Last active
November 19, 2017 11:40
-
-
Save GregaVrbancic/e0380d03a3f2976f1c6b to your computer and use it in GitHub Desktop.
[Spring security config with Auth0] Spring Auth0 config code snippet. #Development #Public #Spring #Auth0
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @Configuration | |
| public class ConfigSecurity extends WebSecurityConfigurerAdapter { | |
| private static Logger log = LoggerFactory.getLogger(ConfigSecurity.class); | |
| @Value(value = "${auth0.clientId}") | |
| private String clientId; | |
| @Value(value = "${auth0.clientSecret}") | |
| private String clientSecret; | |
| @Value(value = "${auth0.domain}") | |
| private String issuer; | |
| @Value(value = "${auth0.securedRoute}") | |
| private String securedRoute; | |
| @Bean | |
| CorsFilter simpleCORSFilter() { | |
| return new CorsFilter(); | |
| } | |
| @Bean(name = "auth0AuthenticationProvider") | |
| public Auth0AuthenticationProvider auth0AuthenticationProvider(){ | |
| log.info("{}:{}", clientId, clientSecret); | |
| Auth0AuthenticationProvider authenticationProvider = new Auth0AuthenticationProvider(); | |
| authenticationProvider.setClientId(clientId); | |
| authenticationProvider.setClientSecret(clientSecret); | |
| authenticationProvider.setSecuredRoute(securedRoute); | |
| return authenticationProvider; | |
| } | |
| @Bean(name = "auth0EntryPoint") | |
| public Auth0AuthenticationEntryPoint auth0AuthenticationEntryPoint() { | |
| return new Auth0AuthenticationEntryPoint(); | |
| } | |
| @Bean(name = "auth0Filter") | |
| public Auth0AuthenticationFilter auth0AuthenticationFilter(Auth0AuthenticationEntryPoint entryPoint) { | |
| Auth0AuthenticationFilter filter = new Auth0AuthenticationFilter(); | |
| filter.setEntryPoint(entryPoint); | |
| return filter; | |
| } | |
| @Override | |
| protected void configure(AuthenticationManagerBuilder auth) throws Exception { | |
| auth.authenticationProvider(auth0AuthenticationProvider()); | |
| } | |
| @Override | |
| protected void configure(HttpSecurity http) throws Exception { | |
| http | |
| .csrf().disable() | |
| .addFilterAfter(auth0AuthenticationFilter(auth0AuthenticationEntryPoint()), SecurityContextPersistenceFilter.class) | |
| .addFilterBefore(simpleCORSFilter(), Auth0AuthenticationFilter.class) | |
| .antMatcher("/**") | |
| .authorizeRequests() | |
| .antMatchers(securedRoute).authenticated(); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment