View Javadoc

1   package org.springframework.security.oauth.examples.config;
2   
3   import java.util.Arrays;
4   import java.util.Collections;
5   import java.util.List;
6   
7   import javax.annotation.Resource;
8   
9   import org.springframework.beans.factory.annotation.Qualifier;
10  import org.springframework.beans.factory.annotation.Value;
11  import org.springframework.context.annotation.Bean;
12  import org.springframework.context.annotation.Configuration;
13  import org.springframework.context.annotation.PropertySource;
14  import org.springframework.context.annotation.Scope;
15  import org.springframework.context.annotation.ScopedProxyMode;
16  import org.springframework.context.support.ConversionServiceFactoryBean;
17  import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
18  import org.springframework.http.MediaType;
19  import org.springframework.http.converter.BufferedImageHttpMessageConverter;
20  import org.springframework.http.converter.HttpMessageConverter;
21  import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
22  import org.springframework.security.oauth.examples.tonr.SparklrService;
23  import org.springframework.security.oauth.examples.tonr.converter.AccessTokenRequestConverter;
24  import org.springframework.security.oauth.examples.tonr.impl.SparklrServiceImpl;
25  import org.springframework.security.oauth.examples.tonr.mvc.FacebookController;
26  import org.springframework.security.oauth.examples.tonr.mvc.SparklrController;
27  import org.springframework.security.oauth.examples.tonr.mvc.SparklrRedirectController;
28  import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
29  import org.springframework.security.oauth2.client.OAuth2RestTemplate;
30  import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
31  import org.springframework.security.oauth2.client.token.AccessTokenRequest;
32  import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
33  import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
34  import org.springframework.security.oauth2.common.AuthenticationScheme;
35  import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
36  import org.springframework.web.accept.ContentNegotiationManagerFactoryBean;
37  import org.springframework.web.client.RestOperations;
38  import org.springframework.web.servlet.View;
39  import org.springframework.web.servlet.ViewResolver;
40  import org.springframework.web.servlet.config.annotation.DefaultServletHandlerConfigurer;
41  import org.springframework.web.servlet.config.annotation.EnableWebMvc;
42  import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
43  import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
44  import org.springframework.web.servlet.view.ContentNegotiatingViewResolver;
45  import org.springframework.web.servlet.view.InternalResourceViewResolver;
46  import org.springframework.web.servlet.view.json.MappingJacksonJsonView;
47  
48  @Configuration
49  @EnableWebMvc
50  @PropertySource("classpath:sparklr.properties")
51  public class WebMvcConfig extends WebMvcConfigurerAdapter {
52  
53  	@Bean
54  	public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer() {
55  		return new PropertySourcesPlaceholderConfigurer();
56  	}
57  
58  	@Bean
59  	public ContentNegotiatingViewResolver contentViewResolver() throws Exception {
60  		ContentNegotiatingViewResolver contentViewResolver = new ContentNegotiatingViewResolver();
61  		ContentNegotiationManagerFactoryBean contentNegotiationManager = new ContentNegotiationManagerFactoryBean();
62  		contentNegotiationManager.addMediaType("json", MediaType.APPLICATION_JSON);
63  		contentViewResolver.setContentNegotiationManager(contentNegotiationManager.getObject());
64  		contentViewResolver.setDefaultViews(Arrays.<View> asList(new MappingJacksonJsonView()));
65  		return contentViewResolver;
66  	}
67  
68  	@Bean
69  	public ViewResolver viewResolver() {
70  		InternalResourceViewResolver viewResolver = new InternalResourceViewResolver();
71  		viewResolver.setPrefix("/WEB-INF/jsp/");
72  		viewResolver.setSuffix(".jsp");
73  		return viewResolver;
74  	}
75  
76  	@Override
77  	public void configureDefaultServletHandling(DefaultServletHandlerConfigurer configurer) {
78  		configurer.enable();
79  	}
80  
81  	@Bean
82  	public SparklrController sparklrController(@Qualifier("sparklrService")
83  	SparklrService sparklrService) {
84  		SparklrController controller = new SparklrController();
85  		controller.setSparklrService(sparklrService);
86  		return controller;
87  	}
88  
89  	@Bean
90  	public SparklrRedirectController sparklrRedirectController(@Qualifier("sparklrRedirectService")
91  	SparklrService sparklrService) {
92  		SparklrRedirectController controller = new SparklrRedirectController();
93  		controller.setSparklrService(sparklrService);
94  		return controller;
95  	}
96  
97  	@Bean
98  	public FacebookController facebookController(@Qualifier("facebookRestTemplate")
99  	RestOperations facebookRestTemplate) {
100 		FacebookController controller = new FacebookController();
101 		controller.setFacebookRestTemplate(facebookRestTemplate);
102 		return controller;
103 	}
104 
105 	@Bean
106 	public SparklrServiceImpl sparklrService(@Value("${sparklrPhotoListURL}")
107 	String sparklrPhotoListURL, @Value("${sparklrPhotoURLPattern}")
108 	String sparklrPhotoURLPattern, @Value("${sparklrTrustedMessageURL}")
109 	String sparklrTrustedMessageURL, @Qualifier("sparklrRestTemplate")
110 	RestOperations sparklrRestTemplate, @Qualifier("trustedClientRestTemplate")
111 	RestOperations trustedClientRestTemplate) {
112 		SparklrServiceImpl sparklrService = new SparklrServiceImpl();
