------------------------------------------------------------ revno: 19402 committer: Morten Olav Hansen <[email protected]> branch nick: dhis2 timestamp: Mon 2015-06-15 11:03:19 +0700 message: minor, adds current oauth2 configuration in security.xml (but commented out), still wip modified: dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml dhis-2/pom.xml
-- lp:dhis2 https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk Your team DHIS 2 developers is subscribed to branch lp:dhis2. To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java' --- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java 2015-06-10 10:50:31 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/oauth2/DefaultClientDetailsService.java 2015-06-15 04:03:19 +0000 @@ -36,6 +36,9 @@ import org.springframework.security.oauth2.provider.ClientRegistrationException; import org.springframework.security.oauth2.provider.client.BaseClientDetails; +import java.util.HashSet; +import java.util.Set; + /** * @author Morten Olav Hansen <[email protected]> */ @@ -64,9 +67,21 @@ return null; } + Set<String> grantTypes = new HashSet<>(); + grantTypes.add( "password" ); + grantTypes.add( "authorization_code" ); + grantTypes.add( "refresh_token" ); + grantTypes.add( "client_credentials" ); + grantTypes.add( "implicit" ); + + Set<String> scopes = new HashSet<>(); + scopes.add( "ALL" ); + BaseClientDetails clientDetails = new BaseClientDetails(); clientDetails.setClientId( client.getCid() ); clientDetails.setClientSecret( client.getSecret() ); + clientDetails.setAuthorizedGrantTypes( grantTypes ); + clientDetails.setScope( scopes ); return clientDetails; } === modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml' --- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2015-06-10 12:17:45 +0000 +++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml 2015-06-15 04:03:19 +0000 @@ -1,11 +1,69 @@ <?xml version="1.0" encoding="UTF-8"?> -<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:sec="http://www.springframework.org/schema/security"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; +<beans xmlns="http://www.springframework.org/schema/beans"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xmlns:sec="http://www.springframework.org/schema/security"; xmlns:oauth="http://www.springframework.org/schema/security/oauth2"; xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.1.xsd - http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd";> + http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.2.xsd + http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd";> + + <bean id="loggerListener" class="org.springframework.security.authentication.event.LoggerListener" /> + + <!-- /oauth/authorize + <sec:http pattern="/oauth/authorize/**" access-denied-page="/login.jsp?authorization_error=true" disable-url-rewriting="true"> + <sec:intercept-url pattern="/oauth/authorize/**" access="IS_AUTHENTICATED_FULLY" /> + <sec:form-login authentication-failure-url="/login.jsp?authentication_error=true" + default-target-url="http://www.ourwebsite.com/"; login-page="/login.jsp" + login-processing-url="/login.do" /> + <sec:http-basic /> + <sec:anonymous /> + </sec:http> + --> + + <!-- OAuth2 + <sec:http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="clientAuthenticationManager"> + <sec:intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY" /> + <sec:anonymous enabled="false" /> + <sec:http-basic entry-point-ref="oauthAuthenticationEntryPoint" /> + <sec:custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER" /> + <sec:access-denied-handler ref="oauthAccessDeniedHandler" /> + </sec:http> + + <oauth:authorization-server client-details-service-ref="clientDetailsService" token-services-ref="tokenServices"> + <oauth:authorization-code /> + <oauth:implicit /> + <oauth:refresh-token /> + <oauth:client-credentials /> + <oauth:password /> + </oauth:authorization-server> + + <sec:authentication-manager id="clientAuthenticationManager"> + <sec:authentication-provider user-service-ref="clientDetailsUserService" /> + </sec:authentication-manager> <bean id="clientDetailsService" class="org.hisp.dhis.security.oauth2.DefaultClientDetailsService" /> + <bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService"> + <constructor-arg ref="clientDetailsService" /> + </bean> + + <bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore" /> + + <bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices"> + <property name="tokenStore" ref="tokenStore" /> + <property name="supportRefreshToken" value="true" /> + </bean> + + <bean id="oauthAuthenticationEntryPoint" + class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint"> + <property name="realmName" value="dhis2/oauth2" /> + </bean> + + <bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" /> + + <bean id="clientCredentialsTokenEndpointFilter" class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter"> + <property name="authenticationManager" ref="clientAuthenticationManager" /> + </bean> + --> + <bean id="mappedRedirectStrategy" class="org.hisp.dhis.security.MappedRedirectStrategy"> <property name="redirectMap"> <map> === modified file 'dhis-2/pom.xml' --- dhis-2/pom.xml 2015-06-11 18:44:52 +0000 +++ dhis-2/pom.xml 2015-06-15 04:03:19 +0000 @@ -509,7 +509,7 @@ <dependency> <groupId>org.springframework.security.oauth</groupId> <artifactId>spring-security-oauth2</artifactId> - <version>2.0.7.RELEASE</version> + <version>${spring.security.oauth2.version}</version> </dependency> <!-- Spring Mobile --> @@ -1031,6 +1031,7 @@ <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> <spring.version>4.1.6.RELEASE</spring.version> <spring.security.version>3.2.7.RELEASE</spring.security.version> + <spring.security.oauth2.version>2.0.7.RELEASE</spring.security.oauth2.version> <struts.version>2.3.16.3</struts.version> <hibernate.version>4.2.19.Final</hibernate.version> <hibernate-validator.version>4.3.1.Final</hibernate-validator.version>
_______________________________________________ Mailing list: https://launchpad.net/~dhis2-devs Post to : [email protected] Unsubscribe : https://launchpad.net/~dhis2-devs More help : https://help.launchpad.net/ListHelp
