Skip to content

Commit 5d18c26

Browse files
cheese10yuncheese10yun
committed
Password Grant 타입 추가
1 parent 06bbffa commit 5d18c26

File tree

4 files changed

+56
-7
lines changed

4 files changed

+56
-7
lines changed

http/api.http

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,12 +17,25 @@ POST http://localhost:8080/oauth/token
1717
Content-Type: application/x-www-form-urlencoded
1818
Authorization: Basic Y2xpZW50OnBhc3N3b3Jk
1919

20-
code=EzNA97&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A9000%2Fcallback&scope=read_profile
20+
code=lg8HLw&grant_type=authorization_code&redirect_uri=http%3A%2F%2Flocalhost%3A9000%2Fcallback&scope=read_profile
21+
###
22+
23+
#
24+
GET http://localhost:8080/oauth/authorize?client_id=client&redirect_uri=http://localhost:9000/callback&response_type=token&scope=read_profile&state=test
25+
Accept: application/json
26+
###
27+
28+
# Password Grant Type 토큰 요청
29+
POST http://localhost:8080/oauth/token
30+
Content-Type: application/x-www-form-urlencoded
31+
Authorization: Basic Y2xpZW50OnBhc3N3b3Jk
32+
33+
username=user&password=pass&grant_type=password&scope=read_profile
2134
###
2235

2336

2437
GET http://localhost:8080/api/session
2538
Accept: application/json
26-
Authorization: Bearer 623d5bc4-7172-44ae-85c1-73a297e6ab04
39+
Authorization: Bearer 29834bce-859b-4279-b01e-76aa21465879
2740

2841
###

src/main/java/com/example/oauth2/config/AuthorizationServerConfig.java

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,42 @@
11
package com.example.oauth2.config;
22

3+
import lombok.AllArgsConstructor;
34
import org.springframework.context.annotation.Configuration;
45
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
56
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
67
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
8+
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
9+
import org.springframework.security.authentication.AuthenticationManager;
710

811
@Configuration
912
@EnableAuthorizationServer
13+
@AllArgsConstructor
1014
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
1115

16+
private final AuthenticationManager authenticationManager;
17+
1218
@Override
1319
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
1420
clients
1521
.inMemory()
1622
.withClient("client")
1723
.secret("{bcrypt}$2a$10$iP9ejueOGXO29.Yio7rqeuW9.yOC4YaV8fJp3eIWbP45eZSHFEwMG") // password
1824
.redirectUris("http://localhost:9000/callback")
19-
.authorizedGrantTypes("authorization_code", "implicit")
25+
.authorizedGrantTypes("authorization_code", "implicit", "password")
2026
.accessTokenValiditySeconds(120)
27+
.refreshTokenValiditySeconds(240)
2128
.scopes("read_profile");
2229
}
30+
31+
32+
@Override
33+
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
34+
//@formatter:off
35+
endpoints
36+
.authenticationManager(authenticationManager)
37+
;
38+
//@formatter:on
39+
}
40+
41+
2342
}

src/main/java/com/example/oauth2/config/SecurityConfig.java

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,10 @@
11
package com.example.oauth2.config;
22

33
import lombok.AllArgsConstructor;
4+
import org.springframework.beans.factory.annotation.Autowired;
45
import org.springframework.context.annotation.Bean;
6+
import org.springframework.security.authentication.AuthenticationManager;
7+
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
58
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
69
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
710
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@@ -27,4 +30,22 @@ protected void configure(HttpSecurity http) throws Exception {
2730
public PasswordEncoder encoder() {
2831
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
2932
}
33+
34+
35+
@Bean
36+
@Override
37+
protected AuthenticationManager authenticationManager() throws Exception {
38+
return super.authenticationManager();
39+
}
40+
41+
@Autowired
42+
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
43+
//@formatter:off
44+
auth
45+
.inMemoryAuthentication()
46+
.withUser("user").password("{noop}pass").roles("USER");
47+
//@formatter:on
48+
49+
}
50+
3051
}

src/main/resources/application.yml

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,3 @@ spring:
2828
initialization-mode: always
2929
platform: oauth2
3030

31-
security:
32-
user:
33-
name: user
34-
password: "{noop}pass"

0 commit comments

Comments
 (0)