• Home
• com.github.yongyongwang
• if-uaa-auth-spring-boot-autoconfigure
• 0.0.1
• source code
• UaaAuthConfiguration.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.iframework.uaa.auth.autoconfigure.UaaAuthConfiguration Maven / Gradle / Ivy

package com.iframework.uaa.auth.autoconfigure;

import com.iframework.uaa.auth.autoconfigure.filter.JWTAuthenticationFilter;
import com.iframework.uaa.auth.autoconfigure.properties.AuthTokenProperties;
import com.iframework.uaa.verify.autoconfigure.filter.TokenAuthenticationFilter;
import com.iframework.uaa.verify.autoconfigure.properties.VerifyTokenProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.util.CollectionUtils;

import java.util.Collections;

@Configuration
public class UaaAuthConfiguration {

    @Configuration
    @EnableConfigurationProperties({AuthTokenProperties.class, VerifyTokenProperties.class})
    @Order(99)
    public static class AuthSecurityConfiguration extends WebSecurityConfigurerAdapter {

        @Bean
        @ConditionalOnMissingBean
        public AuthenticationManager authenticationManagerBean() throws Exception {
            return super.authenticationManagerBean();
        }

        @Bean
        public JWTAuthenticationFilter jwtAuthenticationFilter(@Autowired AuthenticationManager authenticationManagerBean) {
            JWTAuthenticationFilter jwtAuthenticationFilter = new JWTAuthenticationFilter();
            jwtAuthenticationFilter.setAuthenticationManager(authenticationManagerBean);
            return jwtAuthenticationFilter;
        }

        @Bean
        public TokenAuthenticationFilter tokenAuthenticationFilter(@Autowired AuthenticationManager authenticationManagerBean) throws Exception {
            return new TokenAuthenticationFilter(authenticationManagerBean);
        }

        @Autowired
        private AuthTokenProperties authTokenProperties;

        @Autowired
        private VerifyTokenProperties verifyTokenProperties;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
            if (CollectionUtils.isEmpty(verifyTokenProperties.getExcludePatterns())) {
                verifyTokenProperties.setExcludePatterns(Collections.emptyList());
            }
            http
                    .cors().disable()
                    .csrf().disable()
                    .authorizeRequests()
                    .antMatchers(verifyTokenProperties.getExcludePatterns().toArray(new String[0]))
                    .permitAll()
                    .anyRequest()
                    .authenticated()
                    .and()
                    .formLogin().disable()
                    .httpBasic().disable()
                    .addFilterBefore(jwtAuthenticationFilter(authenticationManagerBean()), UsernamePasswordAuthenticationFilter.class)
                    .addFilterBefore(tokenAuthenticationFilter(authenticationManagerBean()), BasicAuthenticationFilter.class);
        }

    }
}