From 22ea03e641ca66c092b33c1eed9b323a44491a83 Mon Sep 17 00:00:00 2001 From: Dave Syer Date: Fri, 3 Oct 2014 16:02:01 +0100 Subject: [PATCH] Update for new security module --- pom.xml | 16 -- .../oauth2/ClientConfiguration.java | 120 -------------- .../oauth2/OAuth2ClientProperties.java | 72 -------- .../oauth2/ResourceServerProperties.java | 79 --------- ...ourceServerTokenServicesConfiguration.java | 107 ------------ .../oauth2/SpringSocialTokenServices.java | 76 --------- .../oauth2/UserInfoTokenServices.java | 104 ------------ .../proxy/OAuth2ProxyAutoConfiguration.java | 41 ----- .../proxy/OAuth2TokenRelayFilter.java | 46 ------ .../resource/EnableOAuth2Resource.java | 36 ---- .../resource/OAuth2ResourceConfiguration.java | 114 ------------- .../cloudfoundry/sso/EnableOAuth2Sso.java | 36 ---- .../sso/OAuth2SsoConfiguration.java | 154 ------------------ .../cloudfoundry/sso/OAuth2SsoConfigurer.java | 28 ---- .../sso/OAuth2SsoConfigurerAdapter.java | 30 ---- .../cloudfoundry/sso/OAuth2SsoProperties.java | 60 ------- src/main/resources/META-INF/spring.factories | 3 +- .../broker/sample/Application.java | 2 - .../broker/sample/ApplicationTests.java | 3 +- 19 files changed, 2 insertions(+), 1125 deletions(-) delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java delete mode 100644 src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java diff --git a/pom.xml b/pom.xml index c87ae5b..bda823b 100644 --- a/pom.xml +++ b/pom.xml @@ -56,17 +56,6 @@ 2.3.1 true - - org.springframework.security.oauth - spring-security-oauth2 - 2.0.3.RELEASE - true - - - org.springframework.social - spring-social-core - true - org.projectlombok lombok @@ -77,11 +66,6 @@ eureka-core true - - com.netflix.zuul - zuul-core - true - org.springframework.boot spring-boot-starter-test diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java deleted file mode 100644 index c3f6e45..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ClientConfiguration.java +++ /dev/null @@ -1,120 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.oauth2; - -import java.io.IOException; -import java.util.Arrays; - -import javax.annotation.Resource; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.boot.context.embedded.FilterRegistrationBean; -import org.springframework.boot.context.properties.EnableConfigurationProperties; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Scope; -import org.springframework.context.annotation.ScopedProxyMode; -import org.springframework.http.HttpHeaders; -import org.springframework.http.HttpRequest; -import org.springframework.http.MediaType; -import org.springframework.http.client.ClientHttpRequestExecution; -import org.springframework.http.client.ClientHttpRequestInterceptor; -import org.springframework.http.client.ClientHttpResponse; -import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext; -import org.springframework.security.oauth2.client.OAuth2ClientContext; -import org.springframework.security.oauth2.client.OAuth2RestOperations; -import org.springframework.security.oauth2.client.OAuth2RestTemplate; -import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter; -import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails; -import org.springframework.security.oauth2.client.token.AccessTokenRequest; -import org.springframework.security.oauth2.client.token.RequestEnhancer; -import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider; -import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client; -import org.springframework.util.MultiValueMap; - -/** - * @author Dave Syer - * - */ -@Configuration -@EnableOAuth2Client -@EnableConfigurationProperties(OAuth2ClientProperties.class) -public class ClientConfiguration { - - @Autowired - private OAuth2ClientProperties sso; - - @Resource - @Qualifier("accessTokenRequest") - private AccessTokenRequest accessTokenRequest; - - @Bean - public FilterRegistrationBean oauth2ClientFilterRegistration( - OAuth2ClientContextFilter filter) { - FilterRegistrationBean registration = new FilterRegistrationBean(); - registration.setFilter(filter); - registration.setOrder(0); - return registration; - } - - @Bean - public OAuth2ProtectedResourceDetails oauth2RemoteResource() { - AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails(); - // set up resource details, OAuth2 URLs etc. - details.setClientId(sso.getClientId()); - details.setClientSecret(sso.getClientSecret()); - details.setAccessTokenUri(sso.getTokenUri()); - details.setUserAuthorizationUri(sso.getAuthorizationUri()); - details.setClientAuthenticationScheme(sso.getAuthenticationScheme()); - return details; - } - - @Bean - public OAuth2RestOperations oauth2RestTemplate() { - OAuth2RestTemplate template = new OAuth2RestTemplate(oauth2RemoteResource(), - oauth2ClientContext()); - template.setInterceptors(Arrays - . asList(new ClientHttpRequestInterceptor() { - @Override - public ClientHttpResponse intercept(HttpRequest