diff --git a/README.md b/README.md
index 6d9f9f202b094c5b500b6cdafa482bc535989b83..5d1471cd6addff6d56cb4f7757fcf81943d4dc73 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
# spring-boot-security-oauth2
This article aims to provide a working example of spring boot security oauth2. To ge started with this project just checkout the project
and set up the database configuration as per application.properties and run Application.java as a java application and you are done.
-The complete explanation is provided on my blog - [spring security oauth2 example](http://www.devglan.com/spring-security/spring-boot-security-oauth2-example)
+The complete explanation is provided on my blog - [spring security oauth2 example](https://www.devglan.com/spring-security/spring-boot-oauth2-jwt-example)
This project uses
1. Spring Boot 1.5.8.RELEASE
2. Java 8
diff --git a/pom.xml b/pom.xml
index aa6733c7144b355e299fbeda9fcb894441050e23..0028f702faa1afc9c77bb215b1da34d23884df9a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
4.0.0
com.devglan
- spring-boot-security-oauth2-example
+ spring-boot-security-oauth2-jwt-example
1.0-SNAPSHOT
@@ -31,6 +31,10 @@
org.springframework.security.oauth
spring-security-oauth2
+
+ org.springframework.security
+ spring-security-jwt
+
mysql
mysql-connector-java
diff --git a/spring-boot-security-oauth2-example.iml b/spring-boot-security-oauth2-example.iml
deleted file mode 100644
index 576f43eb246383fb23319219f866710eddee09d3..0000000000000000000000000000000000000000
--- a/spring-boot-security-oauth2-example.iml
+++ /dev/null
@@ -1,84 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
\ No newline at end of file
diff --git a/src/main/java/com/devglan/config/AuthorizationServerConfig.java b/src/main/java/com/devglan/config/AuthorizationServerConfig.java
index 9dd313afef000d9d5255eca913664682dfba856b..d7c6757930d73f2ef9da4bedc3b4dc1ac756598d 100644
--- a/src/main/java/com/devglan/config/AuthorizationServerConfig.java
+++ b/src/main/java/com/devglan/config/AuthorizationServerConfig.java
@@ -1,14 +1,16 @@
package com.devglan.config;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
-import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration
@EnableAuthorizationServer
@@ -18,23 +20,29 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
static final String CLIENT_SECRET = "devglan-secret";
static final String GRANT_TYPE_PASSWORD = "password";
static final String AUTHORIZATION_CODE = "authorization_code";
- static final String REFRESH_TOKEN = "refresh_token";
- static final String IMPLICIT = "implicit";
+ static final String REFRESH_TOKEN = "refresh_token";
+ static final String IMPLICIT = "implicit";
static final String SCOPE_READ = "read";
static final String SCOPE_WRITE = "write";
- static final String TRUST = "trust";
+ static final String TRUST = "trust";
static final int ACCESS_TOKEN_VALIDITY_SECONDS = 1*60*60;
- static final int FREFRESH_TOKEN_VALIDITY_SECONDS = 6*60*60;
-
- @Autowired
- private TokenStore tokenStore;
-
- @Autowired
- private UserApprovalHandler userApprovalHandler;
+ static final int FREFRESH_TOKEN_VALIDITY_SECONDS = 6*60*60;
@Autowired
private AuthenticationManager authenticationManager;
+ @Bean
+ public JwtAccessTokenConverter accessTokenConverter() {
+ JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+ converter.setSigningKey("as466gf");
+ return converter;
+ }
+
+ @Bean
+ public TokenStore tokenStore() {
+ return new JwtTokenStore(accessTokenConverter());
+ }
+
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
@@ -50,7 +58,8 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- endpoints.tokenStore(tokenStore).userApprovalHandler(userApprovalHandler)
- .authenticationManager(authenticationManager);
+ endpoints.tokenStore(tokenStore())
+ .authenticationManager(authenticationManager)
+ .accessTokenConverter(accessTokenConverter());
}
}
\ No newline at end of file
diff --git a/src/main/java/com/devglan/config/ResourceServerConfig.java b/src/main/java/com/devglan/config/ResourceServerConfig.java
index dfc24ad31f5e98e137f40b6bd32aa5c284de0669..7feb8fc69f052ac78b17fbb00640b53dafc8da98 100644
--- a/src/main/java/com/devglan/config/ResourceServerConfig.java
+++ b/src/main/java/com/devglan/config/ResourceServerConfig.java
@@ -1,18 +1,22 @@
package com.devglan.config;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
private static final String RESOURCE_ID = "resource_id";
-
+
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.resourceId(RESOURCE_ID).stateless(false);
diff --git a/src/main/java/com/devglan/config/SecurityConfig.java b/src/main/java/com/devglan/config/SecurityConfig.java
index 6b4e2213cfe1adfa2858c8d9dcd9feee1e534423..14aa248b56a305854b67561553af04caa50a1213 100644
--- a/src/main/java/com/devglan/config/SecurityConfig.java
+++ b/src/main/java/com/devglan/config/SecurityConfig.java
@@ -19,6 +19,8 @@ import org.springframework.security.oauth2.provider.approval.TokenStoreUserAppro
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
@@ -33,9 +35,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Resource(name = "userService")
private UserDetailsService userDetailsService;
- @Autowired
- private ClientDetailsService clientDetailsService;
-
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
@@ -57,29 +56,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers("/api-docs/**").permitAll();
}
- @Bean
- public TokenStore tokenStore() {
- return new InMemoryTokenStore();
- }
-
- @Bean
- @Autowired
- public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore){
- TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
- handler.setTokenStore(tokenStore);
- handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
- handler.setClientDetailsService(clientDetailsService);
- return handler;
- }
-
- @Bean
- @Autowired
- public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
- TokenApprovalStore store = new TokenApprovalStore();
- store.setTokenStore(tokenStore);
- return store;
- }
-
@Bean
public BCryptPasswordEncoder encoder(){
return new BCryptPasswordEncoder();