1 package org.springframework.security.oauth.examples.config; 2 3 import java.util.Arrays; 4 import java.util.Collections; 5 import java.util.List; 6 7 import javax.annotation.Resource; 8 9 import org.springframework.beans.factory.annotation.Qualifier; 10 import org.springframework.beans.factory.annotation.Value; 11 import org.springframework.context.annotation.Bean; 12 import org.springframework.context.annotation.Configuration; 13 import org.springframework.context.annotation.PropertySource; 14 import org.springframework.context.annotation.Scope; 15 import org.springframework.context.annotation.ScopedProxyMode; 16 import org.springframework.context.support.ConversionServiceFactoryBean; 17 import org.springframework.context.support.PropertySourcesPlaceholderConfigurer; 18 import org.springframework.http.MediaType; 19 import org.springframework.http.converter.BufferedImageHttpMessageConverter; 20 import org.springframework.http.converter.HttpMessageConverter; 21 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; 22 import org.springframework.security.oauth.examples.tonr.SparklrService; 23 import org.springframework.security.oauth.examples.tonr.converter.AccessTokenRequestConverter; 24 import org.springframework.security.oauth.examples.tonr.impl.SparklrServiceImpl; 25 import org.springframework.security.oauth.examples.tonr.mvc.FacebookController; 26 import org.springframework.security.oauth.examples.tonr.mvc.SparklrController; 27 import org.springframework.security.oauth.examples.tonr.mvc.SparklrRedirectController; 28 import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext; 29 import org.springframework.security.oauth2.client.OAuth2RestTemplate; 30 import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails; 31 import org.springframework.security.oauth2.client.token.AccessTokenRequest; 32 import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; 33 import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails; 34 import org.springframework.security.oauth2.common.AuthenticationScheme; 35 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client; 36 import org.springframework.web.accept.ContentNegotiationManagerFactoryBean; 37 import org.springframework.web.client.RestOperations; 38 import org.springframework.web.servlet.View; 39 import org.springframework.web.servlet.ViewResolver; 40 import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer; 41 import org.springframework.web.servlet.config.annotation.EnableWebMvc; 42 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; 43 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; 44 import org.springframework.web.servlet.view.ContentNegotiatingViewResolver; 45 import org.springframework.web.servlet.view.InternalResourceViewResolver; 46 import org.springframework.web.servlet.view.json.MappingJacksonJsonView; 47 48 @Configuration 49 @EnableWebMvc 50 @PropertySource("classpath:sparklr.properties") 51 public class WebMvcConfig extends WebMvcConfigurerAdapter { 52 53 @Bean 54 public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() { 55 return new PropertySourcesPlaceholderConfigurer(); 56 } 57 58 @Bean 59 public ContentNegotiatingViewResolver contentViewResolver() throws Exception { 60 ContentNegotiatingViewResolver contentViewResolver = new ContentNegotiatingViewResolver(); 61 ContentNegotiationManagerFactoryBean contentNegotiationManager = new ContentNegotiationManagerFactoryBean(); 62 contentNegotiationManager.addMediaType("json", MediaType.APPLICATION_JSON); 63 contentViewResolver.setContentNegotiationManager(contentNegotiationManager.getObject()); 64 contentViewResolver.setDefaultViews(Arrays.<View> asList(new MappingJacksonJsonView())); 65 return contentViewResolver; 66 } 67 68 @Bean 69 public ViewResolver viewResolver() { 70 InternalResourceViewResolver viewResolver = new InternalResourceViewResolver(); 71 viewResolver.setPrefix("/WEB-INF/jsp/"); 72 viewResolver.setSuffix(".jsp"); 73 return viewResolver; 74 } 75 76 @Override 77 public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) { 78 configurer.enable(); 79 } 80 81 @Bean 82 public SparklrController sparklrController(@Qualifier("sparklrService") 83 SparklrService sparklrService) { 84 SparklrController controller = new SparklrController(); 85 controller.setSparklrService(sparklrService); 86 return controller; 87 } 88 89 @Bean 90 public SparklrRedirectController sparklrRedirectController(@Qualifier("sparklrRedirectService") 91 SparklrService sparklrService) { 92 SparklrRedirectController controller = new SparklrRedirectController(); 93 controller.setSparklrService(sparklrService); 94 return controller; 95 } 96 97 @Bean 98 public FacebookController facebookController(@Qualifier("facebookRestTemplate") 99 RestOperations facebookRestTemplate) { 100 FacebookController controller = new FacebookController(); 101 controller.setFacebookRestTemplate(facebookRestTemplate); 102 return controller; 103 } 104 105 @Bean 106 public SparklrServiceImpl sparklrService(@Value("${sparklrPhotoListURL}") 107 String sparklrPhotoListURL, @Value("${sparklrPhotoURLPattern}") 108 String sparklrPhotoURLPattern, @Value("${sparklrTrustedMessageURL}") 109 String sparklrTrustedMessageURL, @Qualifier("sparklrRestTemplate") 110 RestOperations sparklrRestTemplate, @Qualifier("trustedClientRestTemplate") 111 RestOperations trustedClientRestTemplate) { 112 SparklrServiceImpl sparklrService = new SparklrServiceImpl(); 