request, byte[] body, - ClientHttpRequestExecution execution) throws IOException { - request.getHeaders().setAccept( - Arrays.asList(MediaType.APPLICATION_JSON)); - return execution.execute(request, body); - } - })); - AuthorizationCodeAccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider(); - accessTokenProvider.setTokenRequestEnhancer(new RequestEnhancer() { - @Override - public void enhance(AccessTokenRequest request, - OAuth2ProtectedResourceDetails resource, - MultiValueMap form, HttpHeaders headers) { - headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON)); - } - }); - template.setAccessTokenProvider(accessTokenProvider); - return template; - } - - @Bean - @Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES) - public OAuth2ClientContext oauth2ClientContext() { - return new DefaultOAuth2ClientContext(accessTokenRequest); - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java deleted file mode 100644 index 5bf5651..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/OAuth2ClientProperties.java +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.oauth2; - -import lombok.Data; - -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.security.oauth2.common.AuthenticationScheme; -import org.springframework.util.StringUtils; -import org.springframework.validation.Errors; -import org.springframework.validation.Validator; - -/** - * @author Dave Syer - * - */ -@ConfigurationProperties("oauth2.client") -@Data -public class OAuth2ClientProperties implements Validator { - - @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.tokenUri:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.tokenUri:}}") - private String tokenUri; - - @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.authorizationUri:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.authorizationUri:}}") - private String authorizationUri; - - @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.clientId:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientId:}}") - private String clientId; - - @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.clientSecret:${vcap.services.${oauth2.resource.serviceId:resource}.credentials.clientSecret:}}") - private String clientSecret; - - private AuthenticationScheme authenticationScheme = AuthenticationScheme.header; - - @Override - public boolean supports(Class clazz) { - return OAuth2ClientProperties.class.isAssignableFrom(clazz); - } - - @Override - public void validate(Object target, Errors errors) { - OAuth2ClientProperties sso = (OAuth2ClientProperties) target; - if (StringUtils.hasText(sso.getClientId())) { - if (!StringUtils.hasText(sso.getAuthorizationUri())) { - errors.rejectValue("authorizeUri", "missing.authorizeUri", - "Missing authorizeUri"); - } - if (!StringUtils.hasText(sso.getTokenUri())) { - errors.rejectValue("tokenUri", "missing.tokenUri", "Missing tokenUri"); - } - if (!StringUtils.hasText(sso.getClientSecret())) { - errors.rejectValue("clientSecret", "missing.clientSecret", - "Missing clientSecret"); - } - } - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java deleted file mode 100644 index e589cfa..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerProperties.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.oauth2; - -import lombok.Data; -import lombok.RequiredArgsConstructor; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.util.StringUtils; -import org.springframework.validation.Errors; -import org.springframework.validation.Validator; - -/** - * @author Dave Syer - * - */ -@ConfigurationProperties("oauth2.resource") -@Data -@RequiredArgsConstructor(onConstructor = @__(@Autowired)) -public class ResourceServerProperties implements Validator { - - private final OAuth2ClientProperties client; - - private String serviceId = "resource"; - - @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.id:}") - private String id; - - @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.userInfoUri:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.userInfoUri:}}") - private String userInfoUri; - - @Value("${vcap.services.${oauth2.resource.serviceId:resource}.credentials.tokenInfoUri:${vcap.services.${oauth2.sso.serviceId:sso}.credentials.tokenInfoUri:}}") - private String tokenInfoUri; - - private boolean preferTokenInfo = true; - - public String getResourceId() { - return id; - } - - @Override - public boolean supports(Class clazz) { - return ResourceServerProperties.class.isAssignableFrom(clazz); - } - - @Override - public void validate(Object target, Errors errors) { - ResourceServerProperties resource = (ResourceServerProperties) target; - if (StringUtils.hasText(client.getClientId())) { - if (!StringUtils.hasText(client.getClientSecret())) { - if (!StringUtils.hasText(resource.getUserInfoUri())) { - errors.rejectValue("userInfoUri", "missing.userInfoUri", - "Missing userInfoUri (no client secret available)"); - } - } else { - if (isPreferTokenInfo() && !StringUtils.hasText(resource.getTokenInfoUri())) { - errors.rejectValue("tokenInfoUri", "missing.tokenInfoUri", - "Missing tokenInfoUri"); - } - } - } - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java deleted file mode 100644 index fce767e..