Update resource server and readme

5c78b9c2 · alvachien · 3af759d1 · 5c78b9c2 · 5c78b9c2 · 5c78b9c2
7 changed file
--- a/readme.md
+++ b/readme.md
@@ -4,7 +4,7 @@ It's a demo project for spring-auth-server.
 This project consist of following three sub-projects.
-## spring-auth-server-demo
+## auth-server-demo
 Auth. server, including identity management.
@@ -39,8 +39,19 @@ Dependencies:
 - SQL Server 2019;
 - Spring Auth Server;
+## idp-server-demo
-## spring-resource-server-demo
+Identity server demo.
+Dependencies:
+- Java 17;
+- Spring Boot 3.0;
+    - Spring Boot JPA;
+    - Spring Boot Web;
+- SQL Server 2019;
+- Spring Auth Server;
+## resource-server-demo
 Resource server.
@@ -57,6 +68,7 @@ Dependencies:
 - SQL Server 2019;
 - Resource Server;
 ## angular-client-demo
 An angular client which consume that resources.

--- a/resource-server-demo/pom.xml
+++ b/resource-server-demo/pom.xml
@@ -35,10 +35,16 @@
 		</dependency>
 		<dependency>
-			<groupId>org.postgresql</groupId>
+			<groupId>com.microsoft.sqlserver</groupId>
-			<artifactId>postgresql</artifactId>
+			<artifactId>mssql-jdbc</artifactId>
+			<version>11.2.1.jre17</version>
 			<scope>runtime</scope>
 		</dependency>
+		<dependency>
+			<groupId>com.h2database</groupId>
+			<artifactId>h2</artifactId>
+			<scope>test</scope>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.security</groupId>
 			<artifactId>spring-security-test</artifactId>

--- a/resource-server-demo/src/main/java/com/poc/alvachien/resourceserverdemo/config/ResourceServerConfig.java
+++ b/resource-server-demo/src/main/java/com/poc/alvachien/resourceserverdemo/config/ResourceServerConfig.java
 package com.poc.alvachien.resourceserverdemo.config;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.web.SecurityFilterChain;
 @EnableWebSecurity
+@Configuration(proxyBeanMethods = false)
 public class ResourceServerConfig {
 	@Bean
 	SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
 		http
-        	.authorizeRequests()
+			.securityMatcher("/api/protected/**")
-        	.requestMatchers("/api/protected/**").authenticated()
+				.authorizeHttpRequests()
-        	.requestMatchers("/").permitAll();
+					.requestMatchers("/api/protected/**").hasAuthority("SCOPE_message.read")
+					.and()
+			.oauth2ResourceServer()
+				.jwt();
 		return http.build();
 	}
 }
--- a/resource-server-demo/src/main/java/com/poc/alvachien/resourceserverdemo/controller/ProtectedController.java
+++ b/resource-server-demo/src/main/java/com/poc/alvachien/resourceserverdemo/controller/ProtectedController.java
@@ -3,7 +3,6 @@ package com.poc.alvachien.resourceserverdemo.controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.bind.annotation.RequestParam;
 @RestController

--- a/resource-server-demo/src/main/java/com/poc/alvachien/resourceserverdemo/controller/NonProtectedController.java
+++ b/resource-server-demo/src/main/java/com/poc/alvachien/resourceserverdemo/controller/NonProtectedController.java
@@ -3,14 +3,12 @@ package com.poc.alvachien.resourceserverdemo.controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.bind.annotation.RequestParam;
 @RestController
-@RequestMapping("/api/NonProtected")
+@RequestMapping("/api/Public")
-public class NonProtectedController {
+public class PublicController {
    @GetMapping("/sayhi")
    public String sayhi() {
-        return "Say hi from Non-Protected";
+        return "Say hi from Public";
    }    
 }
--- a/resource-server-demo/src/main/resources/application.properties
+++ b/resource-server-demo/src/main/resources/application.properties
-server.port:9500
-spring.security.oauth2.resourceserver.jwt.issuer-uri=http://localhost:9600
-spring.jpa.hibernate.ddl-auto=update
-spring.datasource.url=jdbc:sqlserver://localhost;encrypt=true;database=authresource;integratedSecurity=true;trustServerCertificate=true
-#spring.datasource.username=springuser
-#spring.datasource.password=ThePassword
-spring.datasource.driver-class-name=com.microsoft.sqlserver.jdbc.SQLServerDriver
-spring.jpa.show-sql: true
--- a/resource-server-demo/src/main/resources/application.yml
+++ b/resource-server-demo/src/main/resources/application.yml
+server:
+  port: 8090
+logging:
+  level:
+    root: INFO
+    org.springframework.web: INFO
+    org.springframework.security: INFO
+    org.springframework.security.oauth2: INFO
+spring:
+  security:
+    oauth2:
+      resourceserver:
+        jwt:
+          issuer-uri: http://localhost:9000
\ No newline at end of file