113 sparklrService.setSparklrPhotoListURL(sparklrPhotoListURL); 114 sparklrService.setSparklrPhotoURLPattern(sparklrPhotoURLPattern); 115 sparklrService.setSparklrTrustedMessageURL(sparklrTrustedMessageURL); 116 sparklrService.setSparklrRestTemplate(sparklrRestTemplate); 117 sparklrService.setTrustedClientRestTemplate(trustedClientRestTemplate); 118 return sparklrService; 119 } 120 121 @Bean 122 public SparklrServiceImpl sparklrRedirectService(@Value("${sparklrPhotoListURL}") 123 String sparklrPhotoListURL, @Value("${sparklrPhotoURLPattern}") 124 String sparklrPhotoURLPattern, @Value("${sparklrTrustedMessageURL}") 125 String sparklrTrustedMessageURL, @Qualifier("sparklrRedirectRestTemplate") 126 RestOperations sparklrRestTemplate, @Qualifier("trustedClientRestTemplate") 127 RestOperations trustedClientRestTemplate) { 128 SparklrServiceImpl sparklrService = new SparklrServiceImpl(); 129 sparklrService.setSparklrPhotoListURL(sparklrPhotoListURL); 130 sparklrService.setSparklrPhotoURLPattern(sparklrPhotoURLPattern); 131 sparklrService.setSparklrTrustedMessageURL(sparklrTrustedMessageURL); 132 sparklrService.setSparklrRestTemplate(sparklrRestTemplate); 133 sparklrService.setTrustedClientRestTemplate(trustedClientRestTemplate); 134 return sparklrService; 135 } 136 137 @Bean 138 public ConversionServiceFactoryBean conversionService() { 139 ConversionServiceFactoryBean conversionService = new ConversionServiceFactoryBean(); 140 conversionService.setConverters(Collections.singleton(new AccessTokenRequestConverter())); 141 return conversionService; 142 } 143 144 public void addResourceHandlers(ResourceHandlerRegistry registry) { 145 registry.addResourceHandler("/resources/**").addResourceLocations("/resources/"); 146 } 147 148 @Override 149 public void configureMessageConverters(List<HttpMessageConverter<?>> converters) { 150 converters.add(new BufferedImageHttpMessageConverter()); 151 } 152 153 @Configuration 154 @EnableOAuth2Client 155 protected static class ResourceConfiguration { 156 157 @Value("${accessTokenUri}") 158 private String accessTokenUri; 159 160 @Value("${userAuthorizationUri}") 161 private String userAuthorizationUri; 162 163 @Resource 164 @Qualifier("accessTokenRequest") 165 private AccessTokenRequest accessTokenRequest; 166 167 @Bean 168 public OAuth2ProtectedResourceDetails sparklr() { 169 AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails(); 170 details.setId("sparklr/tonr"); 171 details.setClientId("tonr"); 172 details.setClientSecret("secret"); 173 details.setAccessTokenUri(accessTokenUri); 174 details.setUserAuthorizationUri(userAuthorizationUri); 175 details.setScope(Arrays.asList("read", "write")); 176 return details; 177 } 178 179 @Bean 180 public OAuth2ProtectedResourceDetails sparklrRedirect() { 181 AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails(); 182 details.setId("sparklr/tonr-redirect"); 183 details.setClientId("tonr-with-redirect"); 184 details.setClientSecret("secret"); 185 details.setAccessTokenUri(accessTokenUri); 186 details.setUserAuthorizationUri(userAuthorizationUri); 187 details.setScope(Arrays.asList("read", "write")); 188 details.setUseCurrentUri(false); 189 return details; 190 } 191 192 @Bean 193 public OAuth2ProtectedResourceDetails facebook() { 194 AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails(); 195 details.setId("facebook"); 196 details.setClientId("233668646673605"); 197 details.setClientSecret("33b17e044ee6a4fa383f46ec6e28ea1d"); 198 details.setAccessTokenUri("https://graph.facebook.com/oauth/access_token"); 199 details.setUserAuthorizationUri("https://www.facebook.com/dialog/oauth"); 200 details.setTokenName("oauth_token"); 201 details.setAuthenticationScheme(AuthenticationScheme.query); 202 details.setClientAuthenticationScheme(AuthenticationScheme.form); 203 return details; 204 } 205 206 @Bean 207 public OAuth2ProtectedResourceDetails trusted() { 208 ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails(); 209 details.setId("sparklr/trusted"); 210 details.setClientId("my-client-with-registered-redirect"); 211 details.setAccessTokenUri(accessTokenUri); 212 details.setScope(Arrays.asList("trust")); 213 return details; 214 } 215 216 @Bean 217 @Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES) 218 public OAuth2RestTemplate facebookRestTemplate() { 219 OAuth2RestTemplate template = new OAuth2RestTemplate(facebook(), new DefaultOAuth2ClientContext( 220 accessTokenRequest)); 221 MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter(); 222 converter.setSupportedMediaTypes(Arrays.asList(MediaType.APPLICATION_JSON, 223 MediaType.valueOf("text/javascript"))); 224 template.setMessageConverters(Arrays.<HttpMessageConverter<?>> asList(converter)); 225 return template; 226 } 227 228 @Bean 229 @Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES) 230 public OAuth2RestTemplate sparklrRestTemplate() { 231 return new OAuth2RestTemplate(sparklr(), new DefaultOAuth2ClientContext(accessTokenRequest)); 232 } 233 234 @Bean 235 @Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES) 236 public OAuth2RestTemplate sparklrRedirectRestTemplate() { 237 return new OAuth2RestTemplate(sparklrRedirect(), new DefaultOAuth2ClientContext(accessTokenRequest)); 238 } 239 240 @Bean 241 public OAuth2RestTemplate trustedClientRestTemplate() { 242 return new OAuth2RestTemplate(trusted(), new DefaultOAuth2ClientContext()); 243 } 244 245 } 246 247 }