inject claims in Authentication

Doha2012 · Doha2012 · commit 54b6af98f272 · 2017-12-17T17:51:40.000+02:00
diff --git a/spring-security-oauth-resource/pom.xml b/spring-security-oauth-resource/pom.xml
@@ -79,6 +79,19 @@
 			<artifactId>spring-boot-starter-test</artifactId>
 		</dependency>
 
+        <dependency>
+            <groupId>com.jayway.restassured</groupId>
+            <artifactId>rest-assured</artifactId>
+            <version>${rest-assured.version}</version>
+            <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <artifactId>commons-logging</artifactId>
+                    <groupId>commons-logging</groupId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        
 	</dependencies>
 
 	<build>
diff --git a/spring-security-oauth-resource/src/main/java/org/baeldung/config/CustomAccessTokenConverter.java b/spring-security-oauth-resource/src/main/java/org/baeldung/config/CustomAccessTokenConverter.java
@@ -0,0 +1,19 @@
+package org.baeldung.config;
+
+import java.util.Map;
+
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
+import org.springframework.stereotype.Component;
+
+@Component
+public class CustomAccessTokenConverter extends DefaultAccessTokenConverter {
+
+    @Override
+    public OAuth2Authentication extractAuthentication(Map<String, ?> claims) {
+        OAuth2Authentication authentication = super.extractAuthentication(claims);
+        authentication.setDetails(claims);
+        return authentication;
+    }
+
+}
diff --git a/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java b/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfig.java
@@ -4,23 +4,20 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
-import org.springframework.context.annotation.PropertySource;
 import org.springframework.core.env.Environment;
 import org.springframework.jdbc.datasource.DriverManagerDataSource;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
 
-@Configuration
-@PropertySource({ "classpath:persistence.properties" })
-@EnableResourceServer
+//@Configuration
+//@PropertySource({ "classpath:persistence.properties" })
+//@EnableResourceServer
 public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
 
     @Autowired
diff --git a/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfigJwt.java b/spring-security-oauth-resource/src/main/java/org/baeldung/config/OAuth2ResourceServerConfigJwt.java
@@ -3,23 +3,29 @@
 import java.io.IOException;
 
 import org.apache.commons.io.IOUtils;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
 
-//@Configuration
-//@EnableResourceServer
+@Configuration
+@EnableResourceServer
 public class OAuth2ResourceServerConfigJwt extends ResourceServerConfigurerAdapter {
 
+    @Autowired
+    private CustomAccessTokenConverter customAccessTokenConverter;
+
     @Override
     public void configure(final HttpSecurity http) throws Exception {
         // @formatter:off
@@ -42,6 +48,8 @@ public TokenStore tokenStore() {
     @Bean
     public JwtAccessTokenConverter accessTokenConverter() {
         final JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+        converter.setAccessTokenConverter(customAccessTokenConverter);
+
         // converter.setSigningKey("123");
         final Resource resource = new ClassPathResource("public.txt");
         String publicKey = null;
diff --git a/spring-security-oauth-resource/src/test/java/org/baeldung/test/AuthenticationClaimsIntegrationTest.java b/spring-security-oauth-resource/src/test/java/org/baeldung/test/AuthenticationClaimsIntegrationTest.java
@@ -0,0 +1,61 @@
+package org.baeldung.test;
+
+import static org.junit.Assert.assertTrue;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.baeldung.config.ResourceServerApplication;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
+import org.springframework.test.context.junit4.SpringRunner;
+
+import com.jayway.restassured.RestAssured;
+import com.jayway.restassured.response.Response;
+
+@RunWith(SpringRunner.class)
+@SpringBootTest(classes = ResourceServerApplication.class, webEnvironment = WebEnvironment.RANDOM_PORT)
+public class AuthenticationClaimsIntegrationTest {
+
+    @Autowired
+    private JwtTokenStore tokenStore;
+
+    @Test
+    public void whenTokenDontContainIssuer_thenSuccess() {
+        final String tokenValue = obtainAccessToken("fooClientIdPassword", "john", "123");
+        final OAuth2Authentication auth = tokenStore.readAuthentication(tokenValue);
+        System.out.println(tokenValue);
+        System.out.println(auth);
+        assertTrue(auth.isAuthenticated());
+        System.out.println(auth.getDetails());
+
+        Map<String, Object> details = (Map<String, Object>) auth.getDetails();
+        assertTrue(details.containsKey("organization"));
+        System.out.println(details.get("organization"));
+    }
+
+    private String obtainAccessToken(String clientId, String username, String password) {
+        final Map<String, String> params = new HashMap<String, String>();
+        params.put("grant_type", "password");
+        params.put("client_id", clientId);
+        params.put("username", username);
+        params.put("password", password);
+        final Response response = RestAssured.given()
+            .auth()
+            .preemptive()
+            .basic(clientId, "secret")
+            .and()
+            .with()
+            .params(params)
+            .when()
+            .post("http://localhost:8081/spring-security-oauth-server/oauth/token");
+        return response.jsonPath()
+            .getString("access_token");
+    }
+
+}
diff --git a/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java b/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfig.java
@@ -8,9 +8,7 @@
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
-import org.springframework.context.annotation.PropertySource;
 import org.springframework.core.env.Environment;
 import org.springframework.core.io.Resource;
 import org.springframework.jdbc.datasource.DriverManagerDataSource;
@@ -20,7 +18,6 @@
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
@@ -29,9 +26,9 @@
 import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
 
-@Configuration
-@PropertySource({ "classpath:persistence.properties" })
-@EnableAuthorizationServer
+//@Configuration
+//@PropertySource({ "classpath:persistence.properties" })
+//@EnableAuthorizationServer
 public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
 
     @Autowired
diff --git a/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfigJwt.java b/spring-security-oauth-server/src/main/java/org/baeldung/config/OAuth2AuthorizationServerConfigJwt.java
@@ -5,11 +5,13 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
@@ -20,8 +22,8 @@
 import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
 import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
 
-//@Configuration
-//@EnableAuthorizationServer
+@Configuration
+@EnableAuthorizationServer
 public class OAuth2AuthorizationServerConfigJwt extends AuthorizationServerConfigurerAdapter {
 
     @Autowired