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/ResourceServerTokenServicesConfiguration.java +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.oauth2; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.autoconfigure.condition.ConditionalOnBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass; -import org.springframework.boot.context.properties.EnableConfigurationProperties; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.security.oauth2.provider.token.RemoteTokenServices; -import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; -import org.springframework.social.connect.support.OAuth2ConnectionFactory; - -/** - * @author Dave Syer - * - */ -@Configuration -@EnableConfigurationProperties(ResourceServerProperties.class) -@Import(ClientConfiguration.class) -public class ResourceServerTokenServicesConfiguration { - - @Autowired - private ResourceServerProperties resource; - - @Autowired - private OAuth2ClientProperties client; - - @Bean - @ConditionalOnMissingBean(ResourceServerTokenServices.class) - @ConditionalOnExpression("${oauth2.resource.preferTokenInfo:${OAUTH2_RESOURCE_PREFERTOKENINFO:true}}") - protected RemoteTokenServices remoteTokenServices() { - RemoteTokenServices services = new RemoteTokenServices(); - services.setCheckTokenEndpointUrl(resource.getTokenInfoUri()); - services.setClientId(client.getClientId()); - services.setClientSecret(client.getClientSecret()); - return services; - } - - @Configuration - @ConditionalOnClass(OAuth2ConnectionFactory.class) - @ConditionalOnExpression("!${oauth2.resource.preferTokenInfo:${OAUTH2_RESOURCE_PREFERTOKENINFO:true}}") - protected static class SocialTokenServicesConfiguration { - - @Autowired - private ResourceServerProperties sso; - - @Autowired - private OAuth2ClientProperties client; - - @Autowired(required = false) - private OAuth2ConnectionFactory connectionFactory; - - @Bean - @ConditionalOnBean(OAuth2ConnectionFactory.class) - @ConditionalOnMissingBean(ResourceServerTokenServices.class) - public SpringSocialTokenServices socialTokenServices() { - return new SpringSocialTokenServices(connectionFactory, client.getClientId()); - } - - @Bean - @ConditionalOnMissingBean({ OAuth2ConnectionFactory.class, - ResourceServerTokenServices.class }) - public UserInfoTokenServices userInfoTokenServices() { - return new UserInfoTokenServices(sso.getUserInfoUri(), client.getClientId()); - } - - } - - @Configuration - @ConditionalOnMissingClass(name = "org.springframework.social.connect.support.OAuth2ConnectionFactory") - @ConditionalOnExpression("!${oauth2.resource.preferTokenInfo:${OAUTH2_RESOURCE_PREFERTOKENINFO:true}}") - protected static class UserInfoTokenServicesConfiguration { - - @Autowired - private ResourceServerProperties sso; - - @Autowired - private OAuth2ClientProperties client; - - @Bean - @ConditionalOnMissingBean(ResourceServerTokenServices.class) - public UserInfoTokenServices userInfoTokenServices() { - return new UserInfoTokenServices(sso.getUserInfoUri(), client.getClientId()); - } - - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java deleted file mode 100644 index 49f258c..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/SpringSocialTokenServices.java +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.oauth2; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.oauth2.common.OAuth2AccessToken; -import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; -import org.springframework.security.oauth2.provider.OAuth2Authentication; -import org.springframework.security.oauth2.provider.OAuth2Request; -import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; -import org.springframework.social.connect.Connection; -import org.springframework.social.connect.UserProfile; -import org.springframework.social.connect.support.OAuth2ConnectionFactory; -import org.springframework.social.oauth2.AccessGrant; - -/** - * @author Dave Syer - * - */ -public class SpringSocialTokenServices implements ResourceServerTokenServices { - - protected final Log logger = LogFactory.getLog(getClass()); - - private OAuth2ConnectionFactory connectionFactory; - - private String clientId; - - public SpringSocialTokenServices(OAuth2ConnectionFactory connectionFactory, - String clientId) { - this.connectionFactory = connectionFactory; - this.clientId = clientId; - } - - @Override - public OAuth2Authentication loadAuthentication(String accessToken) - throws AuthenticationException, InvalidTokenException { - - Connection connection = connectionFactory.createConnection(new AccessGrant( - accessToken)); - UserProfile user = connection.fetchUserProfile(); - return