lingwei.kong/hawkbit
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Support for OAuth2 resource server with issuer URI (#1731)

Browse Source 
Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2024-05-14 16:59:05 +03:00
committed by GitHub
parent d8c92cb5e1
commit b234271361
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
hawkbit-autoconfigure/src/main/java/org/eclipse/hawkbit/autoconfigure/security/SecurityManagedConfiguration.java
View File

@@ -74,6 +74,7 @@ import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
import org.springframework.security.oauth2.jwt.JwtDecoders;
import org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
@@ -528,7 +529,13 @@ public class SecurityManagedConfiguration {
: null;
Assert.notNull(clientRegistration, "There must be a valid client registration");
http.oauth2ResourceServer(configurer -> configurer.jwt().jwkSetUri(clientRegistration.getProviderDetails().getJwkSetUri()));
http.oauth2ResourceServer(configurer -> configurer.jwt(configurer2 -> {
if (clientRegistration.getProviderDetails().getJwkSetUri() == null) {
configurer2.decoder(JwtDecoders.fromIssuerLocation(clientRegistration.getProviderDetails().getIssuerUri()));
} else {
configurer2.jwkSetUri(clientRegistration.getProviderDetails().getJwkSetUri());
}
}));
oidcBearerTokenAuthenticationFilter.setClientRegistration(clientRegistration);