diff --git a/gateway/build.gradle b/gateway/build.gradle index c5eeddc..684b40e 100644 --- a/gateway/build.gradle +++ b/gateway/build.gradle @@ -21,21 +21,24 @@ sourceCompatibility = 1.8 targetCompatibility = 1.8 repositories { + mavenLocal() + maven { url "https://repo.spring.io/libs-snapshot" } maven { url "https://repo.spring.io/libs-milestone" } mavenCentral() } dependencyManagement { imports { - mavenBom 'org.springframework.cloud:spring-cloud-dependencies:Greenwich.RC1' + mavenBom 'org.springframework.cloud:spring-cloud-dependencies:Greenwich.SR1' } } dependencies { compile "org.springframework.boot:spring-boot-starter-webflux", - "org.springframework.boot:spring-boot-starter-thymeleaf", - "org.springframework.boot:spring-boot-starter-security", "org.springframework.boot:spring-boot-starter-oauth2-client", "org.springframework.cloud:spring-cloud-starter-gateway", + "org.springframework.cloud:spring-cloud-starter-security", + // for sample controller in gateway + "org.springframework.boot:spring-boot-starter-thymeleaf", "org.thymeleaf.extras:thymeleaf-extras-springsecurity5" -} \ No newline at end of file +} diff --git a/gateway/src/main/java/sample/GatewayApplication.java b/gateway/src/main/java/sample/GatewayApplication.java index a1f2051..7f98286 100644 --- a/gateway/src/main/java/sample/GatewayApplication.java +++ b/gateway/src/main/java/sample/GatewayApplication.java @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, @@ -15,12 +15,49 @@ */ package sample; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.cloud.gateway.route.RouteLocator; +import org.springframework.cloud.gateway.route.builder.RouteLocatorBuilder; +import org.springframework.cloud.security.oauth2.gateway.TokenRelayGatewayFilterFactory; +import org.springframework.context.annotation.Bean; +import org.springframework.security.core.annotation.AuthenticationPrincipal; +import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; +import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient; +import org.springframework.security.oauth2.core.user.OAuth2User; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.GetMapping; +@Controller @SpringBootApplication public class GatewayApplication { + @Autowired + private TokenRelayGatewayFilterFactory filterFactory; + + @Bean + public RouteLocator customRouteLocator(RouteLocatorBuilder builder) { + //@formatter:off + return builder.routes() + .route("resource", r -> r.path("/resource") + .filters(f -> f.filter(filterFactory.apply())) + .uri("http://localhost:9000")) + .build(); + //@formatter:on + } + + @GetMapping("/") + public String index(Model model, + @RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient, + @AuthenticationPrincipal OAuth2User oauth2User) { + model.addAttribute("userName", oauth2User.getName()); + model.addAttribute("clientName", authorizedClient.getClientRegistration().getClientName()); + model.addAttribute("userAttributes", oauth2User.getAttributes()); + return "index"; + } + public static void main(String[] args) { SpringApplication.run(GatewayApplication.class, args); } diff --git a/gateway/src/main/java/sample/GatewayConfig.java b/gateway/src/main/java/sample/GatewayConfig.java deleted file mode 100644 index 6652b5d..0000000 --- a/gateway/src/main/java/sample/GatewayConfig.java +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright 2002-2018 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package sample; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.cloud.gateway.filter.GatewayFilter; -import org.springframework.cloud.gateway.route.RouteLocator; -import org.springframework.cloud.gateway.route.builder.RouteLocatorBuilder; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; - -@Configuration -public class GatewayConfig { - - @Autowired - private GatewayFilter tokenRelayGatewayFilter; - - @Bean - public RouteLocator customRouteLocator(RouteLocatorBuilder builder) { - //@formatter:off - return builder.routes() - .route("resource", r -> r.path("/resource") - .filters(f -> f.filter(this.tokenRelayGatewayFilter)) - .uri("http://localhost:9000")) - .build(); - //@formatter:on - } - -} \ No newline at end of file diff --git a/gateway/src/main/java/sample/GatewayController.java b/gateway/src/main/java/sample/GatewayController.java deleted file mode 100644 index e6d1761..0000000 --- a/gateway/src/main/java/sample/GatewayController.java +++ /dev/null @@ -1,38 +0,0 @@ -/* - * Copyright 2002-2018 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package sample; - -import org.springframework.security.core.annotation.AuthenticationPrincipal; -import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; -import org.springframework.security.oauth2.client.annotation.RegisteredOAuth2AuthorizedClient; -import org.springframework.security.oauth2.core.user.OAuth2User; -import org.springframework.stereotype.Controller; -import org.springframework.ui.Model; -import org.springframework.web.bind.annotation.GetMapping; - -@Controller -public class GatewayController { - - @GetMapping("/") - public String index(Model model, - @RegisteredOAuth2AuthorizedClient OAuth2AuthorizedClient authorizedClient, - @AuthenticationPrincipal OAuth2User oauth2User) { - model.addAttribute("userName", oauth2User.getName()); - model.addAttribute("clientName", authorizedClient.getClientRegistration().getClientName()); - model.addAttribute("userAttributes", oauth2User.getAttributes()); - return "index"; - } -} \ No newline at end of file diff --git a/gateway/src/main/java/sample/TokenRelayGatewayFilter.java b/gateway/src/main/java/sample/TokenRelayGatewayFilter.java