From 339540b90f597d78bc50af14345f5fe743723133 Mon Sep 17 00:00:00 2001 From: minomi <5minhominho@gmail.com> Date: Mon, 5 Feb 2018 02:11:49 +0900 Subject: [PATCH] [#2] Ready for log in with GitHub --- build.gradle | 1 + .../java/com/coduckfoilo/WebApplication.java | 91 ++++++++++++++++++- src/main/resources/application.yml | 9 ++ src/main/resources/templates/index.ftl | 12 +++ 4 files changed, 112 insertions(+), 1 deletion(-) create mode 100644 src/main/resources/templates/index.ftl diff --git a/build.gradle b/build.gradle index 7b441d4..6a56e5b 100644 --- a/build.gradle +++ b/build.gradle @@ -28,6 +28,7 @@ dependencies { compile('org.springframework.boot:spring-boot-starter-data-jpa') compile('org.springframework.boot:spring-boot-starter-freemarker') compile('org.springframework.boot:spring-boot-starter-security') + compile('org.springframework.security.oauth:spring-security-oauth2') compile('org.springframework.boot:spring-boot-starter-web') runtime('org.springframework.boot:spring-boot-devtools') runtime('com.h2database:h2') diff --git a/src/main/java/com/coduckfoilo/WebApplication.java b/src/main/java/com/coduckfoilo/WebApplication.java index 29ac5bc..665ea20 100644 --- a/src/main/java/com/coduckfoilo/WebApplication.java +++ b/src/main/java/com/coduckfoilo/WebApplication.java @@ -1,12 +1,101 @@ package com.coduckfoilo; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties; +import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoTokenServices; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.oauth2.client.OAuth2ClientContext; +import org.springframework.security.oauth2.client.OAuth2RestTemplate; +import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter; +import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter; +import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client; +import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; +import org.springframework.security.web.csrf.CookieCsrfTokenRepository; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.filter.CompositeFilter; + +import javax.servlet.Filter; +import java.util.ArrayList; +import java.util.List; @SpringBootApplication -public class WebApplication { +@EnableOAuth2Client +@Controller +public class WebApplication extends WebSecurityConfigurerAdapter { + + @Autowired + OAuth2ClientContext oauth2ClientContext; public static void main(String[] args) { SpringApplication.run(WebApplication.class, args); } + + @RequestMapping("/") + public String index() { + return "index"; + } + + + @Override + protected void configure(HttpSecurity http) throws Exception { + http + .antMatcher("/**") + .authorizeRequests() + .antMatchers("/", "/login**", "/webjars/**") + .permitAll() + .anyRequest() + .authenticated() + .and().logout().logoutSuccessUrl("/").permitAll() + .and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) + .and().addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class); + } + + @Bean + public FilterRegistrationBean oauth2ClientFilterRegistration( + OAuth2ClientContextFilter filter) { + FilterRegistrationBean registration = new FilterRegistrationBean(); + registration.setFilter(filter); + registration.setOrder(-100); + return registration; + } + + private Filter ssoFilter() { + + CompositeFilter filter = new CompositeFilter(); + List filters = new ArrayList<>(); + + OAuth2ClientAuthenticationProcessingFilter githubFilter = new OAuth2ClientAuthenticationProcessingFilter("/login/github"); + OAuth2RestTemplate githubTemplate = new OAuth2RestTemplate(github(), oauth2ClientContext); + githubFilter.setRestTemplate(githubTemplate); + UserInfoTokenServices tokenServices = new UserInfoTokenServices(githubResource().getUserInfoUri(), github().getClientId()); + tokenServices.setRestTemplate(githubTemplate); + githubFilter.setTokenServices(tokenServices); + + filters.add(githubFilter); + + filter.setFilters(filters); + return filter; + } + + @Bean + @ConfigurationProperties("github.client") + public AuthorizationCodeResourceDetails github() { + return new AuthorizationCodeResourceDetails(); + } + + @Bean + @ConfigurationProperties("github.resource") + public ResourceServerProperties githubResource() { + return new ResourceServerProperties(); + } + + } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index e69de29..806ef6c 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -0,0 +1,9 @@ +github: + client: + clientId: ${GITHUB_OAUTH_APP_ID} + clientSecret: ${GITHUB_OAUTH_APP_PW} + accessTokenUri: https://github.com/login/oauth/access_token + userAuthorizationUri: https://github.com/login/oauth/authorize + clientAuthenticationScheme: form + resource: + userInfoUri: https://api.github.com/user \ No newline at end of file diff --git a/src/main/resources/templates/index.ftl b/src/main/resources/templates/index.ftl new file mode 100644 index 0000000..91d4c8d --- /dev/null +++ b/src/main/resources/templates/index.ftl @@ -0,0 +1,12 @@ + + + + + GitHub Login + + +
+ With Github: click here +
+ +