Skip to content

Commit 0983aa9

Browse files
eelhazatieelhazati
committed
CF UAA config && demo.
1 parent cb8bdb3 commit 0983aa9

11 files changed

Lines changed: 354 additions & 0 deletions

File tree

cloud-foundry-uaa/cf-uaa-config/uaa.yml

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
issuer:
2+
uri: http://localhost:8080/uaa
3+
4+
spring_profiles: postgresql,default
5+
6+
database.driverClassName: org.postgresql.Driver
7+
database.url: jdbc:postgresql:uaadb2
8+
database.username: postgres
9+
database.password: postgres
10+
11+
encryption:
12+
active_key_label: CHANGE-THIS-KEY
13+
encryption_keys:
14+
- label: CHANGE-THIS-KEY
15+
passphrase: CHANGEME
16+
17+
login:
18+
serviceProviderKey: |
19+
-----BEGIN RSA PRIVATE KEY-----
20+
MIICXQIBAAKBgQDHtC5gUXxBKpEqZTLkNvFwNGnNIkggNOwOQVNbpO0WVHIivig5
21+
L39WqS9u0hnA+O7MCA/KlrAR4bXaeVVhwfUPYBKIpaaTWFQR5cTR1UFZJL/OF9vA
22+
fpOwznoD66DDCnQVpbCjtDYWX+x6imxn8HCYxhMol6ZnTbSsFW6VZjFMjQIDAQAB
23+
AoGAVOj2Yvuigi6wJD99AO2fgF64sYCm/BKkX3dFEw0vxTPIh58kiRP554Xt5ges
24+
7ZCqL9QpqrChUikO4kJ+nB8Uq2AvaZHbpCEUmbip06IlgdA440o0r0CPo1mgNxGu
25+
lhiWRN43Lruzfh9qKPhleg2dvyFGQxy5Gk6KW/t8IS4x4r0CQQD/dceBA+Ndj3Xp
26+
ubHfxqNz4GTOxndc/AXAowPGpge2zpgIc7f50t8OHhG6XhsfJ0wyQEEvodDhZPYX
27+
kKBnXNHzAkEAyCA76vAwuxqAd3MObhiebniAU3SnPf2u4fdL1EOm92dyFs1JxyyL
28+
gu/DsjPjx6tRtn4YAalxCzmAMXFSb1qHfwJBAM3qx3z0gGKbUEWtPHcP7BNsrnWK
29+
vw6By7VC8bk/ffpaP2yYspS66Le9fzbFwoDzMVVUO/dELVZyBnhqSRHoXQcCQQCe
30+
A2WL8S5o7Vn19rC0GVgu3ZJlUrwiZEVLQdlrticFPXaFrn3Md82ICww3jmURaKHS
31+
N+l4lnMda79eSp3OMmq9AkA0p79BvYsLshUJJnvbk76pCjR28PK4dV1gSDUEqQMB
32+
qy45ptdwJLqLJCeNoR0JUcDNIRhOCuOPND7pcMtX6hI/
33+
-----END RSA PRIVATE KEY-----
34+
serviceProviderKeyPassword: password
35+
serviceProviderCertificate: |
36+
-----BEGIN CERTIFICATE-----
37+
MIIDSTCCArKgAwIBAgIBADANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJhdzEO
38+
MAwGA1UECBMFYXJ1YmExDjAMBgNVBAoTBWFydWJhMQ4wDAYDVQQHEwVhcnViYTEO
39+
MAwGA1UECxMFYXJ1YmExDjAMBgNVBAMTBWFydWJhMR0wGwYJKoZIhvcNAQkBFg5h
40+
cnViYUBhcnViYS5hcjAeFw0xNTExMjAyMjI2MjdaFw0xNjExMTkyMjI2MjdaMHwx
41+
CzAJBgNVBAYTAmF3MQ4wDAYDVQQIEwVhcnViYTEOMAwGA1UEChMFYXJ1YmExDjAM
42+
BgNVBAcTBWFydWJhMQ4wDAYDVQQLEwVhcnViYTEOMAwGA1UEAxMFYXJ1YmExHTAb
43+
BgkqhkiG9w0BCQEWDmFydWJhQGFydWJhLmFyMIGfMA0GCSqGSIb3DQEBAQUAA4GN
44+
ADCBiQKBgQDHtC5gUXxBKpEqZTLkNvFwNGnNIkggNOwOQVNbpO0WVHIivig5L39W
45+
qS9u0hnA+O7MCA/KlrAR4bXaeVVhwfUPYBKIpaaTWFQR5cTR1UFZJL/OF9vAfpOw
46+
znoD66DDCnQVpbCjtDYWX+x6imxn8HCYxhMol6ZnTbSsFW6VZjFMjQIDAQABo4Ha
47+
MIHXMB0GA1UdDgQWBBTx0lDzjH/iOBnOSQaSEWQLx1syGDCBpwYDVR0jBIGfMIGc
48+
gBTx0lDzjH/iOBnOSQaSEWQLx1syGKGBgKR+MHwxCzAJBgNVBAYTAmF3MQ4wDAYD
49+
VQQIEwVhcnViYTEOMAwGA1UEChMFYXJ1YmExDjAMBgNVBAcTBWFydWJhMQ4wDAYD
50+
VQQLEwVhcnViYTEOMAwGA1UEAxMFYXJ1YmExHTAbBgkqhkiG9w0BCQEWDmFydWJh
51+
QGFydWJhLmFyggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAYvBJ
52+
0HOZbbHClXmGUjGs+GS+xC1FO/am2suCSYqNB9dyMXfOWiJ1+TLJk+o/YZt8vuxC
53+
KdcZYgl4l/L6PxJ982SRhc83ZW2dkAZI4M0/Ud3oePe84k8jm3A7EvH5wi5hvCkK
54+
RpuRBwn3Ei+jCRouxTbzKPsuCVB+1sNyxMTXzf0=
55+
-----END CERTIFICATE-----
56+
57+
#The secret that an external login server will use to authenticate to the uaa using the id `login`
58+
LOGIN_SECRET: loginsecret
59+
60+
jwt:
61+
token:
62+
signing-key: |
63+
-----BEGIN RSA PRIVATE KEY-----
64+
MIIEpAIBAAKCAQEAqUeygEfDGxI6c1VDQ6xIyUSLrP6iz1y97iHFbtXSxXaArL4a
65+
...
66+
v6Mtt5LcRAAVP7pemunTdju4h8Q/noKYlVDVL30uLYUfKBL4UKfOBw==
67+
-----END RSA PRIVATE KEY-----
68+
verification-key: |
69+
-----BEGIN PUBLIC KEY-----
70+
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUeygEfDGxI6c1VDQ6xI
71+
...
72+
AwIDAQAB
73+
-----END PUBLIC KEY-----