deleted file mode 100644 index e4d7b35..0000000 --- a/gateway/src/main/java/sample/TokenRelayGatewayFilter.java +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright 2002-2018 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package sample; - -import org.springframework.cloud.gateway.filter.GatewayFilter; -import org.springframework.cloud.gateway.filter.GatewayFilterChain; -import org.springframework.security.oauth2.client.OAuth2AuthorizedClient; -import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; -import org.springframework.security.oauth2.client.web.server.ServerOAuth2AuthorizedClientRepository; -import org.springframework.security.oauth2.core.OAuth2AccessToken; -import org.springframework.stereotype.Component; -import org.springframework.web.server.ServerWebExchange; -import reactor.core.publisher.Mono; - -@Component -public class TokenRelayGatewayFilter implements GatewayFilter { - private ServerOAuth2AuthorizedClientRepository authorizedClientRepository; - - public TokenRelayGatewayFilter(ServerOAuth2AuthorizedClientRepository authorizedClientRepository) { - this.authorizedClientRepository = authorizedClientRepository; - } - - @Override - public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { - return exchange.getPrincipal() - .cast(OAuth2AuthenticationToken.class) - .flatMap(authentication -> authorizedClient(exchange, authentication)) - .map(OAuth2AuthorizedClient::getAccessToken) - .map(token -> withBearerAuth(exchange, token)) - .defaultIfEmpty(exchange) - .flatMap(chain::filter); - } - - private Mono authorizedClient(ServerWebExchange exchange, OAuth2AuthenticationToken oauth2Authentication) { - return this.authorizedClientRepository.loadAuthorizedClient( - oauth2Authentication.getAuthorizedClientRegistrationId(), oauth2Authentication, exchange); - } - - private ServerWebExchange withBearerAuth(ServerWebExchange exchange, OAuth2AccessToken accessToken) { - return exchange.mutate() - .request(r -> r.headers(headers -> headers.setBearerAuth(accessToken.getTokenValue()))) - .build(); - } -} \ No newline at end of file diff --git a/gateway/src/main/resources/application.yml b/gateway/src/main/resources/application.yml index 17da6e6..1f967d1 100644 --- a/gateway/src/main/resources/application.yml +++ b/gateway/src/main/resources/application.yml @@ -11,6 +11,9 @@ logging: # org.springframework.boot.autoconfigure: DEBUG spring: + autoconfigure: + # TODO: remove when fixed https://github.com/spring-projects/spring-security/issues/6314 + exclude: org.springframework.boot.actuate.autoconfigure.security.reactive.ReactiveManagementWebSecurityAutoConfiguration thymeleaf: cache: false security: diff --git a/gateway/src/main/resources/templates/index.html b/gateway/src/main/resources/templates/index.html index bbb2fab..ce8cdcd 100644 --- a/gateway/src/main/resources/templates/index.html +++ b/gateway/src/main/resources/templates/index.html @@ -7,7 +7,7 @@ ~ * you may not use this file except in compliance with the License. ~ * You may obtain a copy of the License at ~ * - ~ * http://www.apache.org/licenses/LICENSE-2.0 + ~ * https://www.apache.org/licenses/LICENSE-2.0 ~ * ~ * Unless required by applicable law or agreed to in writing, software ~ * distributed under the License is distributed on an "AS IS" BASIS, @@ -18,7 +18,7 @@ ~ --> - + Spring Security - OAuth 2.0 Login diff --git a/resource-server/src/main/java/sample/OAuth2ResourceServerApplication.java b/resource-server/src/main/java/sample/OAuth2ResourceServerApplication.java index fba1601..1c24156 100644 --- a/resource-server/src/main/java/sample/OAuth2ResourceServerApplication.java +++ b/resource-server/src/main/java/sample/OAuth2ResourceServerApplication.java @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, diff --git a/resource-server/src/main/java/sample/OAuth2ResourceServerController.java b/resource-server/src/main/java/sample/OAuth2ResourceServerController.java index 95ed494..8459624 100644 --- a/resource-server/src/main/java/sample/OAuth2ResourceServerController.java +++ b/resource-server/src/main/java/sample/OAuth2ResourceServerController.java @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, diff --git a/resource-server/src/main/java/sample/SecurityConfig.java b/resource-server/src/main/java/sample/SecurityConfig.java index 7a1a058..15a1720 100644 --- a/resource-server/src/main/java/sample/SecurityConfig.java +++ b/resource-server/src/main/java/sample/SecurityConfig.java @@ -5,7 +5,7 @@ * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, diff --git a/settings.gradle b/settings.gradle index 50ba53d..f84ced4 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1,4 +1,4 @@ -rootProject.name = 'oauth2login-gateway' +rootProject.name = 'sample-gateway-oauth2login' include 'gateway' include 'resource-server' diff --git a/uaa-server/build.gradle b/uaa-server/build.gradle index 063e412..8b349b6 100644 --- a/uaa-server/build.gradle +++ b/uaa-server/build.gradle @@ -13,7 +13,7 @@ repositories { mavenCentral() } -ext.uaaVersion = '4.24.0' +ext.uaaVersion = '4.30.0' configurations { uaa @@ -50,7 +50,7 @@ cargo { local { outputFile = file("$buildDir/uaa-server.log") installer { - installUrl = 'https://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.35/bin/apache-tomcat-8.5.35.zip' + installUrl = 'https://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.43/bin/apache-tomcat-8.5.43.zip' downloadDir = file("$buildDir/download") extractDir = file("$buildDir/extract") @@ -59,4 +59,4 @@ cargo { property "UAA_CONFIG_PATH", "$projectDir" } } -} \ No newline at end of file +}