properties | 4 + .../restclient/gradle/libs.versions.toml | 11 + .../gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 61624 bytes .../gradle/wrapper/gradle-wrapper.properties | 6 + .../oauth2/resource-server/restclient/gradlew | 244 ++++++++++++++++++ .../resource-server/restclient/gradlew.bat | 92 +++++++ .../restclient/settings.gradle | 8 + .../main/java/example/MessagesController.java | 40 +++ .../OAuth2ResourceServerApplication.java | 34 +++ .../java/example/SecurityConfiguration.java | 52 ++++ .../src/main/resources/application.yml | 13 + .../java/oauth2/restclient/README.adoc | 66 +++++ .../java/oauth2/restclient/build.gradle | 28 ++ .../java/oauth2/restclient/gradle.properties | 4 + .../restclient/gradle/libs.versions.toml | 11 + .../gradle/wrapper/gradle-wrapper.jar | Bin 0 -> 61624 bytes .../gradle/wrapper/gradle-wrapper.properties | 6 + .../java/oauth2/restclient/gradlew | 244 ++++++++++++++++++ .../java/oauth2/restclient/gradlew.bat | 92 +++++++ .../java/oauth2/restclient/settings.gradle | 8 + .../java/example/ClassPathDispatcher.java | 65 +++++ .../OAuth2RestClientApplicationITests.java | 181 +++++++++++++ ...ntRegistrationIdResolverConfiguration.java | 150 +++++++++++ .../main/java/example/IndexController.java | 35 +++ .../example/OAuth2RestClientApplication.java | 34 +++ .../java/example/RestClientConfiguration.java | 73 ++++++ .../java/example/RestClientController.java | 62 +++++ .../java/example/SecurityConfiguration.java | 65 +++++ .../src/main/resources/application-test.yml | 10 + .../src/main/resources/application.yml | 64 +++++ .../src/main/resources/templates/index.html | 33 +++ .../main/resources/templates/messages.html | 33 +++ .../.well-known/openid-configuration.json | 58 +++++ .../test/resources/responses/messages.json | 8 + settings.gradle | 2 + 38 files changed, 1891 insertions(+), 1 deletion(-) create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/build.gradle create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/gradle.properties create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/libs.versions.toml create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/wrapper/gradle-wrapper.jar create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/wrapper/gradle-wrapper.properties create mode 100755 servlet/spring-boot/java/oauth2/resource-server/restclient/gradlew create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/gradlew.bat create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/settings.gradle create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/src/main/java/example/MessagesController.java create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/src/main/java/example/OAuth2ResourceServerApplication.java create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/src/main/java/example/SecurityConfiguration.java create mode 100644 servlet/spring-boot/java/oauth2/resource-server/restclient/src/main/resources/application.yml create mode 100644 servlet/spring-boot/java/oauth2/restclient/README.adoc create mode 100644 servlet/spring-boot/java/oauth2/restclient/build.gradle create mode 100644 servlet/spring-boot/java/oauth2/restclient/gradle.properties create mode 100644 servlet/spring-boot/java/oauth2/restclient/gradle/libs.versions.toml create mode 100644 servlet/spring-boot/java/oauth2/restclient/gradle/wrapper/gradle-wrapper.jar create mode 100644 servlet/spring-boot/java/oauth2/restclient/gradle/wrapper/gradle-wrapper.properties create mode 100755 servlet/spring-boot/java/oauth2/restclient/gradlew create mode 100644 servlet/spring-boot/java/oauth2/restclient/gradlew.bat create mode 100644 servlet/spring-boot/java/oauth2/restclient/settings.gradle create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/integTest/java/example/ClassPathDispatcher.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/integTest/java/example/OAuth2RestClientApplicationITests.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/java/example/ClientRegistrationIdResolverConfiguration.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/java/example/IndexController.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/java/example/OAuth2RestClientApplication.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/java/example/RestClientConfiguration.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/java/example/RestClientController.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/java/example/SecurityConfiguration.java create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/resources/application-test.yml create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/resources/application.yml create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/resources/templates/index.html create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/main/resources/templates/messages.html create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/test/resources/responses/.well-known/openid-configuration.json create mode 100644 servlet/spring-boot/java/oauth2/restclient/src/test/resources/responses/messages.json diff --git a/README.adoc b/README.adoc index eeb122c..471ff1a 100644 --- a/README.adoc +++ b/README.adoc @@ -40,6 +40,8 @@ Samples for https://github.com/spring-projects/spring-security ** https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/resource-server/static[Static] +* RestClient - https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/restclient[Spring Boot] + * WebClient - https://github.com/spring-projects/spring-security-samples/tree/main/servlet/spring-boot/java/oauth2/webclient[Spring Boot] | https://github.com/spring-projects/spring-security-samples/tree/main/reactive/webflux/java/oauth2/webclient[WebFlux] === SAML 2.0 diff --git a/servlet/spring-boot/java/oauth2/authorization-server/src/main/resources/application.yml b/servlet/spring-boot/java/oauth2/authorization-server/src/main/resources/application.yml index 0a8596b..cd8dad8 100644 --- a/servlet/spring-boot/java/oauth2/authorization-server/src/main/resources/application.yml +++ b/servlet/spring-boot/java/oauth2/authorization-server/src/main/resources/application.yml @@ -1,6 +1,11 @@ server: port: 9000 +logging: + level: + org.springframework.security: trace + + spring: security: user: @@ -28,6 +33,24 @@ spring: - "openid" - "profile" require-authorization-consent: true + login-client-with-messaging: + registration: + client-id: "login-client-with-messaging" + client-secret: "{noop}with-messages" + client-authentication-methods: + - "client_secret_basic" + authorization-grant-types: + - "authorization_code" + - "refresh_token" + redirect-uris: + - "http://127.0.0.1:8080/login/oauth2/code/login-client-with-messaging" + - "http://127.0.0.1:8080/authorized" + scopes: + - "openid" + - "profile" + - "message:read" + - "message:write" + require-authorization-consent: true messaging-client: registration: client-id: "messaging-client" @@ -35,7 +58,12 @@ spring: client-authentication-methods: - "client_secret_basic" authorization-grant-types: + - "authorization_code" + - "refresh_token" - "client_credentials" + redirect-uris: + - "http://127.0.0.1:8080/authorized" scopes: - "message:read" - - "message:write" \ No newline at end of file + - "message:write" + require-authorization-consent: true \ No newline at end of file diff --git a/servlet/spring-boot/java/oauth2/resource-server/restclient/build.gradle b/servlet/spring-boot/java/oauth2/resource-server/restclient/build.gradle new file mode 100644 index 0000000..10e7d2e --- /dev/null +++ b/servlet/spring-boot/java/oauth2/resource-server/restclient/build.gradle @@ -0,0 +1,24 @@ +plugins { + alias(libs.plugins.org.springframework.boot) + alias(libs.plugins.io.spring.dependency.management) + id 'java' +} + +repositories { + mavenCentral() + maven { url "https://repo.spring.io/milestone" } + maven { url "https://repo.spring.io/snapshot" } +} + + +dependencies { + implementation 'org.springframework.boot:spring-boot-starter-oauth2-resource-server' + implementation 'org.springframework.boot:spring-boot-starter-web' + + testImplementation 'org.springframework.boot:spring-boot-starter-test' + testImplementation 'org.springframework.security:spring-security-test' +} + +tasks.withType(Test).configureEach { + useJUnitPlatform() +} diff --git a/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle.properties b/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle.properties new file mode 100644 index 0000000..9676187 --- /dev/null +++ b/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle.properties @@ -0,0 +1,4 @@ +version=6.1.1 +spring-security.version=6.4.0-SNAPSHOT +org.gradle.jvmargs=-Xmx6g -XX:+HeapDumpOnOutOfMemoryError +org.gradle.caching=true diff --git a/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/libs.versions.toml b/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/libs.versions.toml new file mode 100644 index 0000000..c3e4142 --- /dev/null +++ b/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/libs.versions.toml @@ -0,0 +1,11 @@ +[versions] +org-springframework-boot = "3.4.0-SNAPSHOT" + +[libraries] +org-springframework-spring-framework-bom = "org.springframework:spring-framework-bom:6.2.0-M6" +org-springframework-security-spring-security-bom = "org.springframework.security:spring-security-bom:6.4.0-SNAPSHOT" +org-springframework-data-spring-data-bom = "org.springframework.data:spring-data-bom:2024.0.2" + +[plugins] +io-spring-dependency-management = { id = "io.spring.dependency-management", version = "1.1.6" } +org-springframework-boot = { id = "org.springframework.boot", version.ref = "org-springframework-boot" } diff --git a/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/wrapper/gradle-wrapper.jar b/servlet/spring-boot/java/oauth2/resource-server/restclient/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000000000000000000000000000000000000..afba109285af78dbd2a1d187e33ac4f87c76e392 GIT binary patch literal 61624 zcmb6AV{~QRwml9f72CFLyJFk6ZKq;e729@pY}>YNR8p1vbMJH7ubt
YH!Z*ZaR%>WTVy8-(^h5J^1%NZ$@&_ZQ)3AeHlhL~=X9=fKPzFbZ;~cS**=W-LF1
z5 Tiw!%~BbKaQ-CH-WP{;L@H#X67rg0#de7L) o#dZ2x)FIpgN1_;Qkub&0t{cSRAUztxc6NH>Nwm4yR{(T>0x9%%VeU&<&n6^vFvZ{>V3RYJ_kC9zN(M(`
zp?1PHN>f!-aLgvsbIp*oTZv4yWsXM2Q=C}>t7V(iX*N8{aoWphUJ^(n3k`pncUt&`
ze+sYjo)>>=I?>X}1B*ZrxYu`|WD0J&RIb
pn%E-l3(CQVEaOaFyA;NaMgh54a(U#BohL*&j1%qNO-i{cIoc
zuH3AmH+>Qr__0U2f~HQ0C|zq9S9un
JHY6p(JVd4y?Pd9J5Ga7a{PYLR95ow
zm?GnAxhr8H+qG_2xB3ZIFl4Hm&RCud(4esNgT!cOiJZz*Tbr=enkZ~eP3#=Ktv21f
zX``RkOCJX_f5eyL!!_6!oNR_;3NzSC6Z^2St?xNG)wwO!v11Gwcw^;-mZ34k2|9$_
zj}wJK9BRu`X2nWY5pp+@@zpx7bN>@fHi#5tQRGz6p;wW^k-P7