Java Spring OAuth
Example
-1. ResourceConfiguration.java
package rest.api.util;
import java.util.Arrays;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
import org.springframework.security.oauth2.client.token.AccessTokenProvider;
import org.springframework.security.oauth2.client.token.AccessTokenProviderChain;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider;
import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
@EnableOAuth2Client
public class ResourceConfiguration {
private String accessTokenUri = Configuration.getValue("accessTokenUri", "");
private String clientID = Configuration.getValue("clientID", "");
private String clientSecret = Configuration.getValue("clientSecret", "");
private String scope = Configuration.getValue("scope", "");
public OAuth2ProtectedResourceDetails oscs() {
ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
details.setId("oscs");
details.setClientId(clientID);
details.setClientSecret(clientSecret);
details.setAccessTokenUri(accessTokenUri);
details.setTokenName("access_token");
details.setScope(Arrays.asList(scope));
return details;
}
public OAuth2RestTemplate oscsRestTemplate() {
OAuth2RestTemplate template = new OAuth2RestTemplate(oscs());
AccessTokenProvider accessTokenProvider = new AccessTokenProviderChain(
Arrays.<AccessTokenProvider> asList(new ClientCredentialsAccessTokenProvider()));
template.setAccessTokenProvider(accessTokenProvider);
// TODO remove turn off host name verification once we get a final solution on this issue.
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
CloseableHttpClient httpClient = HttpClients.custom().setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE)
.build();
requestFactory.setHttpClient(httpClient);
template.setRequestFactory(requestFactory);
return template;
}
}
-2. OAuthRestClient.java
package rest.api.util;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.HttpStatusCodeException;
import org.springframework.web.client.RestTemplate;
import org.testng.Assert;
public class OAuthRestClient {
private final RestTemplate restTemplate;
private final static ResourceConfiguration rc = new ResourceConfiguration();
private final static Logger logger = LoggerFactory.getLogger(OAuthRestClient.class.getName());
public OAuthRestClient() {
restTemplate = rc.oscsRestTemplate();
}
@Override
public String executeDelete(String requestUrl, int statusCode, String... strings) {
logger.info("DELETE " + requestUrl);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
// headers.set("x-resource-service-instance-guid", Constants.guid);
HttpEntity<String> request = new HttpEntity<String>(null, headers);
String output = "";
int status = 0;
try {
ResponseEntity<String> response = restTemplate.exchange(requestUrl, HttpMethod.DELETE, request,
String.class);
status = response.getStatusCodeValue();
output = response.getBody();
} catch (HttpStatusCodeException e) {
status = e.getRawStatusCode();
output = e.getResponseBodyAsString();
}
logger.info("======output======" + output);
Assert.assertEquals(status, statusCode);
return output;
}
@Override
public String executeGet(String requestUrl, int statusCode, String... strings) {
logger.info("GET " + requestUrl);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
// headers.set("x-resource-service-instance-guid", Constants.guid);
HttpEntity<String> request = new HttpEntity<String>(null, headers);
String output = "";
int status = 0;
try {
ResponseEntity<String> response = restTemplate.exchange(requestUrl, HttpMethod.GET, request, String.class);
status = response.getStatusCodeValue();
output = response.getBody();
} catch (HttpStatusCodeException e) {
status = e.getRawStatusCode();
output = e.getResponseBodyAsString();
}
logger.info("======output======" + output);
Assert.assertEquals(status, statusCode);
return output;
}
@Override
public String executeHead(String requestUrl, int statusCode) {
logger.info("HEAD " + requestUrl);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
// headers.set("x-resource-service-instance-guid", Constants.guid);
HttpEntity<String> request = new HttpEntity<String>(null, headers);
String output = "";
int status = 0;
try {
ResponseEntity<String> response = restTemplate.exchange(requestUrl, HttpMethod.HEAD, request, String.class);
status = response.getStatusCodeValue();
output = response.getBody();
} catch (HttpStatusCodeException e) {
status = e.getRawStatusCode();
output = e.getResponseBodyAsString();
}
logger.info("======output======" + output);
Assert.assertEquals(status, statusCode);
return output;
}
@Override
public String executePost(String requestUrl, String input, int statusCode, String... strings) {
logger.info("POST " + requestUrl);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
// headers.set("x-resource-service-instance-guid", Constants.guid);
HttpEntity<String> request = new HttpEntity<String>(input, headers);
String output = "";
int status = 0;
try {
ResponseEntity<String> response = restTemplate.postForEntity(requestUrl, request, String.class);
status = response.getStatusCodeValue();
output = response.getBody();
} catch (HttpStatusCodeException e) {
status = e.getRawStatusCode();
output = e.getResponseBodyAsString();
}
logger.info("======output======" + output);
Assert.assertEquals(status, statusCode);
return output;
}
@Override
public String executePut(String requestUrl, String input, int statusCode, String... strings) {
logger.info("PUT " + requestUrl);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
// headers.set("x-resource-service-instance-guid", Constants.guid);
// MediaType type = MediaType.parseMediaType("application/json;
// charset=UTF-8");
// headers.setContentType(type);
// headers.add("Accept", MediaType.APPLICATION_JSON.toString());
HttpEntity<String> request = new HttpEntity<String>(input, headers);
String output = "";
int status = 0;
try {
ResponseEntity<String> response = restTemplate.exchange(requestUrl, HttpMethod.PUT, request, String.class);
status = response.getStatusCodeValue();
output = response.getBody();
} catch (HttpStatusCodeException e) {
status = e.getRawStatusCode();
output = e.getResponseBodyAsString();
}
logger.info("======output======" + output);
Assert.assertEquals(status, statusCode);
return output;
}
}
