Add simple SSO sample with github authentication

spring-boot-samples/pom.xml

@@ -71,6 +71,7 @@
 		<module>spring-boot-sample-property-validation</module>
 		<module>spring-boot-sample-secure</module>
 		<module>spring-boot-sample-secure-oauth2</module>
+		<module>spring-boot-sample-secure-sso</module>
 		<module>spring-boot-sample-servlet</module>
 		<module>spring-boot-sample-session-redis</module>
 		<module>spring-boot-sample-simple</module>

spring-boot-samples/spring-boot-sample-secure-sso/pom.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<!-- Your own application should inherit from spring-boot-starter-parent -->
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-samples</artifactId>
+		<version>1.3.0.BUILD-SNAPSHOT</version>
+	</parent>
+	<artifactId>spring-boot-sample-secure-sso</artifactId>
+	<name>spring-boot-sample-secure-sso</name>
+	<description>Spring Boot Security OAuth2 Sample</description>
+	<url>http://projects.spring.io/spring-boot/</url>
+	<organization>
+		<name>Pivotal Software, Inc.</name>
+		<url>http://www.spring.io</url>
+	</organization>
+	<properties>
+		<main.basedir>${basedir}/../..</main.basedir>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security.oauth</groupId>
+			<artifactId>spring-security-oauth2</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>bootstrap</artifactId>
+			<version>3.0.3</version>
+		</dependency>
+		<dependency>
+			<groupId>org.webjars</groupId>
+			<artifactId>jquery</artifactId>
+			<version>2.0.3-1</version>
+		</dependency>
+	</dependencies>
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+</project>

spring-boot-samples/spring-boot-sample-secure-sso/src/main/java/sample/secure/sso/SampleOAuth2SsoApplication.java

+/*
+ * Copyright 2012-2015 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package sample.secure.sso;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+
+/**
+ * After you launch the app it should prompt you for login with github. As long as it runs
+ * on port 8080 on localhost it should work. Use an incognito window for testing
+ * (otherwise you might find you are already authenticated).
+ * 
+ * @author Dave Syer
+ */
+@SpringBootApplication
+@EnableOAuth2Sso
+public class SampleOAuth2SsoApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(SampleOAuth2SsoApplication.class, args);
+	}
+
+}

spring-boot-samples/spring-boot-sample-secure-sso/src/main/resources/application.yml

+security:
+  oauth2:
+    client:
+      clientId: 314f917438a18b82966a
+      clientSecret: 0cc21fd8c59749bfff0e0d441378438e692ae896
+      accessTokenUri: https://github.com/login/oauth/access_token
+      userAuthorizationUri: https://github.com/login/oauth/authorize
+      clientAuthenticationScheme: form
+    resource:
+      userInfoUri: https://api.github.com/user
+
+logging:
+  level:
+    org.springframework.security: DEBUG

spring-boot-samples/spring-boot-sample-secure-sso/src/main/resources/static/index.html

+<!DOCTYPE html>
+<html>
+<head>
+<title>Static</title>
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<link rel="stylesheet" type="text/css"
+	href="webjars/bootstrap/3.0.3/css/bootstrap.min.css" />
+</head>
+<body>
+	<script type="text/javascript"
+		src="webjars/jquery/2.0.3/jquery.min.js"></script>
+	<div id="navbar" class="navbar navbar-default" role="navigation">
+		<div class="navbar-header">
+			<button type="button" class="navbar-toggle" data-toggle="collapse"
+				data-target=".navbar-collapse">
+				<span class="icon-bar"></span> <span class="icon-bar"></span> <span
+					class="icon-bar"></span>
+			</button>
+			<a class="navbar-brand"
+				href="https://github.com/spring-projects/spring-boot"> Spring Boot
+			</a>
+		</div>
+		<div class="navbar-collapse collapse">
+			<ul class="nav navbar-nav">
+				<li><a href="./"> Home </a></li>
+			</ul>
+		</div>
+	</div>
+	<div class="jumbotron">
+		<h1>Home</h1>
+		<p>Some static content</p>
+		<p>
+          <a class="btn btn-lg btn-primary" href="#navbar" role="button">Go &raquo;</a>
+        </p>
+	</div>
+	<script type="text/javascript"
+		src="webjars/bootstrap/3.0.3/js/bootstrap.min.js"></script>
+</body>
+</html>

spring-boot-samples/spring-boot-sample-secure-sso/src/test/java/sample/secure/sso/SampleOAuth2SsoApplicationTests.java

+package sample.secure.sso;
+
+import static org.hamcrest.CoreMatchers.containsString;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.header;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static org.springframework.test.web.servlet.setup.MockMvcBuilders.webAppContextSetup;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.IntegrationTest;
+import org.springframework.boot.test.SpringApplicationConfiguration;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.FilterChainProxy;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.web.context.WebApplicationContext;
+
+/**
+ * Series of automated integration tests to verify proper behavior of auto-configured,
+ * OAuth2-secured system
+ *
+ * @author Greg Turnquist
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@WebAppConfiguration
+@SpringApplicationConfiguration(SampleOAuth2SsoApplication.class)
+@IntegrationTest("server.port:0")
+public class SampleOAuth2SsoApplicationTests {
+
+	@Autowired
+	WebApplicationContext context;
+
+	@Autowired
+	FilterChainProxy filterChain;
+
+	private MockMvc mvc;
+
+	@Before
+	public void setUp() {
+		this.mvc = webAppContextSetup(this.context).addFilters(this.filterChain).build();
+		SecurityContextHolder.clearContext();
+	}
+
+	@Test
+	public void everythingIsSecuredByDefault() throws Exception {
+		this.mvc.perform(get("/")).andExpect(status().isFound())
+				.andExpect(header().string("location", containsString("github.com")));
+	}
+
+}