4 vuotta sitten · 668bb069f2
--- a/samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
+++ b/samples/boot/oauth2-integration/authorizationserver/src/main/java/sample/config/AuthorizationServerConfig.java
@@ -23,9 +23,11 @@ import org.springframework.security.crypto.key.CryptoKeySource;
 
				 import org.springframework.security.crypto.key.StaticKeyGeneratingCryptoKeySource;
			
 
				 import org.springframework.security.oauth2.core.AuthorizationGrantType;
			
 
				 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
			
 
				+import org.springframework.security.oauth2.core.oidc.OidcScopes;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
			
 
				+import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
			
 
				 
			
 
				 import java.util.UUID;
			
 
				 
			
@@ -45,8 +47,11 @@ public class AuthorizationServerConfig {
 
				 				.clientSecret("secret")
			
 
				 				.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
			
 
				 				.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
			
 
				+				.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
			
 
				 				.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
			
 
				+				.redirectUri("http://localhost:8080/login/oauth2/code/messaging-client-oidc")
			
 
				 				.redirectUri("http://localhost:8080/authorized")
			
 
				+				.scope(OidcScopes.OPENID)
			
 
				 				.scope("message.read")
			
 
				 				.scope("message.write")
			
 
				 				.clientSettings(clientSettings -> clientSettings.requireUserConsent(true))
			
@@ -59,4 +64,9 @@ public class AuthorizationServerConfig {
 
				 	public CryptoKeySource keySource() {
			
 
				 		return new StaticKeyGeneratingCryptoKeySource();
			
 
				 	}
			
 
				+
			
 
				+	@Bean
			
 
				+	public ProviderSettings providerSettings() {
			
 
				+		return new ProviderSettings().issuer("http://auth-server:9000");
			
 
				+	}
			
 
				 }
			
--- a/samples/boot/oauth2-integration/client/src/main/java/sample/config/SecurityConfig.java
+++ b/samples/boot/oauth2-integration/client/src/main/java/sample/config/SecurityConfig.java
@@ -40,10 +40,10 @@ public class SecurityConfig {
 
				 	SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
			
 
				 		http
			
 
				 			.authorizeRequests(authorizeRequests ->
			
 
				-				authorizeRequests.anyRequest().permitAll()
			
 
				+				authorizeRequests.anyRequest().authenticated()
			
 
				 			)
			
 
				-			.logout()
			
 
				-				.disable()
			
 
				+			.oauth2Login(oauth2Login ->
			
 
				+				oauth2Login.loginPage("/oauth2/authorization/messaging-client-oidc"))
			
 
				 			.oauth2Client(withDefaults());
			
 
				 		return http.build();
			
 
				 	}
			
--- a/samples/boot/oauth2-integration/client/src/main/resources/application.yml
+++ b/samples/boot/oauth2-integration/client/src/main/resources/application.yml
@@ -16,6 +16,14 @@ spring:
 
				     oauth2:
			
 
				       client:
			
 
				         registration:
			
 
				+          messaging-client-oidc:
			
 
				+            provider: spring
			
 
				+            client-id: messaging-client
			
 
				+            client-secret: secret
			
 
				+            authorization-grant-type: authorization_code
			
 
				+            redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
			
 
				+            scope: openid
			
 
				+            client-name: messaging-client-oidc
			
 
				           messaging-client-authorization-code:
			
 
				             provider: spring
			
 
				             client-id: messaging-client
			
@@ -23,16 +31,17 @@ spring:
 
				             authorization-grant-type: authorization_code
			
 
				             redirect-uri: "{baseUrl}/authorized"
			
 
				             scope: message.read,message.write
			
 
				+            client-name: messaging-client-authorization-code
			
 
				           messaging-client-client-credentials:
			
 
				             provider: spring
			
 
				             client-id: messaging-client
			
 
				             client-secret: secret
			
 
				             authorization-grant-type: client_credentials
			
 
				             scope: message.read,message.write
			
 
				+            client-name: messaging-client-client-credentials
			
 
				         provider:
			
 
				           spring:
			
 
				-            authorization-uri: http://auth-server:9000/oauth2/authorize
			
 
				-            token-uri: http://auth-server:9000/oauth2/token
			
 
				+            issuer-uri: http://auth-server:9000
			
 
				 
			
 
				 messages:
			
 
				   base-uri: http://localhost:8090/messages
			
--- a/samples/boot/oauth2-integration/resourceserver/src/main/resources/application.yml
+++ b/samples/boot/oauth2-integration/resourceserver/src/main/resources/application.yml
@@ -14,4 +14,4 @@ spring:
 
				     oauth2:
			
 
				       resourceserver:
			
 
				         jwt:
			
 
				-          jwk-set-uri: http://auth-server:9000/oauth2/jwks
			
 
				+          issuer-uri: http://auth-server:9000