cloud-foundry-uaa/cf-uaa-oauth2-client/pom.xml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4+
<modelVersion>4.0.0</modelVersion>
5+
<parent>
6+
<groupId>org.springframework.boot</groupId>
7+
<artifactId>spring-boot-starter-parent</artifactId>
8+
<version>2.1.3.RELEASE</version>
9+
<relativePath/> <!-- lookup parent from repository -->
10+
</parent>
11+
<groupId>com.example</groupId>
12+
<artifactId>cf-uaa-oauth2-client</artifactId>
13+
<version>0.0.1-SNAPSHOT</version>
14+
<name>uaa-client-webapp</name>
15+
<description>Demo project for Spring Boot</description>
16+
17+
<properties>
18+
<java.version>1.8</java.version>
19+
</properties>
20+
21+
<dependencies>
22+
23+
<dependency>
24+
<groupId>org.springframework.boot</groupId>
25+
<artifactId>spring-boot-starter-web</artifactId>
26+
</dependency>
27+
<dependency>
28+
<groupId>org.springframework.boot</groupId>
29+
<artifactId>spring-boot-starter-oauth2-client</artifactId>
30+
</dependency>
31+
32+
</dependencies>
33+
34+
<build>
35+
<plugins>
36+
<plugin>
37+
<groupId>org.springframework.boot</groupId>
38+
<artifactId>spring-boot-maven-plugin</artifactId>
39+
</plugin>
40+
</plugins>
41+
</build>
42+
43+
</project>

cloud-foundry-uaa/cf-uaa-oauth2-client/src/main/java/com/baeldung/cfuaa/oauth2/client/CFUAAOAuth2ClientApplication.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
package com.baeldung.cfuaa.oauth2.client;
2+
3+
import org.springframework.boot.SpringApplication;
4+
import org.springframework.boot.autoconfigure.SpringBootApplication;
5+
6+
@SpringBootApplication
7+
public class CFUAAOAuth2ClientApplication {
8+
9+
public static void main(String[] args) {
10+
SpringApplication.run(CFUAAOAuth2ClientApplication.class, args);
11+
}
12+
13+
}

cloud-foundry-uaa/cf-uaa-oauth2-client/src/main/java/com/baeldung/cfuaa/oauth2/client/CFUAAOAuth2ClientController.java

