OAuthSecurityConfiguration (spring-cloud-common-security-config-web 1.1.2.RELEASE API)

java.lang.Object
- org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
- - org.springframework.cloud.common.security.OAuthSecurityConfiguration

All Implemented Interfaces:: org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

@EnableOAuth2Client
 @Configuration
 @ConditionalOnClass(value=org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class)
 @ConditionalOnMissingBean(value=org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class)
 @ConditionalOnWebApplication(type=ANY)
 @EnableWebSecurity
 @Conditional(value=OnOAuth2SecurityEnabled.class)
public class OAuthSecurityConfiguration
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Setup Spring Security OAuth for the Rest Endpoints of Spring Cloud Data Flow.

Author:: Gunnar Hillert, Ilayaperumal Gopinathan

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`protected static class`	`OAuthSecurityConfiguration.BrowserDetectingContentNegotiationStrategy`
`protected static class`	`OAuthSecurityConfiguration.ResourceServerConfiguration`

Field Summary

Fields
Modifier and Type	Field and Description
`protected org.springframework.context.ApplicationEventPublisher`	`applicationEventPublisher`
`protected org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails`	`authorizationCodeResourceDetails`
`protected AuthorizationProperties`	`authorizationProperties`
`protected org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails`	`clientCredentialsResourceDetails`
`protected org.springframework.security.oauth2.client.OAuth2ClientContext`	`oauth2ClientContext`
`protected org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties`	`resourceServerProperties`
`protected org.springframework.boot.autoconfigure.security.SecurityProperties`	`securityProperties`
`protected SecurityStateBean`	`securityStateBean`

Constructor Summary

Constructors
Constructor and Description

OAuthSecurityConfiguration()

Constructors
Constructor and Description
`OAuthSecurityConfiguration()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected org.springframework.security.authentication.AuthenticationProvider`	`authenticationProvider()`
`protected void`	`configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)`
`protected String`	`dashboard(String path)`
`void`	`handleOAuth2AuthenticationFailureEvent(org.springframework.security.oauth2.client.filter.OAuth2AuthenticationFailureEvent oAuth2AuthenticationFailureEvent)`
`protected org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter`	`oAuth2AuthenticationProcessingFilter()`
`protected org.springframework.security.oauth2.client.OAuth2RestTemplate`	`oAuth2RestTemplate()`
`org.springframework.security.authentication.AuthenticationManager`	`oauthAuthenticationManager()`
`protected javax.servlet.Filter`	`oauthFilter()`
`protected org.springframework.security.authentication.ProviderManager`	`providerManager()`
`protected TokenValidatingUserInfoTokenServices`	`resourceServerTokenServices()`
`org.springframework.security.oauth2.client.token.AccessTokenProvider`	`userAccessTokenProvider()`

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
authenticationManager, authenticationManagerBean, configure, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

securityStateBean

@Autowired
protected SecurityStateBean securityStateBean

securityProperties

@Autowired
protected org.springframework.boot.autoconfigure.security.SecurityProperties securityProperties

oauth2ClientContext

@Autowired
protected org.springframework.security.oauth2.client.OAuth2ClientContext oauth2ClientContext

authorizationCodeResourceDetails

@Autowired
protected org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails authorizationCodeResourceDetails

resourceServerProperties

@Autowired
protected org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties resourceServerProperties

applicationEventPublisher

@Autowired
protected org.springframework.context.ApplicationEventPublisher applicationEventPublisher

authorizationProperties

@Autowired
protected AuthorizationProperties authorizationProperties

clientCredentialsResourceDetails

@Autowired
protected org.springframework.security.oauth2.client.resource.BaseOAuth2ProtectedResourceDetails clientCredentialsResourceDetails

Constructor Detail
- OAuthSecurityConfiguration
```
public OAuthSecurityConfiguration()
```

Method Detail

configure
```
protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws Exception
```
Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

resourceServerTokenServices

@Bean
protected TokenValidatingUserInfoTokenServices resourceServerTokenServices()

oAuth2RestTemplate

@Bean
protected org.springframework.security.oauth2.client.OAuth2RestTemplate oAuth2RestTemplate()

userAccessTokenProvider

public org.springframework.security.oauth2.client.token.AccessTokenProvider userAccessTokenProvider()

authenticationProvider

@Bean
protected org.springframework.security.authentication.AuthenticationProvider authenticationProvider()

providerManager

@Bean
protected org.springframework.security.authentication.ProviderManager providerManager()

oauthFilter

protected javax.servlet.Filter oauthFilter()

oAuth2AuthenticationProcessingFilter

protected org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter oAuth2AuthenticationProcessingFilter()

oauthAuthenticationManager

@Bean
public org.springframework.security.authentication.AuthenticationManager oauthAuthenticationManager()

handleOAuth2AuthenticationFailureEvent

@EventListener
public void handleOAuth2AuthenticationFailureEvent(org.springframework.security.oauth2.client.filter.OAuth2AuthenticationFailureEvent oAuth2AuthenticationFailureEvent)

dashboard

protected String dashboard(String path)

Class OAuthSecurityConfiguration

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Methods inherited from class java.lang.Object

Field Detail

securityStateBean

securityProperties

oauth2ClientContext

authorizationCodeResourceDetails

resourceServerProperties

applicationEventPublisher

authorizationProperties

clientCredentialsResourceDetails

Constructor Detail

OAuthSecurityConfiguration

Method Detail

configure

resourceServerTokenServices

oAuth2RestTemplate

userAccessTokenProvider

authenticationProvider

providerManager

oauthFilter

oAuth2AuthenticationProcessingFilter

oauthAuthenticationManager

handleOAuth2AuthenticationFailureEvent

dashboard