1. 包列表
  2. 类列表
  3. org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer

Java 类org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer 实例源码

项目:registration-api    文件:SecurityConfig.java    
@Bean
public ResourceServerConfigurer resourceServer(SecurityProperties securityProperties) {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESOURCE_ID);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            if (securityProperties.isRequireSsl()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }
            http.authorizeRequests()
                    .antMatchers(HttpMethod.POST, "/patients/**").access(hasScopes("phr.hie_write", "registration.write"))
                    .antMatchers(HttpMethod.GET, "/management/**").access(hasScope("registration.management"))
                    .antMatchers(HttpMethod.POST, "/management/**").access(hasScope("registration.management"))
                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                    .anyRequest().denyAll();
        }
    };
}
项目:dss-api    文件:SecurityConfig.java    
@Bean
public ResourceServerConfigurer resourceServer(SecurityProperties securityProperties) {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESOURCE_ID);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            if (securityProperties.isRequireSsl()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }
            http.authorizeRequests()
                    // TODO: May add permission for accessing following resource
                    .antMatchers(HttpMethod.POST, "/segmentedDocument/**").permitAll()
                    .antMatchers(HttpMethod.POST, "/validateDocument/**").permitAll()
                    // Security scope for accessing management endpoint
                    .antMatchers(HttpMethod.GET, "/management/**").access(hasScope("dss.management"))
                    .antMatchers(HttpMethod.POST, "/management/**").access(hasScope("dss.management"))
                    .anyRequest().denyAll();
        }
    };
}
项目:context-handler    文件:SecurityConfig.java    
@Bean
public ResourceServerConfigurer resourceServer(SecurityProperties securityProperties) {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESOURCE_ID);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            if (securityProperties.isRequireSsl()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }
            http.authorizeRequests()
                    // TODO: May add permission for accessing following resource
                    .antMatchers(HttpMethod.POST, "/policyEnforcement/**").permitAll()
                    // Security scope for accessing management endpoint
                    .antMatchers(HttpMethod.GET, "/management/**").access(hasScope("contextHandler.management"))
                    .antMatchers(HttpMethod.POST, "/management/**").access(hasScope("contextHandler.management"))
                    .anyRequest().denyAll();
        }
    };
}
项目:patient-user-api    文件:SecurityConfig.java    
@Bean
public ResourceServerConfigurer resourceServer(SecurityProperties securityProperties) {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESOURCE_ID);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            if (securityProperties.isRequireSsl()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }
            http.authorizeRequests()
                    .antMatchers(HttpMethod.GET, "/management/**").access(hasScope("patientUser.management"))
                    .antMatchers(HttpMethod.POST, "/management/**").access(hasScope("patientUser.management"))
                    .antMatchers(HttpMethod.GET, "/creations/**").access(hasScopes("patientUser.read", "phr.allPatientProfiles_read", "scim.read"))
                    .antMatchers(HttpMethod.POST, "/creations/**").access(hasScopes("patientUser.write", "phr.allPatientProfiles_read", "scim.write"))
                    .antMatchers(HttpMethod.POST, "/scopeAssignments").access(hasScopes("patientUser.scope_assign"))
                    .antMatchers(HttpMethod.POST, "/activations/**").permitAll()
                    .antMatchers(HttpMethod.GET, "/verifications/**").permitAll()
                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                    .anyRequest().denyAll();
        }
    };
}
项目:spring-security-oauth2-boot    文件:MultipleResourceServerConfigurationTests.java    
@Bean
protected ResourceServerConfiguration adminResources() {

    ResourceServerConfiguration resource = new ResourceServerConfiguration() {
        // Switch off the Spring Boot @Autowired configurers
        @Override
        public void setConfigurers(List<ResourceServerConfigurer> configurers) {
            super.setConfigurers(configurers);
        }
    };
    resource.setOrder(3);
    return resource;
}
项目:spring-security-oauth2-boot    文件:MultipleResourceServerConfigurationTests.java    
@Bean
protected ResourceServerConfiguration otherResources() {

