OAuthSecurityConfiguration (spring-cloud-common-security-config-web 2.11.1 API)

java.lang.Object
- org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
- - org.springframework.cloud.common.security.OAuthSecurityConfiguration

All Implemented Interfaces:: org.springframework.security.config.annotation.SecurityConfigurer<javax.servlet.Filter,org.springframework.security.config.annotation.web.builders.WebSecurity>, org.springframework.security.config.annotation.web.WebSecurityConfigurer<org.springframework.security.config.annotation.web.builders.WebSecurity>

@Configuration(proxyBeanMethods=false)
 @ConditionalOnClass(value=org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class)
 @ConditionalOnMissingBean(value=org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter.class)
 @ConditionalOnWebApplication(type=ANY)
 @EnableWebSecurity
 @Conditional(value=OnOAuth2SecurityEnabled.class)
 @Import(value={OAuthSecurityConfiguration.OAuth2AccessTokenResponseClientConfig.class,OAuthSecurityConfiguration.OAuth2AuthenticationFailureEventConfig.class,OAuthSecurityConfiguration.OpaqueTokenIntrospectorConfig.class,OAuthSecurityConfiguration.OidcUserServiceConfig.class,OAuthSecurityConfiguration.PlainOauth2UserServiceConfig.class,OAuthSecurityConfiguration.WebClientConfig.class,OAuthSecurityConfiguration.AuthoritiesMapperConfig.class,OAuthSecurityConfiguration.OAuth2TokenUtilsServiceConfig.class,OAuthSecurityConfiguration.LogoutSuccessHandlerConfig.class,OAuthSecurityConfiguration.ProviderManagerConfig.class,OAuthSecurityConfiguration.AuthenticationProviderConfig.class})
public class OAuthSecurityConfiguration
extends org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Setup Spring Security OAuth for the Rest Endpoints of Spring Cloud Data Flow.

Author:: Gunnar Hillert, Ilayaperumal Gopinathan, Corneil du Plessis

Nested Class Summary

Nested Classes
Modifier and Type	Class and Description
`protected static class`	`OAuthSecurityConfiguration.AuthenticationProviderConfig`
`protected static class`	`OAuthSecurityConfiguration.AuthoritiesMapperConfig`
`protected static class`	`OAuthSecurityConfiguration.BrowserDetectingContentNegotiationStrategy`
`protected static class`	`OAuthSecurityConfiguration.LogoutSuccessHandlerConfig`
`protected static class`	`OAuthSecurityConfiguration.OAuth2AccessTokenResponseClientConfig`
`protected static class`	`OAuthSecurityConfiguration.OAuth2AuthenticationFailureEventConfig`
`protected static class`	`OAuthSecurityConfiguration.OAuth2AuthorizedClientManagerConfig`
`protected static class`	`OAuthSecurityConfiguration.OAuth2TokenUtilsServiceConfig`
`protected static class`	`OAuthSecurityConfiguration.OidcUserServiceConfig`
`protected static class`	`OAuthSecurityConfiguration.OpaqueTokenIntrospectorConfig`
`protected static class`	`OAuthSecurityConfiguration.PlainOauth2UserServiceConfig`
`protected static class`	`OAuthSecurityConfiguration.ProviderManagerConfig`
`protected static class`	`OAuthSecurityConfiguration.WebClientConfig`

Field Summary

Fields
Modifier and Type	Field and Description
`protected org.springframework.context.ApplicationEventPublisher`	`applicationEventPublisher`
`protected AuthorizationProperties`	`authorizationProperties`
`protected org.springframework.security.web.authentication.logout.LogoutSuccessHandler`	`logoutSuccessHandler`
`protected org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties`	`oauth2ClientProperties`
`protected org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties`	`oAuth2ResourceServerProperties`
`protected org.springframework.security.oauth2.client.userinfo.OAuth2UserService<org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest,org.springframework.security.oauth2.core.oidc.user.OidcUser>`	`oidcUserService`
`protected org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector`	`opaqueTokenIntrospector`
`protected org.springframework.security.oauth2.client.userinfo.OAuth2UserService<org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest,org.springframework.security.oauth2.core.user.OAuth2User>`	`plainOauth2UserService`
`protected org.springframework.security.authentication.ProviderManager`	`providerManager`
`protected org.springframework.boot.autoconfigure.security.SecurityProperties`	`securityProperties`
`protected SecurityStateBean`	`securityStateBean`

Constructor Summary

Constructors
Constructor and Description

OAuthSecurityConfiguration()

