Add sample integrating client and resource server

Closes gh-25
2020-08-18 11:27:25 -04:00
parent eeca3df66b
commit bfb646fff4
19 changed files with 704 additions and 0 deletions
--- a/samples/boot/oauth2-integration/resourceserver/spring-security-samples-boot-oauth2-integrated-resourceserver.gradle
+++ b/samples/boot/oauth2-integration/resourceserver/spring-security-samples-boot-oauth2-integrated-resourceserver.gradle
@@ -0,0 +1,7 @@
+apply plugin: 'io.spring.convention.spring-sample-boot'
+
+dependencies {
+	compile 'org.springframework.boot:spring-boot-starter-web'
+	compile 'org.springframework.boot:spring-boot-starter-security'
+	compile 'org.springframework.boot:spring-boot-starter-oauth2-resource-server'
+}
--- a/samples/boot/oauth2-integration/resourceserver/src/main/java/sample/OAuth2ResourceServerApplication.java
+++ b/samples/boot/oauth2-integration/resourceserver/src/main/java/sample/OAuth2ResourceServerApplication.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package sample;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * @author Joe Grandja
+ * @since 0.0.1
+ */
+@SpringBootApplication
+public class OAuth2ResourceServerApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(OAuth2ResourceServerApplication.class, args);
+	}
+
+}
--- a/samples/boot/oauth2-integration/resourceserver/src/main/java/sample/config/ResourceServerConfig.java
+++ b/samples/boot/oauth2-integration/resourceserver/src/main/java/sample/config/ResourceServerConfig.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package sample.config;
+
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * @author Joe Grandja
+ * @since 0.0.1
+ */
+@EnableWebSecurity
+public class ResourceServerConfig extends WebSecurityConfigurerAdapter {
+
+	// @formatter:off
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http
+			.mvcMatcher("/messages/**")
+				.authorizeRequests()
+					.mvcMatchers("/messages/**").access("hasAuthority('SCOPE_message.read')")
+					.and()
+				.oauth2ResourceServer()
+					.jwt();
+	}
+	// @formatter:on
+}
--- a/samples/boot/oauth2-integration/resourceserver/src/main/java/sample/web/MessagesController.java
+++ b/samples/boot/oauth2-integration/resourceserver/src/main/java/sample/web/MessagesController.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2020 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package sample.web;
+
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * @author Joe Grandja
+ * @since 0.0.1
+ */
+@RestController
+public class MessagesController {
+
+	@GetMapping("/messages")
+	public String[] getMessages() {
+		return new String[] {"Message 1", "Message 2", "Message 3"};
+	}
+}
--- a/samples/boot/oauth2-integration/resourceserver/src/main/resources/application.yml
+++ b/samples/boot/oauth2-integration/resourceserver/src/main/resources/application.yml
@@ -0,0 +1,17 @@
+server:
+  port: 8090
+
+logging:
+  level:
+    root: INFO
+    org.springframework.web: INFO
+    org.springframework.security: INFO
+    org.springframework.security.oauth2: INFO
+#    org.springframework.boot.autoconfigure: DEBUG
+
+spring:
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          jwk-set-uri: http://auth-server:9000/oauth2/jwks