Lines changed: 80 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,80 @@
1+
package com.baeldung.cfuaa.oauth2.client;
2+
3+
import org.springframework.beans.factory.annotation.Value;
4+
import org.springframework.http.HttpEntity;
5+
import org.springframework.http.HttpHeaders;
6+
import org.springframework.http.HttpMethod;
7+
import org.springframework.http.ResponseEntity;
8+
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
9+
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
10+
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
11+
import org.springframework.security.oauth2.core.OAuth2AccessToken;
12+
import org.springframework.web.bind.annotation.RequestMapping;
13+
import org.springframework.web.bind.annotation.RestController;
14+
import org.springframework.web.client.HttpClientErrorException;
15+
import org.springframework.web.client.RestTemplate;
16+
17+
@RestController
18+
public class CFUAAOAuth2ClientController {
19+
20+
@Value("${resource.server.url}")
21+
private String remoteResourceServer;
22+
23+
private RestTemplate restTemplate;
24+
25+
private OAuth2AuthorizedClientService authorizedClientService;
26+
27+
public CFUAAOAuth2ClientController(OAuth2AuthorizedClientService authorizedClientService) {
28+
this.authorizedClientService = authorizedClientService;
29+
this.restTemplate = new RestTemplate();
30+
}
31+
32+
@RequestMapping("/")
33+
public String index(OAuth2AuthenticationToken authenticationToken) {
34+
OAuth2AuthorizedClient oAuth2AuthorizedClient = this.authorizedClientService.loadAuthorizedClient(authenticationToken.getAuthorizedClientRegistrationId(), authenticationToken.getName());
35+
OAuth2AccessToken oAuth2AccessToken = oAuth2AuthorizedClient.getAccessToken();
36+
37+
String response = "Hello, " + authenticationToken.getPrincipal().getName();
38+
response += "</br></br>";
39+
response += "Here is your accees token :</br>" + oAuth2AccessToken.getTokenValue();
40+
response += "</br>";
41+
response += "</br>You can use it to call these Resource Server APIs:";
42+
response += "</br></br>";
43+
response += "<a href='/read'>Call Resource Server Read API</a>";
44+
response += "</br>";
45+
response += "<a href='/write'>Call Resource Server Write API</a>";
46+
return response;
47+
}
48+
49+
@RequestMapping("/read")
50+
public String read(OAuth2AuthenticationToken authenticationToken) {
51+
String url = remoteResourceServer + "/read";
52+
return callResourceServer(authenticationToken, url);
53+
}
54+
55+
@RequestMapping("/write")
56+
public String write(OAuth2AuthenticationToken authenticationToken) {
57+
String url = remoteResourceServer + "/write";
58+
return callResourceServer(authenticationToken, url);
59+
}
60+
61+
private String callResourceServer(OAuth2AuthenticationToken authenticationToken, String url) {
62+
OAuth2AuthorizedClient oAuth2AuthorizedClient = this.authorizedClientService.loadAuthorizedClient(authenticationToken.getAuthorizedClientRegistrationId(), authenticationToken.getName());
63+
OAuth2AccessToken oAuth2AccessToken = oAuth2AuthorizedClient.getAccessToken();
64+
65+
HttpHeaders headers = new HttpHeaders();
66+
headers.add("Authorization", "Bearer " + oAuth2AccessToken.getTokenValue());
67+
68+
HttpEntity<String> entity = new HttpEntity<>("parameters", headers);
69+
ResponseEntity<String> responseEntity = null;
70+
71+
String response = null;
72+
try {
73+
responseEntity = restTemplate.exchange(url, HttpMethod.GET, entity, String.class);
74+
response = responseEntity.getBody();
75+
} catch (HttpClientErrorException e) {
76+
response = e.getMessage();
77+
}
78+
return response;
79+
}
80+
}

cloud-foundry-uaa/cf-uaa-oauth2-client/src/main/resources/application.properties

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# SECURITY OAUTH2 CLIENT (OAuth2ClientProperties)
2+
#spring.security.oauth2.client.provider.*= # OAuth provider details.
3+
#spring.security.oauth2.client.registration.*= # OAuth client registrations.
4+
5+
server.port=8081
6+
#server.servlet.context-path=/uaa-client-webapp
7+
8+
uaa.url=http://localhost:8080/uaa
9+
resource.server.url=http://localhost:8082
10+
11+
spring.security.oauth2.client.registration.uaa.client-name=UAA OAuth2 Client
12+
spring.security.oauth2.client.registration.uaa.client-id=client1
13+
spring.security.oauth2.client.registration.uaa.client-secret=client1
14+
spring.security.oauth2.client.registration.uaa.authorization-grant-type=authorization_code
15+
spring.security.oauth2.client.registration.uaa.scope=resource.read,resource.write,openid,profile
16+
spring.security.oauth2.client.registration.uaa.redirect-uri=http://localhost:8081/login/oauth2/code/uaa
17+
#spring.security.oauth2.client.registration.uaa.redirect-uri=http://localhost:8081/**
18+
19+
spring.security.oauth2.client.provider.uaa.token-uri=${uaa.url}/oauth/token
20+
spring.security.oauth2.client.provider.uaa.authorization-uri=${uaa.url}/oauth/authorize
21+
spring.security.oauth2.client.provider.uaa.jwk-set-uri=${uaa.url}/token_keys
22+
spring.security.oauth2.client.provider.uaa.user-info-uri=${uaa.url}/userinfo
23+
spring.security.oauth2.client.provider.uaa.user-name-attribute=user_name

