From 114f1ccc0f05e3a67f62d5b63ed4b94ae1ed2f19 Mon Sep 17 00:00:00 2001 From: Angelica Ochoa Date: Tue, 5 Feb 2019 10:00:26 -0500 Subject: [PATCH] spring social rm --- security/security-spring/pom.xml | 35 +++++ security/security-spring/pom.xml.new-version | 129 ++++++++++++++++++ .../CustomUserDetailsService.java | 15 +- .../GoogleUserDetailsService.java} | 30 +--- .../GoogleplusConnectionFactory.java | 4 +- .../GoogleplusConnectionSignUp.java | 2 +- .../PortalUserDetailsService.java | 2 +- .../CustomAuthorizationServerConfigurer.java | 38 ++++++ .../GenericOAuth2ConnectionFactory.java | 42 ++++++ 9 files changed, 262 insertions(+), 35 deletions(-) create mode 100644 security/security-spring/pom.xml.new-version rename security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/{googleplus => google}/CustomUserDetailsService.java (60%) rename security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/{googleplus/GoogleplusUserDetailsService.java => google/GoogleUserDetailsService.java} (79%) rename security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/{googleplus => google}/GoogleplusConnectionFactory.java (97%) rename security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/{googleplus => google}/GoogleplusConnectionSignUp.java (97%) rename security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/{googleplus => google}/PortalUserDetailsService.java (98%) create mode 100644 security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/CustomAuthorizationServerConfigurer.java create mode 100644 security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/GenericOAuth2ConnectionFactory.java diff --git a/security/security-spring/pom.xml b/security/security-spring/pom.xml index df46b692845..bb6488e4fd5 100644 --- a/security/security-spring/pom.xml +++ b/security/security-spring/pom.xml @@ -63,6 +63,41 @@ spring-security-web ${spring.security.version} + + + org.springframework.boot + spring-boot-starter-security + 2.1.2.RELEASE + jar + + + org.springframework.security.oauth + spring-security-oauth2 + 2.3.0.RC1 + jar + + + org.springframework.security.oauth.boot + spring-security-oauth2-autoconfigure + 2.1.2.RELEASE + + + + com.google.api-client + google-api-client + 1.19.0 + jar + + + com.google.oauth-client + google-oauth-client + 1.23.0 + + + com.google.oauth-client + google-oauth-client-servlet + 1.23.0 + org.springframework.social diff --git a/security/security-spring/pom.xml.new-version b/security/security-spring/pom.xml.new-version new file mode 100644 index 00000000000..4c42dec866a --- /dev/null +++ b/security/security-spring/pom.xml.new-version @@ -0,0 +1,129 @@ + + + 4.0.0 + + org.mskcc.cbio + security + 2.0.0-31-gefc5979c1-dirty-SNAPSHOT + + security-spring + 2.0.0-31-gefc5979c1-dirty-SNAPSHOT + + 1.1.3 + 1.1.6.RELEASE + + + + org.mskcc.cbio + web + 2.0.0-31-gefc5979c1-dirty-SNAPSHOT + + + org.springframework.security + spring-security-acl + ${spring.security.version} + + + org.springframework.security + spring-security-config + ${spring.security.version} + + + org.springframework.security + spring-security-core + ${spring.security.version} + + + org.springframework.security + spring-security-ldap + ${spring.security.version} + + + org.springframework.security + spring-security-openid + ${spring.security.version} + + + org.springframework.security.extensions + spring-security-saml2-core + ${spring.security.saml.version} + + + org.springframework.security + spring-security-taglibs + ${spring.security.version} + + + org.springframework.security + spring-security-web + ${spring.security.version} + + + org.springframework.boot + spring-boot-starter-security + 2.1.2.RELEASE + + + org.springframework.security.oauth.boot + spring-security-oauth2-autoconfigure + 2.1.2.RELEASE + + + com.google.api-client + google-api-client + 1.19.0 + + + com.google.oauth-client + google-oauth-client + 1.23.0 + + + com.google.oauth-client + google-oauth-client-servlet + 1.23.0 + + + org.springframework.social + spring-social-config + ${spring.social.version} + + + org.springframework.social + spring-social-core + ${spring.social.version} + + + org.springframework.social + spring-social-security + ${spring.social.version} + + + org.springframework.social + spring-social-web + ${spring.social.version} + + + com.github.spring-social + spring-social-google + ${org.springframework.social.google-version} + + + com.google.inject + guice + 2.0 + + + javax.servlet + javax.servlet-api + 3.0.1 + provided + + + org.springframework.security.oauth + spring-security-oauth2 + 2.3.0.RC1 + + + diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/CustomUserDetailsService.