Updated SECOAUTH reference, made required alterations to our configuration
parent
ea16f4e2b6
commit
f3c225d8f2
|
@ -42,7 +42,8 @@ import org.springframework.security.oauth2.provider.AuthorizationRequest;
|
|||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import com.google.common.collect.Sets;
|
||||
|
||||
|
||||
/**
|
||||
|
@ -83,8 +84,11 @@ public class DefaultOAuth2ProviderTokenService implements OAuth2TokenEntityServi
|
|||
// attach the client
|
||||
token.setClient(client);
|
||||
|
||||
// inherit the scope from the auth
|
||||
token.setScope(clientAuth.getScope());
|
||||
// inherit the scope from the auth, but make a new set so it is
|
||||
//not unmodifiable. Unmodifiables don't play nicely with Eclipselink, which
|
||||
//wants to use the clone operation.
|
||||
Set<String> scopes = Sets.newHashSet(clientAuth.getScope());
|
||||
token.setScope(scopes);
|
||||
|
||||
// make it expire if necessary
|
||||
// TODO: pending upstream updates, check for 0 or -1 value here
|
||||
|
|
|
@ -47,12 +47,12 @@
|
|||
|
||||
<oauth:resource-server id="resourceServerFilter" token-services-ref="defaultOAuth2ProviderTokenService" />
|
||||
|
||||
<security:http pattern="/oauth/token"
|
||||
<security:http pattern="/token"
|
||||
create-session="stateless"
|
||||
authentication-manager-ref="clientAuthenticationManager"
|
||||
entry-point-ref="oauthAuthenticationEntryPoint">
|
||||
|
||||
<security:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" />
|
||||
<security:intercept-url pattern="/token" access="IS_AUTHENTICATED_FULLY" />
|
||||
<security:anonymous enabled="false" />
|
||||
<security:http-basic entry-point-ref="oauthAuthenticationEntryPoint" />
|
||||
<!-- include this only if you need to authenticate clients via request parameters -->
|
||||
|
@ -101,6 +101,7 @@
|
|||
|
||||
<bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
|
||||
<property name="authenticationManager" ref="clientAuthenticationManager" />
|
||||
<property name="filterProcessesUrl" value="/token"/>
|
||||
</bean>
|
||||
|
||||
<authentication-manager id="clientAuthenticationManager" xmlns="http://www.springframework.org/schema/security">
|
||||
|
|
|
@ -18,20 +18,6 @@
|
|||
|
||||
<!-- filter through Spring Security -->
|
||||
|
||||
<filter>
|
||||
<filter-name>oauth2EndpointUrlFilter</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
<init-param>
|
||||
<param-name>contextAttribute</param-name>
|
||||
<param-value>org.springframework.web.servlet.FrameworkServlet.CONTEXT.spring</param-value>
|
||||
</init-param>
|
||||
</filter>
|
||||
|
||||
<filter-mapping>
|
||||
<filter-name>oauth2EndpointUrlFilter</filter-name>
|
||||
<url-pattern>/*</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>clientCredentialsTokenEndpointFilter</filter-name>
|
||||
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
|
||||
|
@ -52,7 +38,7 @@
|
|||
|
||||
<filter-mapping>
|
||||
<filter-name>clientCredentialsTokenEndpointFilter</filter-name>
|
||||
<url-pattern>/oauth/token</url-pattern>
|
||||
<url-pattern>/token</url-pattern>
|
||||
</filter-mapping>
|
||||
|
||||
<filter-mapping>
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit 2a3e2636d0c85620fbd495b40c5ef8fe11a94eba
|
||||
Subproject commit 9615bd9a62da1946e2291a6b2663c0258bda4f82
|
Loading…
Reference in New Issue