cloud-foundry-uaa/cf-uaa-oauth2-client/src/main/resources/templates/index.html

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
tintin

cloud-foundry-uaa/cf-uaa-oauth2-resource-server/pom.xml

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4+
<modelVersion>4.0.0</modelVersion>
5+
<parent>
6+
<groupId>org.springframework.boot</groupId>
7+
<artifactId>spring-boot-starter-parent</artifactId>
8+
<version>2.1.3.RELEASE</version>
9+
<relativePath/> <!-- lookup parent from repository -->
10+
</parent>
11+
<groupId>com.baeldung.cfuaa</groupId>
12+
<artifactId>cf-uaa-oauth2-resource-server</artifactId>
13+
<version>0.0.1-SNAPSHOT</version>
14+
<name>cf-uaa-oauth2-resource-server</name>
15+
<description>Demo project for Spring Boot</description>
16+
17+
<properties>
18+
<java.version>1.8</java.version>
19+
</properties>
20+
21+
<dependencies>
22+
23+
<dependency>
24+
<groupId>org.springframework.boot</groupId>
25+
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
26+
</dependency>
27+
<dependency>
28+
<groupId>org.springframework.boot</groupId>
29+
<artifactId>spring-boot-starter-web</artifactId>
30+
</dependency>
31+
32+
</dependencies>
33+
34+
<build>
35+
<plugins>
36+
<plugin>
37+
<groupId>org.springframework.boot</groupId>
38+
<artifactId>spring-boot-maven-plugin</artifactId>
39+
</plugin>
40+
</plugins>
41+
</build>
42+
43+
</project>

cloud-foundry-uaa/cf-uaa-oauth2-resource-server/src/main/java/com/baeldung/cfuaa/oauth2/resourceserver/CFUAAOAuth2ResourceServerApplication.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
package com.baeldung.cfuaa.oauth2.resourceserver;
2+
3+
import org.springframework.boot.SpringApplication;
4+
import org.springframework.boot.autoconfigure.SpringBootApplication;
5+
6+
@SpringBootApplication
7+
public class CFUAAOAuth2ResourceServerApplication {
8+
9+
public static void main(String[] args) {
10+
SpringApplication.run(CFUAAOAuth2ResourceServerApplication.class, args);
11+
}
12+
13+
}

cloud-foundry-uaa/cf-uaa-oauth2-resource-server/src/main/java/com/baeldung/cfuaa/oauth2/resourceserver/CFUAAOAuth2ResourceServerRestController.java

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
package com.baeldung.cfuaa.oauth2.resourceserver;
2+
3+
import org.springframework.security.core.annotation.AuthenticationPrincipal;
4+
import org.springframework.security.oauth2.jwt.Jwt;
5+
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
6+
import org.springframework.web.bind.annotation.GetMapping;
7+
import org.springframework.web.bind.annotation.RestController;
8+
9+
import java.security.Principal;
10+
11+
@RestController
12+
public class CFUAAOAuth2ResourceServerRestController {
13+
14+
@GetMapping("/")
15+
public String index(@AuthenticationPrincipal Jwt jwt) {
16+
return String.format("Hello, %s!", jwt.getSubject());
17+
}
18+
19+
@GetMapping("/read")
20+
public String read(JwtAuthenticationToken jwtAuthenticationToken) {
21+
return "Hello write: " + jwtAuthenticationToken.getTokenAttributes();
22+
}
23+
24+
@GetMapping("/write")
25+
public String write(Principal principal) {
26+
return "Hello write: " + principal.getName();
27+
}
28+
}

cloud-foundry-uaa/cf-uaa-oauth2-resource-server/src/main/java/com/baeldung/cfuaa/oauth2/resourceserver/CFUAAOAuth2ResourceServerSecurityConfiguration.java

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
package com.baeldung.cfuaa.oauth2.resourceserver;
2+
3+
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
4+
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
5+
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
6+
7+
@EnableWebSecurity
8+
public class CFUAAOAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
9+
10+
@Override
11+
protected void configure(HttpSecurity http) throws Exception {
12+
http
13+
.authorizeRequests()
14+
.antMatchers("/read/**").hasAuthority("SCOPE_resource.read")
15+
.antMatchers("/write/**").hasAuthority("SCOPE_resource.write")
16+
.anyRequest().authenticated()
17+
.and()
18+
.oauth2ResourceServer()
19+
.jwt();
20+
}
21+
}

0 commit comments

Comments
 (0)