    ResourceServerConfiguration resource = new ResourceServerConfiguration() {
        // Switch off the Spring Boot @Autowired configurers
        @Override
        public void setConfigurers(List<ResourceServerConfigurer> configurers) {
            super.setConfigurers(configurers);
        }
    };
    resource.setOrder(4);
    return resource;
}
项目:pcm-api    文件:SecurityConfig.java    
@Bean
public ResourceServerConfigurer resourceServer(SecurityProperties securityProperties) {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESOURCE_ID);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            if (securityProperties.isRequireSsl()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }
            http.authorizeRequests()
                    .antMatchers(HttpMethod.GET, "/management/**").access(hasScope("pcm.management"))
                    .antMatchers(HttpMethod.POST, "/management/**").access(hasScope("pcm.management"))
                    // FIXME (#27): Change following method to protect new attest consent endpoint
                    .antMatchers(HttpMethod.GET, "/patients/consents/signConsent/**").access(hasScope("pcm.consent_sign"))
                    // FIXME (#28): Change following method to protect new attest consent revocation endpoint
                    .antMatchers(HttpMethod.GET, "/patients/consents/revokeConsent/**").access(hasScope("pcm.consent_revoke"))
                    .antMatchers(HttpMethod.GET, "/patients/providers/**").access(hasScope("pcm.provider_read"))
                    .antMatchers(HttpMethod.POST, "/patients/providers/**").access(hasScope("pcm.provider_create"))
                    .antMatchers(HttpMethod.DELETE, "/patients/providers/**").access(hasScope("pcm.provider_delete"))
                    .antMatchers(HttpMethod.GET, "/patients/consents/**").access(hasScope("pcm.consent_read"))
                    .antMatchers(HttpMethod.POST, "/patients/consents/**").access(hasScope("pcm.consent_create"))
                    .antMatchers(HttpMethod.PUT, "/patients/consents/**").access(hasScope("pcm.consent_update"))
                    .antMatchers(HttpMethod.DELETE, "/patients/consents/**").access(hasScope("pcm.consent_delete"))
                    .antMatchers(HttpMethod.GET, "/patients/activities/**").access(hasScope("pcm.activity_read"))
                    .antMatchers(HttpMethod.GET, "/patients/clinicaldocuments/**").access(hasScope("pcm.clinicalDocument_read"))
                    .antMatchers(HttpMethod.POST, "/patients/clinicaldocuments/**").access(hasScope("pcm.clinicalDocument_create"))
                    .antMatchers(HttpMethod.DELETE, "/patients/clinicaldocuments/**").access(hasScope("pcm.clinicalDocument_delete"))
                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                    .antMatchers(HttpMethod.GET, "/patients/purposeOfUse", "/patients/medicalSection", "/patients/sensitivityPolicy").authenticated()
                    // TODO (#29)(BU): remove this permission after VSS is separated
                    .antMatchers(HttpMethod.GET, "/lookupService/**").permitAll()
                    .antMatchers(HttpMethod.POST, "/lookupService/**").permitAll()
                    .anyRequest().denyAll();
        }
    };
}
项目:phr-api    文件:SecurityConfig.java    
@Bean
public ResourceServerConfigurer resourceServer(SecurityProperties securityProperties) {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) {
            resources.resourceId(RESOURCE_ID);
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            if (securityProperties.isRequireSsl()) {
                http.requiresChannel().anyRequest().requiresSecure();
            }
            http.authorizeRequests()
                    .antMatchers(HttpMethod.GET, "/patients/healthInformation/**").access("#oauth2.hasScope('phr.hie_read')")
                    .antMatchers(HttpMethod.POST, "/patients/healthInformation/publish").access("#oauth2.hasScope('phr.hie_write')")
                    .antMatchers(HttpMethod.GET, "/patients/pageNumber/**").access("#oauth2.hasScope('phr.allPatients_read')")
                    .antMatchers(HttpMethod.GET, "/patients/patientDemographic/**").access("#oauth2.hasScope('phr.allPatients_read')")
                    .antMatchers(HttpMethod.GET, "/patients/search/**").access("#oauth2.hasScope('phr.allPatients_read')")
                    .antMatchers(HttpMethod.GET, "/patients/*/profile").access("#oauth2.hasScope('phr.allPatientProfiles_read')")
                    .antMatchers(HttpMethod.GET, "/patients/*/patientIdentifier").access("#oauth2.hasScope('phr.allPatientProfiles_read')")
                    .antMatchers(HttpMethod.PUT, "/patients/*").access(hasScopes("phr.AllPatients_write", "phr.hie_write"))
                    .antMatchers(HttpMethod.GET, "/patients").access("#oauth2.hasScope('phr.patient_read')")
                    .antMatchers(HttpMethod.POST, "/patients").access(hasScopes("phr.hie_write", "registration.write"))
                    .antMatchers(HttpMethod.GET, "/statecodes/**").access("#oauth2.hasScope('phr.patient_read')")
                    .antMatchers(HttpMethod.GET, "/management/**").access("#oauth2.hasScope('phr.management')")
                    .antMatchers(HttpMethod.POST, "/management/**").access("#oauth2.hasScope('phr.management')")
                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
                    .anyRequest().denyAll();
        }
    };
}
项目:spring-microservices-boilerplate    文件:CustomResourceServerConfiguration.java    
/**
 * Resource of api
 *
 * @return {@link ResourceServerConfiguration}
 */
@Bean protected ResourceServerConfiguration adminResources() {