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/CustomUserDetailsService.java similarity index 60% rename from security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/CustomUserDetailsService.java rename to security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/CustomUserDetailsService.java index dee7c969425..558c0b2b51d 100644 --- a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/CustomUserDetailsService.java +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/CustomUserDetailsService.java @@ -1,17 +1,18 @@ -package org.cbioportal.security.spring.authentication.googleplus; +package org.cbioportal.security.spring.authentication.google; import java.util.ArrayList; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.core.GrantedAuthority; -import org.springframework.social.security.SocialUser; -import org.springframework.social.security.SocialUserDetailsService; import com.google.common.base.Preconditions; import com.google.common.base.Strings; +import org.springframework.security.core.userdetails.User; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; -public class CustomUserDetailsService implements SocialUserDetailsService { +public class CustomUserDetailsService implements UserDetailsService { private static final Logger LOGGER = LoggerFactory.getLogger(CustomUserDetailsService.class); @@ -22,11 +23,9 @@ public class CustomUserDetailsService implements SocialUserDetailsService { */ @Override - public org.springframework.social.security.SocialUserDetails loadUserByUserId(String userId) { + public UserDetails loadUserByUsername(String userId) { Preconditions.checkArgument(!Strings.isNullOrEmpty(userId), "A userid is required"); LOGGER.debug("Loading user by user id: {}", userId); - - return new SocialUser(userId, "unused", new ArrayList()); - + return new User(userId, "unused", new ArrayList()); } } diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusUserDetailsService.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleUserDetailsService.java similarity index 79% rename from security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusUserDetailsService.java rename to security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleUserDetailsService.java index 61de18c25b1..c97cf987625 100644 --- a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusUserDetailsService.java +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleUserDetailsService.java @@ -30,31 +30,24 @@ * along with this program. If not, see . */ -package org.cbioportal.security.spring.authentication.googleplus; +package org.cbioportal.security.spring.authentication.google; import com.google.common.base.Preconditions; import com.google.common.base.Strings; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.dao.DataAccessException; +import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.social.security.SocialUser; -import org.springframework.social.security.SocialUserDetailsService; +public class GoogleUserDetailsService implements UserDetailsService { - - - - -public class GoogleplusUserDetailsService implements SocialUserDetailsService { - - private static final Logger LOGGER = LoggerFactory.getLogger(GoogleplusUserDetailsService.class); - + private static final Logger LOGGER = LoggerFactory.getLogger(GoogleUserDetailsService.class); private UserDetailsService userDetailsService; - public GoogleplusUserDetailsService(UserDetailsService userDetailsService) { + public GoogleUserDetailsService(UserDetailsService userDetailsService) { this.userDetailsService = userDetailsService; } @@ -66,29 +59,20 @@ public GoogleplusUserDetailsService(UserDetailsService userDetailsService) { * @throws UsernameNotFoundException Thrown if no user is found. * @throws DataAccessException */ - - @Override - public org.springframework.social.security.SocialUserDetails loadUserByUserId(String userId) throws UsernameNotFoundException, DataAccessException { + public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException { Preconditions.checkArgument(!Strings.isNullOrEmpty(userId), "A userid is required"); LOGGER.debug("Loading user by user id: {}", userId); UserDetails ud = userDetailsService.loadUserByUsername(userId); LOGGER.debug("Found user details: " +ud.getUsername()); - /** - * Map Spring Security UserDetails implementation to a Spring Social SocialUser instance - */ - return new SocialUser(ud.getUsername(), + return new User(ud.getUsername(), ud.getPassword(), ud.isEnabled(), ud.isAccountNonExpired(), ud.isCredentialsNonExpired(), ud.isAccountNonLocked(), ud.getAuthorities()); - - } - - } diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusConnectionFactory.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleplusConnectionFactory.java similarity index 97% rename from security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusConnectionFactory.java rename to security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleplusConnectionFactory.java index 60f325ce428..2d117014d4f 100644 --- a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusConnectionFactory.java +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleplusConnectionFactory.java @@ -30,7 +30,7 @@ * along with this program. If not, see . */ -package org.cbioportal.security.spring.authentication.googleplus; +package org.cbioportal.security.spring.authentication.google; import org.springframework.social.connect.support.OAuth2ConnectionFactory; import org.springframework.social.google.api.Google; @@ -43,7 +43,7 @@ * */ public class GoogleplusConnectionFactory extends OAuth2ConnectionFactory { - + public GoogleplusConnectionFactory(String clientId, String clientSecret) { super("google", new GoogleServiceProvider(clientId, clientSecret), new GoogleAdapter()); diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusConnectionSignUp.