VKR-QR-codes/qr-access-auth-server
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Delete old code and change port for local development

Browse Source
This commit is contained in:
kashiuno 2025-01-08 08:48:54 +03:00
parent bb4a6dc907
commit 3cf19c23cb
4 changed files with 5 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
build.gradle.kts
View File

@ -27,7 +27,7 @@ dependencies {
testImplementation("org.jetbrains.kotlin:kotlin-test-junit5") testImplementation("org.jetbrains.kotlin:kotlin-test-junit5")
testRuntimeOnly("org.junit.platform:junit-platform-launcher") testRuntimeOnly("org.junit.platform:junit-platform-launcher")
implementation("org.yaml:snakeyaml") implementation("org.yaml:snakeyaml")
implementation("com.fasterxml.jackson.module:jackson-module-kotlin")
} }
kotlin { kotlin {

66
src/main/kotlin/ru/vyatsu/qr_access_auth_server/KotlinRegisteredClientRowMapper.kt
View File

@ -1,66 +0,0 @@
package ru.vyatsu.qr_access_auth_server
import org.springframework.security.oauth2.core.AuthorizationGrantType
import org.springframework.security.oauth2.core.ClientAuthenticationMethod
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository.RegisteredClientRowMapper
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient
import org.springframework.util.StringUtils
import java.sql.ResultSet
class KotlinRegisteredClientRowMapper : RegisteredClientRowMapper() {
override fun mapRow(rs: ResultSet, rowNum: Int): RegisteredClient? {
val clientIdIssuedAt = rs.getTimestamp("client_id_issued_at")
val clientSecretExpiresAt = rs.getTimestamp("client_secret_expires_at")
val clientAuthenticationMethods =
StringUtils.commaDelimitedListToSet(rs.getString("client_authentication_methods"))
val authorizationGrantTypes = StringUtils.commaDelimitedListToSet(rs.getString("authorization_grant_types"))
val redirectUris = StringUtils.commaDelimitedListToSet(rs.getString("redirect_uris"))
val postLogoutRedirectUris = StringUtils.commaDelimitedListToSet(rs.getString("post_logout_redirect_uris"))
val clientScopes = StringUtils.commaDelimitedListToSet(rs.getString("scopes"))
val builder = RegisteredClient.withId(rs.getString("id"))
.clientId(rs.getString("client_id"))
.clientIdIssuedAt(clientIdIssuedAt?.toInstant())
.clientSecret(rs.getString("client_secret"))
.clientSecretExpiresAt(clientSecretExpiresAt?.toInstant())
.clientName(rs.getString("client_name"))
.clientAuthenticationMethods { authenticationMethods ->
clientAuthenticationMethods.forEach { authenticationMethod ->
authenticationMethods.add(resolveClientAuthenticationMethod(authenticationMethod))
}
}
.authorizationGrantTypes { grantTypes ->
authorizationGrantTypes.forEach { grantType ->
grantTypes.add(resolveAuthorizationGrantType(grantType))
}
}
.redirectUris { uris -> uris.addAll(redirectUris) }
.postLogoutRedirectUris { uris ->
uris.addAll(postLogoutRedirectUris)
}
.scopes { scopes -> scopes.addAll(clientScopes) }
return builder.build()
}
private fun resolveAuthorizationGrantType(authorizationGrantType: String): AuthorizationGrantType {
return if (AuthorizationGrantType.AUTHORIZATION_CODE.value == authorizationGrantType) {
AuthorizationGrantType.AUTHORIZATION_CODE
} else if (AuthorizationGrantType.CLIENT_CREDENTIALS.value == authorizationGrantType) {
AuthorizationGrantType.CLIENT_CREDENTIALS
} else {
if (AuthorizationGrantType.REFRESH_TOKEN.value == authorizationGrantType) AuthorizationGrantType.REFRESH_TOKEN
else AuthorizationGrantType(authorizationGrantType)
}
}
private fun resolveClientAuthenticationMethod(clientAuthenticationMethod: String): ClientAuthenticationMethod {
return if (ClientAuthenticationMethod.CLIENT_SECRET_BASIC.value == clientAuthenticationMethod) {
ClientAuthenticationMethod.CLIENT_SECRET_BASIC
} else if (ClientAuthenticationMethod.CLIENT_SECRET_POST.value == clientAuthenticationMethod) {
ClientAuthenticationMethod.CLIENT_SECRET_POST
} else {
if (ClientAuthenticationMethod.NONE.value == clientAuthenticationMethod) ClientAuthenticationMethod.NONE
else ClientAuthenticationMethod(clientAuthenticationMethod)
}
}
}

15
src/main/kotlin/ru/vyatsu/qr_access_auth_server/SecurityConfig.kt
View File

@ -1,6 +1,5 @@
package ru.vyatsu.qr_access_auth_server package ru.vyatsu.qr_access_auth_server
import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
import com.nimbusds.jose.jwk.JWKSet import com.nimbusds.jose.jwk.JWKSet
import com.nimbusds.jose.jwk.RSAKey import com.nimbusds.jose.jwk.RSAKey
import com.nimbusds.jose.jwk.source.ImmutableJWKSet import com.nimbusds.jose.jwk.source.ImmutableJWKSet
@ -13,13 +12,11 @@ import org.springframework.jdbc.core.JdbcTemplate
import org.springframework.security.config.annotation.web.builders.HttpSecurity import org.springframework.security.config.annotation.web.builders.HttpSecurity
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
import org.springframework.security.core.userdetails.UserDetailsService import org.springframework.security.core.userdetails.UserDetailsService
import org.springframework.security.jackson2.SecurityJackson2Modules
import org.springframework.security.oauth2.jwt.JwtDecoder import org.springframework.security.oauth2.jwt.JwtDecoder
import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository import org.springframework.security.oauth2.server.authorization.client.JdbcRegisteredClientRepository
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration import org.springframework.security.oauth2.server.authorization.config.annotation.web.configuration.OAuth2AuthorizationServerConfiguration
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer
import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings
import org.springframework.security.provisioning.InMemoryUserDetailsManager import org.springframework.security.provisioning.InMemoryUserDetailsManager
import org.springframework.security.web.SecurityFilterChain import org.springframework.security.web.SecurityFilterChain
@ -30,7 +27,7 @@ import java.security.interfaces.RSAPublicKey
import java.util.* import java.util.*
@Configuration @Configuration
@EnableWebSecurity(debug = true) @EnableWebSecurity
class SecurityConfig { class SecurityConfig {
@Bean @Bean
@Order(1) @Order(1)
@ -61,15 +58,7 @@ class SecurityConfig {
@Bean @Bean
fun registeredClientRepository(operations: JdbcTemplate): RegisteredClientRepository { fun registeredClientRepository(operations: JdbcTemplate): RegisteredClientRepository {
val clientRepository = JdbcRegisteredClientRepository(operations) return JdbcRegisteredClientRepository(operations)
val clientRowMapper = KotlinRegisteredClientRowMapper()
val classLoader = JdbcRegisteredClientRepository::class.java.classLoader
val objectMapper = jacksonObjectMapper()
objectMapper.registerModules(SecurityJackson2Modules.getModules(classLoader))
objectMapper.registerModule(OAuth2AuthorizationServerJackson2Module())
clientRowMapper.setObjectMapper(objectMapper)
clientRepository.setRegisteredClientRowMapper(clientRowMapper)
return clientRepository
} }
@Bean @Bean

2
src/main/resources/application.yaml
View File

@ -1,3 +1,5 @@
server:
port: 8081
spring: spring:
application: application:
name: qr-access-auth-server name: qr-access-auth-server