extractAuthentication(user); - } - - private OAuth2Authentication extractAuthentication(UserProfile user) { - UsernamePasswordAuthenticationToken principal = new UsernamePasswordAuthenticationToken( - user.getUsername(), "N/A", - AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")); - principal.setDetails(user); - OAuth2Request request = new OAuth2Request(null, clientId, null, true, null, null, - null, null, null); - return new OAuth2Authentication(request, principal); - } - - @Override - public OAuth2AccessToken readAccessToken(String accessToken) { - throw new UnsupportedOperationException("Not supported: read access token"); - } - -} \ No newline at end of file diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java b/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java deleted file mode 100644 index 16f5d84..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/oauth2/UserInfoTokenServices.java +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.oauth2; - -import java.util.Map; - -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.oauth2.client.OAuth2RestTemplate; -import org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails; -import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; -import org.springframework.security.oauth2.common.OAuth2AccessToken; -import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; -import org.springframework.security.oauth2.provider.OAuth2Authentication; -import org.springframework.security.oauth2.provider.OAuth2Request; -import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; - -/** - * @author Dave Syer - * - */ -public class UserInfoTokenServices implements ResourceServerTokenServices { - - protected final Log logger = LogFactory.getLog(getClass()); - - private String userInfoEndpointUrl; - - private String clientId; - - public UserInfoTokenServices(String userInfoEndpointUrl, String clientId) { - this.userInfoEndpointUrl = userInfoEndpointUrl; - this.clientId = clientId; - } - - @Override - public OAuth2Authentication loadAuthentication(String accessToken) - throws AuthenticationException, InvalidTokenException { - - Map map = getMap(userInfoEndpointUrl, accessToken); - - if (map.containsKey("error")) { - logger.debug("userinfo returned error: " + map.get("error")); - throw new InvalidTokenException(accessToken); - } - - return extractAuthentication(map); - } - - private OAuth2Authentication extractAuthentication(Map map) { - UsernamePasswordAuthenticationToken user = new UsernamePasswordAuthenticationToken( - getPrincipal(map), "N/A", - AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER")); - user.setDetails(map); - OAuth2Request request = new OAuth2Request(null, clientId, null, true, null, - null, null, null, null); - return new OAuth2Authentication(request, user); - } - - private Object getPrincipal(Map map) { - String[] keys = new String[] { "user", "username", "userid", "user_id", - "login", "id" }; - for (String key : keys) { - if (map.containsKey(key)) { - return map.get(key); - } - } - return "unknown"; - } - - @Override - public OAuth2AccessToken readAccessToken(String accessToken) { - throw new UnsupportedOperationException("Not supported: read access token"); - } - - private Map getMap(String path, String accessToken) { - logger.info("Getting user info from :" + path); - BaseOAuth2ProtectedResourceDetails resource = new BaseOAuth2ProtectedResourceDetails(); - resource.setClientId(clientId); - OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(resource); - restTemplate.getOAuth2ClientContext().setAccessToken(new DefaultOAuth2AccessToken(accessToken)); - @SuppressWarnings("rawtypes") - Map map = restTemplate.getForEntity(path, Map.class).getBody(); - @SuppressWarnings("unchecked") - Map result = map; - return result; - } - -} \ No newline at end of file diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java deleted file mode 100644 index 461b2e5..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2ProxyAutoConfiguration.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.proxy; - -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; -import org.springframework.boot.autoconfigure.security.SecurityProperties; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client; - -import com.netflix.zuul.ZuulFilter; - -/** - * @author Dave Syer - * - */ -@Configuration -@ConditionalOnClass({ ZuulFilter.class, EnableOAuth2Client.class, SecurityProperties.class }) -@ConditionalOnWebApplication -public class OAuth2ProxyAutoConfiguration { - - @Bean - public OAuth2TokenRelayFilter oauth2TokenRelayFilter() { - return new OAuth2TokenRelayFilter(); - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java b/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java deleted file mode 100644 index bb01468..