|
|
@@ -32,10 +32,12 @@ import org.springframework.beans.factory.config.BeanDefinition;
|
|
|
import org.springframework.context.annotation.Bean;
|
|
|
import org.springframework.context.annotation.Configuration;
|
|
|
import org.springframework.context.annotation.Role;
|
|
|
+import org.springframework.core.Ordered;
|
|
|
import org.springframework.core.annotation.Order;
|
|
|
import org.springframework.security.config.Customizer;
|
|
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
|
|
+import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
|
|
|
import org.springframework.security.core.userdetails.User;
|
|
|
import org.springframework.security.core.userdetails.UserDetails;
|
|
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
|
|
@@ -48,10 +50,12 @@ import org.springframework.security.oauth2.server.authorization.client.InMemoryR
|
|
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
|
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
|
|
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration;
|
|
|
+import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
|
|
|
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
|
|
|
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
|
|
|
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
|
|
|
import org.springframework.security.web.SecurityFilterChain;
|
|
|
+import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
|
|
|
|
|
|
/**
|
|
|
* OAuth Authorization Server Configuration.
|
|
|
@@ -63,12 +67,23 @@ import org.springframework.security.web.SecurityFilterChain;
|
|
|
public class OAuth2AuthorizationServerSecurityConfiguration {
|
|
|
|
|
|
@Bean
|
|
|
- @Order(1)
|
|
|
+ @Order(Ordered.HIGHEST_PRECEDENCE)
|
|
|
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
|
|
OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(http);
|
|
|
- return http.formLogin(Customizer.withDefaults()).build();
|
|
|
+ http.getConfigurer(OAuth2AuthorizationServerConfigurer.class)
|
|
|
+ .oidc(Customizer.withDefaults()); // Enable OpenID Connect 1.0
|
|
|
+
|
|
|
+ // @formatter:off
|
|
|
+ http
|
|
|
+ .exceptionHandling(exceptions ->
|
|
|
+ exceptions.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
|
|
|
+ )
|
|
|
+ .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
|
|
|
+ // @formatter:on
|
|
|
+ return http.build();
|
|
|
}
|
|
|
|
|
|
+
|
|
|
@Bean
|
|
|
@Order(2)
|
|
|
public SecurityFilterChain standardSecurityFilterChain(HttpSecurity http) throws Exception {
|
ljz