Authorization server config

This is the the most important in this Spring Boot project, where we will set up the authorization server configuration. We will use a new annotation, @EnableAuthorizationServer. Our configuration class will extend AuthorizationServerConfigurerAdapter. We will be using the JWT token store and will also showcase a token enhancer, using which you can enhance your JWT token with more claims, if deemed necessary for your application. The most important method in this configuration class is extracted as the following code snippet:

@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws 
        Exception {
  clients.inMemory()
     .withClient("oAuthClientAppID")
     .secret(passwordEncoder().encode("secret"))
     .authorizedGrantTypes("password", "authorization_code", "refresh_token")
     .scopes("movie", "read", "write")
     .accessTokenValiditySeconds(3600)
     .refreshTokenValiditySeconds(2592000)
     .redirectUris("http://localhost:8080/movie/", 
        "http://localhost:8080/movie/index");
}

This is where we set up the client-related OAuth configuration. We set up just one client, and we use the in-memory option to make the example simpler to understand. Throughout the application, we will be using BCrypt as our password encoder. The client ID for our client app is oAuthClientAppID and the client secret is secret. We set up three grant types and while accessing the client, we need to specify the necessary scopes (movie, read, and write). After successful execution, the authorization server will redirect you to the specified URL (http://localhost:8080/movie/ or http://localhost:8080/movie/index). If the URL is not correctly specified by the client, the server will throw an error.

The JWT token store and enhancer-related methods are as shown in the following code snippet:

@Bean
@Primary
public DefaultTokenServices tokenServices() {
  final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
  defaultTokenServices.setTokenStore(tokenStore());
  defaultTokenServices.setSupportRefreshToken(true);
  return defaultTokenServices;
}
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) 
    throws Exception {
  final TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
  tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), 
    accessTokenConverter()));
  endpoints.tokenStore(tokenStore()).tokenEnhancer(tokenEnhancerChain)
    .authenticationManager(authenticationManager);
}
@Bean
public TokenStore tokenStore() {
  return new JwtTokenStore(accessTokenConverter());
}
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
  final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
  converter.setSigningKey("secret");
  return converter;
}
@Bean
public TokenEnhancer tokenEnhancer() {
  return new CustomTokenEnhancer();
}

In this code, we specify the token store, which will be used in the tokenStore method, and we also declare a tokenEnhancer bean. To showcase the token enhancer, we will be using a custom class named CustomTokenEnhancer; the class is as shown in the following code snippet:

public class CustomTokenEnhancer implements TokenEnhancer {
  @Override
  public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, 
    OAuth2Authentication authentication) {
      final Map<String, Object> additionalInfo = new HashMap<>();
      additionalInfo.put("principalinfo", 
        authentication.getPrincipal().toString());
      ((DefaultOAuth2AccessToken)accessToken)
        .setAdditionalInformation(additionalInfo);
      return accessToken;
  }
}

The custom token enhancer class implements TokenEnhancer. We just add new information (principalinfo) into the JWT token that contains the toString version of the principal object.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.224.56.216