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/proxy/OAuth2TokenRelayFilter.java +++ /dev/null @@ -1,46 +0,0 @@ -package org.springframework.cloud.cloudfoundry.proxy; - -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.oauth2.provider.OAuth2Authentication; -import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; - -import com.netflix.zuul.ZuulFilter; -import com.netflix.zuul.context.RequestContext; - -public class OAuth2TokenRelayFilter extends ZuulFilter { - - private static final String ACCESS_TOKEN = "ACCESS_TOKEN"; - - @Override - public int filterOrder() { - return 10; - } - - @Override - public String filterType() { - return "pre"; - } - - @Override - public boolean shouldFilter() { - Authentication auth = SecurityContextHolder.getContext().getAuthentication(); - if (auth instanceof OAuth2Authentication) { - Object details = auth.getDetails(); - if (details instanceof OAuth2AuthenticationDetails) { - OAuth2AuthenticationDetails oauth = (OAuth2AuthenticationDetails) details; - RequestContext ctx = RequestContext.getCurrentContext(); - ctx.set(ACCESS_TOKEN, oauth.getTokenValue()); - return true; - } - } - return false; - } - - @Override - public Object run() { - RequestContext ctx = RequestContext.getCurrentContext(); - ctx.addZuulRequestHeader("authorization", "Bearer " + ctx.get(ACCESS_TOKEN)); - return null; - } -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java b/src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java deleted file mode 100644 index 23cca3c..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/resource/EnableOAuth2Resource.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.resource; - -import java.lang.annotation.Documented; -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -import org.springframework.context.annotation.Import; - -/** - * @author Dave Syer - * - */ -@Target(ElementType.TYPE) -@Retention(RetentionPolicy.RUNTIME) -@Documented -@Import(OAuth2ResourceConfiguration.class) -public @interface EnableOAuth2Resource { - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java deleted file mode 100644 index 318172a..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/resource/OAuth2ResourceConfiguration.java +++ /dev/null @@ -1,114 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.resource; - -import org.springframework.beans.BeansException; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.config.BeanPostProcessor; -import org.springframework.boot.actuate.autoconfigure.ManagementServerProperties; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; -import org.springframework.boot.autoconfigure.security.SecurityProperties; -import org.springframework.cloud.cloudfoundry.oauth2.ResourceServerProperties; -import org.springframework.cloud.cloudfoundry.oauth2.ResourceServerTokenServicesConfiguration; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; -import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration; -import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer; -import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; -import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; -import org.springframework.util.ClassUtils; - -/** - * @author Dave Syer - * - */ -@Configuration -@ConditionalOnExpression("'${oauth2.client.clientId:${vcap.services.resource.credentials.clientId:}}'!=''") -@ConditionalOnClass({ EnableResourceServer.class, SecurityProperties.class }) -@ConditionalOnWebApplication -@EnableResourceServer -@Import(ResourceServerTokenServicesConfiguration.class) -public class OAuth2ResourceConfiguration { - - @Autowired - private ResourceServerProperties resource; - - @Bean - @ConditionalOnMissingBean(ResourceServerConfigurer.class) - public ResourceServerConfigurer resourceServer() { - return new ResourceSecurityConfigurer(resource); - } - - protected static class ResourceSecurityConfigurer extends ResourceServerConfigurerAdapter { - - private ResourceServerProperties resource; - - @Autowired - public ResourceSecurityConfigurer(ResourceServerProperties resource) { - this.resource = resource; - } - - @Override - public void configure(ResourceServerSecurityConfigurer resources) - throws Exception { - resources.resourceId(resource.getResourceId()); - } - - @Override - public void configure(HttpSecurity http) throws Exception { - http.authorizeRequests().anyRequest().authenticated(); - } - - } - - @Configuration - protected static class ResourceServerOrderProcessor implements BeanPostProcessor { - - @Override - public Object postProcessAfterInitialization(Object bean, String beanName) - throws BeansException { - if (bean instanceof ResourceServerConfiguration) { - ResourceServerConfiguration configuration = (ResourceServerConfiguration) bean; - configuration.setOrder(getOrder()); - } - return bean; - } - - @Override - public Object postProcessBeforeInitialization(Object bean, String beanName) - throws BeansException { - return bean; - } - - private int getOrder() { - if (ClassUtils - .isPresent( - "org.springframework.boot.actuate.autoconfigure.ManagementServerProperties", - null)) { - return ManagementServerProperties.ACCESS_OVERRIDE_ORDER - 10; - } - return SecurityProperties.ACCESS_OVERRIDE_ORDER - 10; - } - - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java deleted file mode 100644 index 1a81b9f..