113 		sparklrService.setSparklrPhotoListURL(sparklrPhotoListURL);
114 		sparklrService.setSparklrPhotoURLPattern(sparklrPhotoURLPattern);
115 		sparklrService.setSparklrTrustedMessageURL(sparklrTrustedMessageURL);
116 		sparklrService.setSparklrRestTemplate(sparklrRestTemplate);
117 		sparklrService.setTrustedClientRestTemplate(trustedClientRestTemplate);
118 		return sparklrService;
119 	}
120 
121 	@Bean
122 	public SparklrServiceImpl sparklrRedirectService(@Value("${sparklrPhotoListURL}")
123 	String sparklrPhotoListURL, @Value("${sparklrPhotoURLPattern}")
124 	String sparklrPhotoURLPattern, @Value("${sparklrTrustedMessageURL}")
125 	String sparklrTrustedMessageURL, @Qualifier("sparklrRedirectRestTemplate")
126 	RestOperations sparklrRestTemplate, @Qualifier("trustedClientRestTemplate")
127 	RestOperations trustedClientRestTemplate) {
128 		SparklrServiceImpl sparklrService = new SparklrServiceImpl();
129 		sparklrService.setSparklrPhotoListURL(sparklrPhotoListURL);
130 		sparklrService.setSparklrPhotoURLPattern(sparklrPhotoURLPattern);
131 		sparklrService.setSparklrTrustedMessageURL(sparklrTrustedMessageURL);
132 		sparklrService.setSparklrRestTemplate(sparklrRestTemplate);
133 		sparklrService.setTrustedClientRestTemplate(trustedClientRestTemplate);
134 		return sparklrService;
135 	}
136 
137 	@Bean
138 	public ConversionServiceFactoryBean conversionService() {
139 		ConversionServiceFactoryBean conversionService = new ConversionServiceFactoryBean();
140 		conversionService.setConverters(Collections.singleton(new AccessTokenRequestConverter()));
141 		return conversionService;
142 	}
143 
144 	public void addResourceHandlers(ResourceHandlerRegistry registry) {
145 		registry.addResourceHandler("/resources/**").addResourceLocations("/resources/");
146 	}
147 
148 	@Override
149 	public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
150 		converters.add(new BufferedImageHttpMessageConverter());
151 	}
152 
153 	@Configuration
154 	@EnableOAuth2Client
155 	protected static class ResourceConfiguration {
156 
157 		@Value("${accessTokenUri}")
158 		private String accessTokenUri;
159 
160 		@Value("${userAuthorizationUri}")
161 		private String userAuthorizationUri;
162 
163 		@Resource
164 		@Qualifier("accessTokenRequest")
165 		private AccessTokenRequest accessTokenRequest;
166 
167 		@Bean
168 		public OAuth2ProtectedResourceDetails sparklr() {
169 			AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
170 			details.setId("sparklr/tonr");
171 			details.setClientId("tonr");
172 			details.setClientSecret("secret");
173 			details.setAccessTokenUri(accessTokenUri);
174 			details.setUserAuthorizationUri(userAuthorizationUri);
175 			details.setScope(Arrays.asList("read", "write"));
176 			return details;
177 		}
178 
179 		@Bean
180 		public OAuth2ProtectedResourceDetails sparklrRedirect() {
181 			AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
182 			details.setId("sparklr/tonr-redirect");
183 			details.setClientId("tonr-with-redirect");
184 			details.setClientSecret("secret");
185 			details.setAccessTokenUri(accessTokenUri);
186 			details.setUserAuthorizationUri(userAuthorizationUri);
187 			details.setScope(Arrays.asList("read", "write"));
188 			details.setUseCurrentUri(false);
189 			return details;
190 		}
191 
192 		@Bean
193 		public OAuth2ProtectedResourceDetails facebook() {
194 			AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
195 			details.setId("facebook");
196 			details.setClientId("233668646673605");
197 			details.setClientSecret("33b17e044ee6a4fa383f46ec6e28ea1d");
198 			details.setAccessTokenUri("https://graph.facebook.com/oauth/access_token");
199 			details.setUserAuthorizationUri("https://www.facebook.com/dialog/oauth");
200 			details.setTokenName("oauth_token");
201 			details.setAuthenticationScheme(AuthenticationScheme.query);
202 			details.setClientAuthenticationScheme(AuthenticationScheme.form);
203 			return details;
204 		}
205 
206 		@Bean
207 		public OAuth2ProtectedResourceDetails trusted() {
208 			ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
209 			details.setId("sparklr/trusted");
210 			details.setClientId("my-client-with-registered-redirect");
211 			details.setAccessTokenUri(accessTokenUri);
212 			details.setScope(Arrays.asList("trust"));
213 			return details;
214 		}
215 
216 		@Bean
217 		@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
218 		public OAuth2RestTemplate facebookRestTemplate() {
219 			OAuth2RestTemplate template = new OAuth2RestTemplate(facebook(), new DefaultOAuth2ClientContext(
220 					accessTokenRequest));
221 			MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
222 			converter.setSupportedMediaTypes(Arrays.asList(MediaType.APPLICATION_JSON,
223 					MediaType.valueOf("text/javascript")));
224 			template.setMessageConverters(Arrays.<HttpMessageConverter<?>> asList(converter));
225 			return template;
226 		}
227 
228 		@Bean
229 		@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
230 		public OAuth2RestTemplate sparklrRestTemplate() {
231 			return new OAuth2RestTemplate(sparklr(), new DefaultOAuth2ClientContext(accessTokenRequest));
232 		}
233 
234 		@Bean
235 		@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
236 		public OAuth2RestTemplate sparklrRedirectRestTemplate() {
237 			return new OAuth2RestTemplate(sparklrRedirect(), new DefaultOAuth2ClientContext(accessTokenRequest));
238 		}
239 
240 		@Bean
241 		public OAuth2RestTemplate trustedClientRestTemplate() {
242 			return new OAuth2RestTemplate(trusted(), new DefaultOAuth2ClientContext());
243 		}
244 
245 	}
246 
247 }