Projekt

Obecné

Profil

« Předchozí | Další » 

Revize cc2e05e8

Přidáno uživatelem Jakub Danek před více než 5 roky(ů)

re #29 reject unauthenticated connections instead of redirecting to login page

Zobrazit rozdíly:

server/src/main/java/org/danekja/ymanager/WebSecurityConfiguration.java
7 7 
import org.springframework.beans.factory.annotation.Autowired;
8 8 
import org.springframework.context.annotation.Bean;
9 9 
import org.springframework.context.annotation.Configuration;
10 
import org.springframework.http.HttpStatus;
10 11 
import org.springframework.security.authentication.AuthenticationProvider;
11 12 
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
12 13 
import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;
......
19 20 
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
20 21 
import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
21 22 
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
23 
import org.springframework.security.web.AuthenticationEntryPoint;
24 
import org.springframework.security.web.authentication.HttpStatusEntryPoint;
22 25 

  		




  23
  26
  
    
@Configuration


  		




  24
  27
  
    
@EnableWebSecurity


  		




  ......




  27
  30
  
    
    @Autowired


  		




  28
  31
  
    
    private OAuth2UserService<OidcUserRequest, OidcUser> googleOauthUserService;


  		




  29
  32
  
    

  		




  
  33
  
    
    @Autowired


  		




  
  34
  
    
    private AuthenticationEntryPoint restAuthenticationEntryPoint;


  		




  
  35
  
    

  		




  30
  36
  
    
    @Override


  		




  31
  37
  
    
    protected void configure(HttpSecurity http) throws Exception {


  		




  32
  38
  
    
        http.cors()


  		




  33
  39
  
    
                .and()


  		




  34
  40
  
    
                .csrf().disable()


  		




  35
  41
  
    
                .authorizeRequests()


  		




  
  42
  
    
                .mvcMatchers("/login/*").permitAll()


  		




  36
  43
  
    
                .anyRequest().authenticated()


  		




  37
  44
  
    
                .and()


  		




  
  45
  
    
                .exceptionHandling().authenticationEntryPoint(restAuthenticationEntryPoint)


  		




  
  46
  
    
                .and()


  		




  38
  47
  
    
                .oauth2Login()


  		




  39
  48
  
    
                .userInfoEndpoint().oidcUserService(googleOauthUserService);


  		




  40
  49
  
    
    }


  		




  ......




  44
  53
  
    
        return new GoogleOidcUserService(userManager);


  		




  45
  54
  
    
    }


  		




  46
  55
  
    

  		




  
  56
  
    

  		




  
  57
  
    
    /**


  		




  
  58
  
    
     * @return reject guest users instead of redirection to login page


  		




  
  59
  
    
     */


  		




  
  60
  
    
    @Bean


  		




  
  61
  
    
    public AuthenticationEntryPoint restAuthenticationEntryPoint() {


  		




  
  62
  
    
        return new HttpStatusEntryPoint(HttpStatus.UNAUTHORIZED);


  		




  
  63
  
    
    }


  		




  
  64
  
    

  		




  47
  65
  
    
    /**


  		




  48
  66
  
    
     * This is a dummy authentication provider which does not check password at all.


  		




  49
  67
  
    
     * <p>


  		












Také k dispozici:  Unified diff