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/EnableOAuth2Sso.java +++ /dev/null @@ -1,36 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.sso; - -import java.lang.annotation.Documented; -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -import org.springframework.context.annotation.Import; - -/** - * @author Dave Syer - * - */ -@Target(ElementType.TYPE) -@Retention(RetentionPolicy.RUNTIME) -@Documented -@Import(OAuth2SsoConfiguration.class) -public @interface EnableOAuth2Sso { - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java deleted file mode 100644 index bd687cf..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfiguration.java +++ /dev/null @@ -1,154 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.sso; - -import java.io.IOException; -import java.util.Collections; -import java.util.List; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.boot.actuate.autoconfigure.ManagementServerProperties; -import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; -import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; -import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; -import org.springframework.boot.autoconfigure.security.SecurityProperties; -import org.springframework.boot.context.properties.EnableConfigurationProperties; -import org.springframework.cloud.cloudfoundry.oauth2.ResourceServerTokenServicesConfiguration; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.core.Ordered; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; -import org.springframework.security.core.Authentication; -import org.springframework.security.oauth2.client.OAuth2RestOperations; -import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter; -import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails; -import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; -import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint; -import org.springframework.security.web.authentication.logout.LogoutHandler; -import org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.util.ClassUtils; - -/** - * @author Dave Syer - * - */ -@Configuration -@ConditionalOnExpression("'${oauth2.client.clientId:${vcap.services.sso.credentials.clientId:}}'!=''") -@ConditionalOnClass({ ResourceServerTokenServices.class, SecurityProperties.class }) -@ConditionalOnWebApplication -@EnableConfigurationProperties(OAuth2SsoProperties.class) -@Import(ResourceServerTokenServicesConfiguration.class) -public class OAuth2SsoConfiguration extends WebSecurityConfigurerAdapter implements Ordered { - - @Autowired - private OAuth2ProtectedResourceDetails remote; - - @Autowired - private OAuth2SsoProperties sso; - - @Autowired - private ResourceServerTokenServices tokenServices; - - @Autowired - @Qualifier("oauth2RestTemplate") - private OAuth2RestOperations restTemplate; - - private List configurers = Collections.emptyList(); - - @Override - public int getOrder() { - if (ClassUtils - .isPresent( - "org.springframework.boot.actuate.autoconfigure.ManagementServerProperties", - null)) { - return ManagementServerProperties.ACCESS_OVERRIDE_ORDER; - } - return SecurityProperties.ACCESS_OVERRIDE_ORDER; - } - - /** - * @param configurers the configurers to set - */ - @Autowired(required = false) - public void setConfigurers(List configurers) { - this.configurers = configurers; - } - - @Override - protected void configure(HttpSecurity http) throws Exception { - - http.addFilterAfter(cloudfoundrySsoFilter(), - AbstractPreAuthenticatedProcessingFilter.class); - - for (OAuth2SsoConfigurer configurer : configurers) { - // Delegates can add authorizeRequests() here - configurer.configure(http); - } - if (configurers.isEmpty()) { - // Add anyRequest() last as a fall back. Spring Security would replace an - // existing anyRequest() matcher with this one, so to avoid that we only - // add it if the user hasn't configured anything. - ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry requests = http - .antMatcher("/**").authorizeRequests(); - if (!sso.getHome().isSecure()) { - requests.antMatchers(sso.getHome().getPath()).permitAll(); - } - requests.anyRequest().authenticated(); - } - - http.logout() - .logoutRequestMatcher(new AntPathRequestMatcher(sso.getLogoutPath())) - .addLogoutHandler(logoutHandler()).permitAll(); - http.exceptionHandling().authenticationEntryPoint( - new LoginUrlAuthenticationEntryPoint(sso.getLoginPath())); - - } - - protected OAuth2ClientAuthenticationProcessingFilter cloudfoundrySsoFilter() { - OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter( - sso.getLoginPath()); - filter.setRestTemplate(restTemplate); - filter.setTokenServices(tokenServices); - return filter; - } - - private LogoutHandler logoutHandler() { - LogoutHandler handler = new LogoutHandler() { - @Override - public void logout(HttpServletRequest request, HttpServletResponse response, - Authentication authentication) { - restTemplate.getOAuth2ClientContext().setAccessToken(null); - String redirect = request.getRequestURL().toString() - .replace(sso.getLogoutPath(), sso.getHome().getPath()); - try { - response.sendRedirect(sso.getLogoutUri(redirect)); - } - catch (IOException e) { - throw new IllegalStateException("Cannot logout remote server", e); - } - } - }; - return handler; - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java deleted file mode 100644 index 07557dc..