• Home
• com.sap.cloud.security
• spring-security
• 3.5.3
• source code
• HybridAuthorizationAutoConfiguration.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.sap.cloud.security.spring.autoconfig.HybridAuthorizationAutoConfiguration Maven / Gradle / Ivy

/**
 * SPDX-FileCopyrightText: 2018-2023 SAP SE or an SAP affiliate company and Cloud Security Client Java contributors
 * 

 * SPDX-License-Identifier: Apache-2.0
 */
package com.sap.cloud.security.spring.autoconfig;

import com.sap.cloud.security.spring.config.XsuaaServiceConfiguration;
import com.sap.cloud.security.spring.token.authentication.XsuaaTokenAuthorizationConverter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.convert.converter.Converter;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtDecoder;

import static com.sap.cloud.security.config.ServiceConstants.XSUAA.APP_ID;

/**
 * {@link EnableAutoConfiguration} exposes a {@link JwtDecoder}, which is able to decode and validate tokens from Xsuaa
 * and Identity service.
 *
 * 

 * Can be disabled with {@code @EnableAutoConfiguration(exclude={HybridIdentityServicesAutoConfiguration.class})} or
 * with property {@code sap.spring.security.hybrid.auto = false}.
 */
@Configuration
@ConditionalOnProperty(name = "sap.spring.security.hybrid.auto", havingValue = "true", matchIfMissing = true)
@AutoConfigureAfter(HybridIdentityServicesAutoConfiguration.class)
public class HybridAuthorizationAutoConfiguration {
	private final Logger logger = LoggerFactory.getLogger(getClass());

	@Bean
	@ConditionalOnMissingBean(XsuaaTokenAuthorizationConverter.class)
	@ConditionalOnProperty("sap.security.services.xsuaa.xsappname")
	public Converter xsuaaAuthConverter(XsuaaServiceConfiguration xsuaaConfig) {
		logger.debug(
				"auto-configures Converter with 'xsuaa.xsappname' from XsuaaServiceConfiguration.");
		return new XsuaaTokenAuthorizationConverter(xsuaaConfig.getProperty(APP_ID));
	}
}