Security with oauth2 mongodb spring security

Fermé

sahar1994 Messages postés 36 Date d'inscription vendredi 5 août 2016 Statut Membre Dernière intervention 14 mars 2018 - Modifié le 14 mars 2018 à 21:54
Whismeril Messages postés 19022 Date d'inscription mardi 11 mars 2003 Statut Contributeur Dernière intervention 17 avril 2024 - 15 mars 2018 à 08:12

i'm trying to empliment oauth2 authentication with mongodb and spring boot and spring secuurity.
Gradle:

buildscript {
 ext {
  springBootVersion = '1.5.10.RELEASE'
 }
 repositories {
  mavenCentral()
 }
 dependencies {
  classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
 }
}

apply plugin: 'java'
apply plugin: 'eclipse'
apply plugin: 'org.springframework.boot'

group = 'com.TestAouth'
version = '0.0.1-SNAPSHOT'
sourceCompatibility = 1.8

repositories {
 mavenCentral()
}


dependencies {
 compile('org.springframework.boot:spring-boot-starter-data-mongodb')
 compile('org.springframework.boot:spring-boot-starter-data-rest')
 compile('org.springframework.boot:spring-boot-starter-security')
 compile('org.springframework.boot:spring-boot-starter-web')
 compile (group: 'org.springframework.security.oauth', name: 'spring-security-oauth2', version: '2.2.1.RELEASE')
 testCompile('org.springframework.boot:spring-boot-starter-test')
 testCompile('org.springframework.security:spring-security-test')
}

application.proprietie

spring.data.mongodb.host=localhost
spring.data.mongodb.port=27017
spring.data.mongodb.database=Aouth2Test

User.java

@Document(collection ="users")
public class User implements UserDetails {


    @Id
    private String id;

    private String username;
    private String password;
    private boolean enabled;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();

        return authorities;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        // we never lock accounts
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        // credentials never expire
        return true;
    }

    @Override
    public boolean isEnabled() {
        return enabled;
    }

    @Override
    public String getPassword() {
        return password;
    }

    @Override
    public String getUsername() {
        return username;
    }
}

UserRepository.java

package com.TestAouth.aouth.Repository;

import com.TestAouth.aouth.entity.User;
import org.springframework.data.mongodb.repository.MongoRepository;
import org.springframework.stereotype.Repository;

@Repository
public interface UserRepository extends MongoRepository<User, String> {
    User findOneByUsername(String username);
}

UserService.java

@Service("userDetailsService")
public class UserService implements UserDetailsService {

    @Autowired
    private UserRepository userRepository;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        return userRepository.findOneByUsername(username);
    }
}

OAuth2Config .java

@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {

    @Autowired
    @Qualifier("userDetailsService")
    private UserDetailsService userDetailsService;

    @Autowired
    private AuthenticationManager authenticationManager;
    @Value("3600")
    private int expiration;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer configurer) throws Exception {
        configurer.authenticationManager(authenticationManager);
        configurer.userDetailsService(userDetailsService);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory().withClient("gigy").secret("secret").accessTokenValiditySeconds(expiration)
                .scopes("read", "write").authorizedGrantTypes("password", "refresh_token").resourceIds("resource");
    }

}

i'm sending request with postman:
basic auth : gigy and password
no headers
grant_type=password , username=username, password=password
url: localhost:8080/oauth/token

in my database i have

> db.users.find().pretty()
{
        "_id" : ObjectId("5aa9852b6074fe260ea0536f"),
        "username" : "username",
        "password" : "$2a$10$D4OLKI6yy68crm.3imC9X.P2xqKHs5TloWUcr6z5XdOqnTrAK84ri"
}

i'm having

{
    "error": "unauthorized",
    "error_description": "UserDetailsService returned null, which is an interface contract violation"
}

as response

A voir également:

Security with oauth2 mongodb spring security
Microsoft security essentials - Télécharger - Antivirus & Antimalwares
Usb disk security - Télécharger - Sécurité
Security@facebookmail.com - Forum Facebook
Security task manager avis ✓ - Forum Virus
Harddisk security - Forum Disque dur / SSD

1 réponse

Réponse 1 / 1

Whismeril Messages postés 19022 Date d'inscription mardi 11 mars 2003 Statut Contributeur Dernière intervention 17 avril 2024 928
15 mars 2018 à 08:12

Bonjour
Comment ça marche est un forum francophone.
Tu peux aller sur la version internationale ccm.net ou rediger ta question en français.

Discussions similaires

Boîte mail piratée ?

Code de réinitialisation mdp facebook sans le demander

Security boot fail lors du démarrage

Analyse de l'appli "AI SECURITY"

SecurityHealth est a désactiver ou pas au démarrage de W10 Pro 64 ?

Discussions similaires

Newsletters