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurer.java +++ /dev/null @@ -1,28 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.sso; - -import org.springframework.security.config.annotation.web.builders.HttpSecurity; - -/** - * @author Dave Syer - * - */ -public interface OAuth2SsoConfigurer { - - void configure(HttpSecurity http) throws Exception; - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java deleted file mode 100644 index 9a9b99f..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoConfigurerAdapter.java +++ /dev/null @@ -1,30 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.sso; - -import org.springframework.security.config.annotation.web.builders.HttpSecurity; - -/** - * @author Dave Syer - * - */ -public class OAuth2SsoConfigurerAdapter implements OAuth2SsoConfigurer { - - @Override - public void configure(HttpSecurity http) { - } - -} diff --git a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java b/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java deleted file mode 100644 index 18735f4..0000000 --- a/src/main/java/org/springframework/cloud/cloudfoundry/sso/OAuth2SsoProperties.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright 2013-2014 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.cloud.cloudfoundry.sso; - -import lombok.Data; -import lombok.RequiredArgsConstructor; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.cloud.cloudfoundry.oauth2.OAuth2ClientProperties; -import org.springframework.util.StringUtils; - -/** - * @author Dave Syer - * - */ -@ConfigurationProperties("oauth2.sso") -@Data -@RequiredArgsConstructor(onConstructor = @__(@Autowired)) -public class OAuth2SsoProperties { - - private final OAuth2ClientProperties client; - - private String serviceId = "sso"; - - private String logoutPath = "/logout"; - - @Value("${vcap.services.${oauth2.sso.serviceId:sso}.credentials.logoutUri:}") - private String logoutUri; - - private String loginPath = "/login"; - - private Home home = new Home(); - - @Data - public static class Home { - private String path = "/"; - private boolean secure = true; - } - - public String getLogoutUri(String redirectUrl) { - return StringUtils.hasText(logoutUri) ? logoutUri : client.getTokenUri().replace("/oauth/token", - "/logout.do?redirect=" + redirectUrl); - } - -} diff --git a/src/main/resources/META-INF/spring.factories b/src/main/resources/META-INF/spring.factories index c001fed..9e386c0 100644 --- a/src/main/resources/META-INF/spring.factories +++ b/src/main/resources/META-INF/spring.factories @@ -1,3 +1,2 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ -org.springframework.cloud.cloudfoundry.broker.configuration.ServiceBrokerAutoConfiguration,\ -org.springframework.cloud.cloudfoundry.proxy.OAuth2ProxyAutoConfiguration \ No newline at end of file +org.springframework.cloud.cloudfoundry.broker.configuration.ServiceBrokerAutoConfiguration \ No newline at end of file diff --git a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java index a38afd4..47cbddc 100644 --- a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java +++ b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/Application.java @@ -20,13 +20,11 @@ import java.security.Principal; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.context.annotation.Configuration; -import org.springframework.cloud.cloudfoundry.sso.EnableOAuth2Sso; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @Configuration @EnableAutoConfiguration -@EnableOAuth2Sso @RestController public class Application { diff --git a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java index 4a32347..309fbe6 100644 --- a/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java +++ b/src/test/java/org/springframework/cloud/cloudfoundry/broker/sample/ApplicationTests.java @@ -33,8 +33,7 @@ import org.springframework.test.context.web.WebAppConfiguration; @RunWith(SpringJUnit4ClassRunner.class) @SpringApplicationConfiguration(classes = Application.class) @WebAppConfiguration -@IntegrationTest({ "server.port=0", "security.basic.enabled=false", - "cloudfoundry.sso.clientId=", "cloudfoundry.resource.clientId=" }) +@IntegrationTest({ "server.port=0"}) public class ApplicationTests { @Value("${local.server.port}")