Constructors
Constructor and Description
`OAuthSecurityConfiguration()`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected void`	`configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)`
`protected static String`	`dashboard(AuthorizationProperties authorizationProperties, String path)`
`AuthorizationProperties`	`getAuthorizationProperties()`
`org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties`	`getoAuth2ResourceServerProperties()`
`org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector`	`getOpaqueTokenIntrospector()`
`org.springframework.security.authentication.ProviderManager`	`getProviderManager()`
`SecurityStateBean`	`getSecurityStateBean()`
`protected org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,org.springframework.security.authentication.AbstractAuthenticationToken>`	`grantedAuthoritiesExtractor()`
`void`	`setAuthorizationProperties(AuthorizationProperties authorizationProperties)`
`void`	`setoAuth2ResourceServerProperties(org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties oAuth2ResourceServerProperties)`
`void`	`setOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector opaqueTokenIntrospector)`
`void`	`setProviderManager(org.springframework.security.authentication.ProviderManager providerManager)`
`void`	`setSecurityStateBean(SecurityStateBean securityStateBean)`

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
authenticationManager, authenticationManagerBean, configure, configure, getApplicationContext, getHttp, init, setApplicationContext, setAuthenticationConfiguration, setContentNegotationStrategy, setObjectPostProcessor, setTrustResolver, userDetailsService, userDetailsServiceBean

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

oauth2ClientProperties

@Autowired
protected org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2ClientProperties oauth2ClientProperties

securityStateBean

@Autowired
protected SecurityStateBean securityStateBean

securityProperties

@Autowired
protected org.springframework.boot.autoconfigure.security.SecurityProperties securityProperties

applicationEventPublisher

@Autowired
protected org.springframework.context.ApplicationEventPublisher applicationEventPublisher

authorizationProperties

@Autowired
protected AuthorizationProperties authorizationProperties

oAuth2ResourceServerProperties

@Autowired
protected org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties oAuth2ResourceServerProperties

plainOauth2UserService

@Autowired
protected org.springframework.security.oauth2.client.userinfo.OAuth2UserService<org.springframework.security.oauth2.client.userinfo.OAuth2UserRequest,org.springframework.security.oauth2.core.user.OAuth2User> plainOauth2UserService

oidcUserService

@Autowired
protected org.springframework.security.oauth2.client.userinfo.OAuth2UserService<org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest,org.springframework.security.oauth2.core.oidc.user.OidcUser> oidcUserService

logoutSuccessHandler

@Autowired
protected org.springframework.security.web.authentication.logout.LogoutSuccessHandler logoutSuccessHandler

opaqueTokenIntrospector

protected org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector opaqueTokenIntrospector

providerManager

protected org.springframework.security.authentication.ProviderManager providerManager

Constructor Detail
- OAuthSecurityConfiguration
```
public OAuthSecurityConfiguration()
```

Method Detail

getAuthorizationProperties

public AuthorizationProperties getAuthorizationProperties()

setAuthorizationProperties

public void setAuthorizationProperties(AuthorizationProperties authorizationProperties)

getOpaqueTokenIntrospector

public org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector getOpaqueTokenIntrospector()

setOpaqueTokenIntrospector

@Autowired(required=false)
public void setOpaqueTokenIntrospector(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector opaqueTokenIntrospector)

getProviderManager

public org.springframework.security.authentication.ProviderManager getProviderManager()

setProviderManager

@Autowired(required=false)
public void setProviderManager(org.springframework.security.authentication.ProviderManager providerManager)

getoAuth2ResourceServerProperties

public org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties getoAuth2ResourceServerProperties()

setoAuth2ResourceServerProperties

public void setoAuth2ResourceServerProperties(org.springframework.boot.autoconfigure.security.oauth2.resource.OAuth2ResourceServerProperties oAuth2ResourceServerProperties)

getSecurityStateBean

public SecurityStateBean getSecurityStateBean()

setSecurityStateBean

public void setSecurityStateBean(SecurityStateBean securityStateBean)

configure
```
protected void configure(org.springframework.security.config.annotation.web.builders.HttpSecurity http)
                  throws Exception
```
Overrides:

configure in class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Throws:

Exception

dashboard

protected static String dashboard(AuthorizationProperties authorizationProperties,
                                  String path)

grantedAuthoritiesExtractor

protected org.springframework.core.convert.converter.Converter<org.springframework.security.oauth2.jwt.Jwt,org.springframework.security.authentication.AbstractAuthenticationToken> grantedAuthoritiesExtractor()

Class OAuthSecurityConfiguration

Nested Class Summary

Field Summary

Constructor Summary

Method Summary

Methods inherited from class org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter

Methods inherited from class java.lang.Object

Field Detail

oauth2ClientProperties

securityStateBean

securityProperties

applicationEventPublisher

authorizationProperties

oAuth2ResourceServerProperties

plainOauth2UserService

oidcUserService

logoutSuccessHandler

opaqueTokenIntrospector

providerManager

Constructor Detail

OAuthSecurityConfiguration

Method Detail

getAuthorizationProperties

setAuthorizationProperties

getOpaqueTokenIntrospector

setOpaqueTokenIntrospector

getProviderManager

setProviderManager

getoAuth2ResourceServerProperties

setoAuth2ResourceServerProperties

getSecurityStateBean

setSecurityStateBean

configure

dashboard

grantedAuthoritiesExtractor