Add login api sample for oauth resource server

2021-01-28 15:49:20 +07:00
parent 2a83907be1
commit a1ace59338
19 changed files with 446 additions and 9 deletions
--- a/demo/build.gradle.kts
+++ b/demo/build.gradle.kts
@@ -8,6 +8,11 @@ plugins {
 dependencies {
    api(project(":lib"))
    api(project(":customer-api"))
+    api(project(":login-api"))
+
+    implementation("org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.3.4.RELEASE")
+    implementation("org.springframework.boot:spring-boot-starter-security")
+    implementation("org.springframework.boot:spring-boot-starter-oauth2-resource-server")

    implementation("org.springframework.boot:spring-boot-starter-web")
    implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
--- a/demo/src/main/kotlin/com/example/demo/DemoApplication.kt
+++ b/demo/src/main/kotlin/com/example/demo/DemoApplication.kt
@@ -6,8 +6,13 @@ import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.boot.CommandLineRunner
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.boot.runApplication
+import org.springframework.security.access.prepost.PreAuthorize
+import org.springframework.security.core.Authentication
+import org.springframework.web.bind.annotation.GetMapping
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController

-@SpringBootApplication (scanBasePackages = ["com.example.customerapi"])
+@SpringBootApplication (scanBasePackages = ["com.example.demo", "com.example.loginapi","com.example.customerapi"])
 class DemoApplication @Autowired constructor(
    //customerRepository: CustomerRepository,
 ) : CommandLineRunner {
@@ -23,3 +28,14 @@ class DemoApplication @Autowired constructor(
 fun main(args: Array<String>) {
    runApplication<DemoApplication>(*args)
 }
+
+
+@RestController
+@RequestMapping("/oauth")
+@PreAuthorize("isAuthenticated()")
+class OAuthController {
+    @GetMapping
+    fun getMe(authentication: Authentication) : Any? {
+        return authentication
+    }
+}
--- a/demo/src/main/kotlin/com/example/demo/SecurityConfig.kt
+++ b/demo/src/main/kotlin/com/example/demo/SecurityConfig.kt
@@ -0,0 +1,27 @@
+package com.example.demo
+
+import com.example.loginapi.OauthResourceServerSecurity
+import org.springframework.context.annotation.Configuration
+import org.springframework.security.config.annotation.web.builders.HttpSecurity
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer
+
+/**
+ * @author sombochea <Sambo Chea>
+ * @email sombochea@cubetiqs.com
+ * @date 15/10/19
+ * @since 1.0
+ */
+@Configuration
+@EnableResourceServer
+class SecurityConfig : OauthResourceServerSecurity() {
+    @Throws(Exception::class)
+    override fun configure(http: HttpSecurity) {
+        http.exceptionHandling()
+            .and()
+            .authorizeRequests()
+            .antMatchers("/api/**", "/oauth", "/customers")
+            .access("#oauth2.hasAnyScope('read','write')")
+            .antMatchers("/actuator/**")
+            .hasAnyRole("SUPER_ADMIN", "SYS_ADMIN","ACTUATOR")
+    }
+}
--- a/demo/src/main/resources/application.properties
+++ b/demo/src/main/resources/application.properties
@@ -1 +1,2 @@
-spring.data.mongodb.uri=mongodb://192.168.0.202:27017/db-customer-api
+spring.data.mongodb.uri=mongodb://192.168.0.202:27017/db-customer-api
+spring.main.allow-bean-definition-overriding=true