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleplusConnectionSignUp.java similarity index 97% rename from security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusConnectionSignUp.java rename to security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleplusConnectionSignUp.java index c9867e6c119..2e0f27be88e 100644 --- a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/GoogleplusConnectionSignUp.java +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/GoogleplusConnectionSignUp.java @@ -30,7 +30,7 @@ * along with this program. If not, see . */ -package org.cbioportal.security.spring.authentication.googleplus; +package org.cbioportal.security.spring.authentication.google; import org.springframework.social.connect.Connection; import org.springframework.social.connect.ConnectionSignUp; diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/PortalUserDetailsService.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/PortalUserDetailsService.java similarity index 98% rename from security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/PortalUserDetailsService.java rename to security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/PortalUserDetailsService.java index 51501807dab..f34b3adac78 100644 --- a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/googleplus/PortalUserDetailsService.java +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/PortalUserDetailsService.java @@ -30,7 +30,7 @@ * along with this program. If not, see . */ -package org.cbioportal.security.spring.authentication.googleplus; +package org.cbioportal.security.spring.authentication.google; import org.cbioportal.model.User; import org.cbioportal.model.UserAuthorities; diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/CustomAuthorizationServerConfigurer.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/CustomAuthorizationServerConfigurer.java new file mode 100644 index 00000000000..a7b9e636190 --- /dev/null +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/CustomAuthorizationServerConfigurer.java @@ -0,0 +1,38 @@ + +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; + +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ + +/** + * + * @author ochoaa + */ +public class CustomAuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter { + private AuthenticationManager authenticationManager; + + public CustomAuthorizationServerConfigurer(AuthenticationConfiguration authenticationConfiguration) throws Exception { + this.authenticationManager = authenticationConfiguration.getAuthenticationManager(); + } + + @Override + public void configure(ClientDetailsServiceConfigurer clients) throws Exception { + clients.inMemory() + .withClient("client") + .authorizedGrantTypes("password") + .secret("{noop}secret") + .scopes("all"); + } + + @Override + public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { + endpoints.authenticationManager(authenticationManager); + } +} diff --git a/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/GenericOAuth2ConnectionFactory.java b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/GenericOAuth2ConnectionFactory.java new file mode 100644 index 00000000000..0418744292a --- /dev/null +++ b/security/security-spring/src/main/java/org/cbioportal/security/spring/authentication/google/oauth2/GenericOAuth2ConnectionFactory.java @@ -0,0 +1,42 @@ +/* + * To change this license header, choose License Headers in Project Properties. + * To change this template file, choose Tools | Templates + * and open the template in the editor. + */ +package org.cbioportal.security.spring.authentication.google.oauth2; + +//import java.util.Set; +//import java.util.HashSet; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.security.oauth2.config.annotation.builders.ClientDetailsServiceBuilder; +import org.springframework.security.oauth2.config.annotation.builders.ClientDetailsServiceBuilder.ClientBuilder; +import org.springframework.security.oauth2.provider.ClientDetailsService; +import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory; + +/** + * + * @author ochoaa + */ +public class GenericOAuth2ConnectionFactory extends DefaultOAuth2RequestFactory { + @Value("${google.client}") + private String clientId; + @Value("${google.client.secret}") + private String clientSecret; + + public GenericOAuth2ConnectionFactory(ClientDetailsService clientDetailsService) { + super(clientDetailsService); + } + + @Bean + public GenericOAuth2ConnectionFactory genericOAuth2ConnectionFactory() throws Exception { +// Set redirectUris = new HashSet<>(); +// redirectUris.add("https://accounts.google.com/o/oauth2/auth"); +// redirectUris.add("https://accounts.google.com/o/oauth2/token"); + ClientBuilder builder = new ClientDetailsServiceBuilder() + .withClient(clientId) + .secret(clientSecret); + builder.redirectUris("https://www.googleapis.com/oauth2/v2/userinfo"); + return new GenericOAuth2ConnectionFactory(builder.and().build()); + } +}