Skip to content

Commit

Permalink
gh-156 : ul (CONFIGURATION)
Browse files Browse the repository at this point in the history
  • Loading branch information
ch4mpy committed Dec 3, 2023
1 parent 74f2145 commit 2ca6f8b
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.security.test.context.support.WithSecurityContext;
import org.springframework.security.test.context.support.WithSecurityContextFactory;
import org.springframework.util.StringUtils;
Expand Down Expand Up @@ -109,6 +110,8 @@ public static final class AuthenticationFactory implements WithSecurityContextFa

private final Optional<Converter<Jwt, ? extends Mono<? extends AbstractAuthenticationToken>>> reactiveJwtAuthenticationConverter;

private final Converter<Jwt, AbstractAuthenticationToken> defaultAuthenticationConverter = new JwtAuthenticationConverter();

@Override
public SecurityContext createSecurityContext(WithJwt annotation) {
final var auth = authentication(annotation);
Expand Down Expand Up @@ -160,9 +163,7 @@ public AbstractAuthenticationToken authentication(Map<String, Object> claims, Ma
}).orElseGet(() -> reactiveJwtAuthenticationConverter.map(c -> {
final AbstractAuthenticationToken auth = c.convert(jwt).block();
return auth;
}).orElseThrow(() -> {
return new RuntimeException("Missing jwtAuthenticationConverter bean");
}));
}).orElse(defaultAuthenticationConverter.convert(jwt)));
}

/**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.time.Instant;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
Expand All @@ -33,7 +34,10 @@
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
import org.springframework.security.oauth2.core.OAuth2TokenIntrospectionClaimNames;
import org.springframework.security.oauth2.server.resource.authentication.BearerTokenAuthentication;
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenAuthenticationConverter;
import org.springframework.security.oauth2.server.resource.introspection.ReactiveOpaqueTokenAuthenticationConverter;
import org.springframework.security.test.context.support.WithSecurityContext;
Expand Down Expand Up @@ -74,9 +78,9 @@
* return authFactory.authenticationsFrom("ch4mp.json", "tonton-pirate.json");
* }
* </pre>
*
* If using spring-addons-oauth2-test without spring-addons-starter-oidc-test, you should explicitly import
* &#64;Import(AuthenticationFactoriesTestConf.class) (otherwise, the &#64;Addons...Test will pull this configuration for you)
*
* If using spring-addons-oauth2-test without spring-addons-starter-oidc-test, you should explicitly import &#64;Import(AuthenticationFactoriesTestConf.class)
* (otherwise, the &#64;Addons...Test will pull this configuration for you)
*
* @author Jérôme Wacongne &lt;ch4mp&#64;c4-soft.com&gt;
*/
Expand Down Expand Up @@ -164,8 +168,13 @@ public Map<String, Object> getAttributes() {
}).orElseGet(() -> reactiveOpaqueTokenAuthenticationConverter.map(c -> {
final var auth = c.convert(bearerString, principal).block();
return auth;
}).orElseThrow(() -> {
return new RuntimeException("Missing opaque token authentication converter bean");
}).orElseGet(() -> {
Instant iat =
Optional.ofNullable(principal.getAttribute(OAuth2TokenIntrospectionClaimNames.IAT)).map(Instant.class::cast).orElse(Instant.now());
Instant exp = Optional.ofNullable(principal.getAttribute(OAuth2TokenIntrospectionClaimNames.EXP)).map(Instant.class::cast)
.orElse(Instant.ofEpochSecond(Instant.now().getEpochSecond() + 300));
OAuth2AccessToken accessToken = new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, bearerString, iat, exp);
return new BearerTokenAuthentication(principal, accessToken, principal.getAuthorities());
}));
}

Expand Down

0 comments on commit 2ca6f8b

Please sign in to comment.