diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/oauth2/server/authorization/OAuth2AuthorizationServerConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/oauth2/server/authorization/OAuth2AuthorizationServerConfiguration.java new file mode 100644 index 0000000..a2faabf --- /dev/null +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/oauth2/server/authorization/OAuth2AuthorizationServerConfiguration.java @@ -0,0 +1,37 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.config.annotation.web.configuration.oauth2.server.authorization; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.WebSecurityConfigurer; +import org.springframework.security.config.annotation.web.builders.WebSecurity; + +/** + * {@link Configuration} for OAuth 2.0 Authorization Server support. + * + * @author Joe Grandja + * @since 0.0.1 + */ +@Configuration +public class OAuth2AuthorizationServerConfiguration { + + @Bean + public WebSecurityConfigurer defaultOAuth2AuthorizationServerSecurity() { + return new OAuth2AuthorizationServerSecurity(); + } + +} diff --git a/config/src/main/java/org/springframework/security/config/annotation/web/configuration/oauth2/server/authorization/OAuth2AuthorizationServerSecurity.java b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/oauth2/server/authorization/OAuth2AuthorizationServerSecurity.java new file mode 100644 index 0000000..44392ae --- /dev/null +++ b/config/src/main/java/org/springframework/security/config/annotation/web/configuration/oauth2/server/authorization/OAuth2AuthorizationServerSecurity.java @@ -0,0 +1,45 @@ +/* + * Copyright 2020 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * https://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.springframework.security.config.annotation.web.configuration.oauth2.server.authorization; + +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer; + +import static org.springframework.security.config.Customizer.withDefaults; + +/** + * {@link WebSecurityConfigurerAdapter} providing default security configuration for OAuth 2.0 Authorization Server. + * + * @author Joe Grandja + * @since 0.0.1 + */ +public class OAuth2AuthorizationServerSecurity extends WebSecurityConfigurerAdapter { + + // @formatter:off + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests(authorizeRequests -> + authorizeRequests + .anyRequest().authenticated() + ) + .formLogin(withDefaults()) + .apply(new OAuth2AuthorizationServerConfigurer<>()); + } + // @formatter:on + +}