  ResourceServerConfiguration resource = new ResourceServerConfiguration() {
    // Switch off the Spring Boot @Autowired configurers
    public void setConfigurers(List<ResourceServerConfigurer> configurers) {
      super.setConfigurers(configurers);
    }
  };

  resource.setConfigurers(Collections.singletonList(new ResourceServerConfigurerAdapter() {

    @Override public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
      resources.resourceId(RESOURCE_ID);
    }

    @Override public void configure(HttpSecurity http) throws Exception {
      http
          .csrf().disable()
          .authorizeRequests()
          .antMatchers(OPEN_URL).permitAll()
          .antMatchers(MANAGEMENT_URL).hasAnyAuthority("root", "management")
          .antMatchers(APP_URL).hasAnyAuthority("root", "management", "app");
    }
  }));

  resource.setOrder(1);

  return resource;
}
项目:identity-sample-apps    文件:Application.java    
@Bean
public ResourceServerConfigurer resourceServerConfigurerAdapter() {
    return new ResourceServerConfigurerAdapter() {
        @Override
        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.resourceId("todo");
        }

        @Override
        public void configure(HttpSecurity http) throws Exception {
            http.addFilterAfter(new OncePerRequestFilter() {
                @Override
                protected void doFilterInternal(HttpServletRequest request,
                                                HttpServletResponse response, FilterChain filterChain)
                    throws ServletException, IOException {
                    // We don't want to allow access to a resource with no token so clear
                    // the security context in case it is actually an OAuth2Authentication
                    if (tokenExtractor.extract(request) == null) {
                        SecurityContextHolder.clearContext();
                    }
                    filterChain.doFilter(request, response);
                }
            }, AbstractPreAuthenticatedProcessingFilter.class);
            http.csrf().disable();
            http.authorizeRequests().anyRequest().authenticated();
        }
    };
}
项目:spring-security-oauth2-boot    文件:OAuth2ResourceServerConfiguration.java    
@Bean
@ConditionalOnMissingBean(ResourceServerConfigurer.class)
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(this.resource);
}
项目:https-github.com-g0t4-jenkins2-course-spring-boot    文件:OAuth2ResourceServerConfiguration.java    
@Bean
@ConditionalOnMissingBean(ResourceServerConfigurer.class)
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(this.resource);
}
项目:spring-boot-concourse    文件:OAuth2ResourceServerConfiguration.java    
@Bean
@ConditionalOnMissingBean(ResourceServerConfigurer.class)
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(this.resource);
}
项目:data-acquisition    文件:WebSecurityConfiguration.java    
@Bean
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(resource);
}
项目:contestparser    文件:OAuth2ResourceServerConfiguration.java    
@Bean
@ConditionalOnMissingBean(ResourceServerConfigurer.class)
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(this.resource);
}
项目:user-management    文件:SessionConfig.java    
@Bean
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(resource);
}
项目:jsonwebtoken    文件:OAuth2ResourceServerConfiguration.java    
@Bean
@ConditionalOnMissingBean(ResourceServerConfigurer.class)
public ResourceServerConfigurer resourceServer() {
    return new ResourceSecurityConfigurer(this.resourceServerProperties);
}