4 jaren geleden · 2d8d56840c
--- a/samples/boot/oauth2-integration/README.adoc
+++ b/samples/boot/oauth2-integration/README.adoc
@@ -8,4 +8,4 @@ This sample integrates `spring-security-oauth2-client` and `spring-security-oaut
 
				 ** *IMPORTANT:* Make sure to modify your `/etc/hosts` file to avoid problems with session cookie overwrites between `client` and `authorizationserver`. Simply add the entry `127.0.0.1	auth-server`
			
 
				 * Run Resource Server -> `./gradlew -b samples/boot/oauth2-integration/resourceserver/spring-security-samples-boot-oauth2-integrated-resourceserver.gradle bootRun`
			
 
				 * Run Client -> `./gradlew -b samples/boot/oauth2-integration/client/spring-security-samples-boot-oauth2-integrated-client.gradle bootRun`
			
 
				-* Go to `http://localhost:8080`
			
 
				+* Go to `http://127.0.0.1:8080`
			
--- a/samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
+++ b/samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
@@ -25,7 +25,10 @@ import sample.jose.Jwks;
 
				 
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				-import org.springframework.context.annotation.Import;
			
 
				+import org.springframework.core.Ordered;
			
 
				+import org.springframework.core.annotation.Order;
			
 
				+import org.springframework.security.config.Customizer;
			
 
				+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			
 
				 import org.springframework.security.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
			
 
				 import org.springframework.security.oauth2.core.AuthorizationGrantType;
			
 
				 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
			
@@ -34,15 +37,22 @@ import org.springframework.security.oauth2.server.authorization.client.InMemoryR
 
				 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
			
 
				 import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
			
 
				+import org.springframework.security.web.SecurityFilterChain;
			
 
				 
			
 
				 /**
			
 
				  * @author Joe Grandja
			
 
				  * @since 0.0.1
			
 
				  */
			
 
				 @Configuration(proxyBeanMethods = false)
			
 
				-@Import(OAuth2AuthorizationServerConfiguration.class)
			
 
				 public class AuthorizationServerConfig {
			
 
				 
			
 
				+	@Bean
			
 
				+	@Order(Ordered.HIGHEST_PRECEDENCE)
			
 
				+	public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
			
 
				+		OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
			
 
				+		return http.formLogin(Customizer.withDefaults()).build();
			
 
				+	}
			
 
				+
			
 
				 	// @formatter:off
			
 
				 	@Bean
			
 
				 	public RegisteredClientRepository registeredClientRepository() {
			
@@ -53,8 +63,8 @@ public class AuthorizationServerConfig {
 
				 				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
			
 
				 				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
			
 
				 				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
			
 
				-				.redirectUri("http://localhost:8080/login/oauth2/code/messaging-client-oidc")
			
 
				-				.redirectUri("http://localhost:8080/authorized")
			
 
				+				.redirectUri("http://127.0.0.1:8080/login/oauth2/code/messaging-client-oidc")
			
 
				+				.redirectUri("http://127.0.0.1:8080/authorized")
			
 
				 				.scope(OidcScopes.OPENID)
			
 
				 				.scope("message.read")
			
 
				 				.scope("message.write")
			
--- a/samples/boot/oauth2-integration/client/src/main/resources/application.yml
+++ b/samples/boot/oauth2-integration/client/src/main/resources/application.yml
@@ -21,7 +21,7 @@ spring:
 
				             client-id: messaging-client
			
 
				             client-secret: secret
			
 
				             authorization-grant-type: authorization_code
			
 
				-            redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
			
 
				+            redirect-uri: "http://127.0.0.1:8080/login/oauth2/code/{registrationId}"
			
 
				             scope: openid
			
 
				             client-name: messaging-client-oidc
			
 
				           messaging-client-authorization-code:
			
@@ -29,7 +29,7 @@ spring:
 
				             client-id: messaging-client
			
 
				             client-secret: secret
			
 
				             authorization-grant-type: authorization_code
			
 
				-            redirect-uri: "{baseUrl}/authorized"
			
 
				+            redirect-uri: "http://127.0.0.1:8080/authorized"
			
 
				             scope: message.read,message.write
			
 
				             client-name: messaging-client-authorization-code
			
 
				           messaging-client-client-credentials:
			
@@ -44,4 +44,4 @@ spring:
 
				             issuer-uri: http://auth-server:9000
			
 
				 
			
 
				 messages:
			
 
				-  base-uri: http://localhost:8090/messages
			
 
				+  base-uri: http://127.0.0.1:8090/messages