org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler Java Examples
The following examples show how to use
org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: SecurityHandlerConfig.java From open-capacity-platform with Apache License 2.0 | 6 votes |
|
/**
* 处理spring security oauth 处理失败返回消息格式
* resp_code
* resp_desc
*/
@Bean
public OAuth2AccessDeniedHandler oAuth2AccessDeniedHandler(){
return new OAuth2AccessDeniedHandler(){
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException, ServletException {
Map<String ,String > rsp =new HashMap<>();
response.setContentType("application/json;charset=UTF-8");
response.setStatus(HttpStatus.UNAUTHORIZED.value() );
rsp.put("resp_code", HttpStatus.UNAUTHORIZED.value() + "") ;
rsp.put("resp_msg", authException.getMessage()) ;
response.setContentType("application/json;charset=UTF-8");
response.getWriter().write(objectMapper.writeValueAsString(rsp));
response.getWriter().flush();
response.getWriter().close();
}
};
}
Example #2
| Source File: ResourceServerConfiguration.java From openapi-generator with Apache License 2.0 | 6 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
//configure security for the http methods
http.
anonymous().disable()
.requestMatchers().antMatchers(HttpMethod.GET, "/pet/**")
.and().authorizeRequests()
.antMatchers(HttpMethod.GET, "/pet/**").access("hasRole('ADMIN')")
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
http.
anonymous().disable()
.requestMatchers().antMatchers(HttpMethod.GET, "/store/**")
.and().authorizeRequests()
.antMatchers(HttpMethod.GET, "/store/**").access("hasRole('ADMIN')")
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
http.
anonymous().disable()
.requestMatchers().antMatchers(HttpMethod.GET, "/user/**")
.and().authorizeRequests()
.antMatchers(HttpMethod.GET, "/user/**").access("hasRole('ADMIN')")
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
Example #3
| Source File: ResourceServerOAuth2Config.java From Building-Web-Apps-with-Spring-5-and-Angular with MIT License | 6 votes |
|
@Override
public void configure(final HttpSecurity http) throws Exception {
http
.requestMatchers().antMatchers("/doctor/**", "/rx/**", "/account/**")
.and()
.authorizeRequests()
.antMatchers(HttpMethod.GET,"/doctor/**").access("#oauth2.hasScope('doctor') and #oauth2.hasScope('read')")
.antMatchers(HttpMethod.POST,"/doctor/**").access("#oauth2.hasScope('doctor') and #oauth2.hasScope('write')")
.antMatchers(HttpMethod.GET,"/rx/**").access("#oauth2.hasScope('doctor') and #oauth2.hasScope('read')")
.antMatchers(HttpMethod.POST,"/rx/**").access("#oauth2.hasScope('doctor') and #oauth2.hasScope('write')")
.antMatchers("/account/**").permitAll()
.and()
.exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler())
.and()
.csrf().disable();
}
Example #4
| Source File: DefaultSecurityHandlerConfig.java From microservices-platform with Apache License 2.0 | 5 votes |
|
/**
* 处理spring security oauth 处理失败返回消息格式
*/
@Bean
public OAuth2AccessDeniedHandler oAuth2AccessDeniedHandler() {
return new OAuth2AccessDeniedHandler() {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException, ServletException {
ResponseUtil.responseFailed(objectMapper, response, authException.getMessage());
}
};
}
Example #5
| Source File: CustomResourceServerConfig.java From spring-microservice-exam with MIT License | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
String[] ignores = new String[filterIgnorePropertiesConfig.getUrls().size()];
http
.csrf().disable()
.httpBasic().disable()
.authorizeRequests()
.antMatchers(filterIgnorePropertiesConfig.getUrls().toArray(ignores)).permitAll()
.anyRequest().authenticated()
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
// 手机号登录
http.apply(mobileSecurityConfigurer);
// 微信登录
http.apply(wxSecurityConfigurer);
}
Example #6
| Source File: ResourceServerConfig.java From java-starthere with MIT License | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception
{
// http.anonymous().disable(); // since we allow anonymous users to access Swagger
// and create a user account
http.authorizeRequests()
.antMatchers("/",
"/h2-console/**",
"/swagger-resources/**",
"/swagger-resource/**",
"/swagger-ui.html",
"/v2/api-docs",
"/webjars/**",
"/createnewuser")
.permitAll()
.antMatchers("/users/**",
"/useremails/**",
"/oauth/revoke-token",
"/logout")
.authenticated()
.antMatchers("/roles/**",
"/actuator/**")
.hasAnyRole("ADMIN")
.and()
.exceptionHandling()
.accessDeniedHandler(new OAuth2AccessDeniedHandler());
// http.requiresChannel().anyRequest().requiresSecure(); // required for https
http.csrf()
.disable();
http.headers()
.frameOptions()
.disable();
http.logout()
.disable();
}
Example #7
| Source File: ResourceServerConfig.java From Mastering-Spring-5.1 with MIT License | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
http.
anonymous().disable()
.authorizeRequests()
.antMatchers("/users/**").access("hasRole('USER')")
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
Example #8
| Source File: ResourceServerConfiguration.java From cola-cloud with MIT License | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests().antMatchers("/v2/api-docs","/sms/token").permitAll()
.anyRequest().authenticated()
.and().logout().permitAll()
.and().formLogin().permitAll()
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
Example #9
| Source File: ResourceServerConfig.java From Spring-5.0-Projects with MIT License | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/api/**").authenticated()
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
Example #10
| Source File: ResourceServerConfig.java From oauth2-blog with MIT License | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
http.
anonymous().disable()
.authorizeRequests()
.antMatchers("/api/**").authenticated()
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
Example #11
| Source File: ResourceServerConfig.java From springboot-vue.js-bbs with Apache License 2.0 | 5 votes |
|
@Override
public void configure(HttpSecurity http) throws Exception {
http
.cors()
.and()
.requestMatchers()
.antMatchers("/api/**")
.and()
.authorizeRequests()
.antMatchers("/api/**/board/**").permitAll()
.antMatchers("/api/**/user/signup").permitAll()
.antMatchers("/api/**").hasAuthority(Authority.USER.getAuthority())
.and()
.exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
Example #12
| Source File: SecurityConfiguration.java From nakadi with MIT License | 5 votes |
|
@Override
public void configure(final ResourceServerSecurityConfigurer resources) throws Exception {
final OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint = new OAuth2AuthenticationEntryPoint();
oAuth2AuthenticationEntryPoint.setExceptionRenderer(new ProblemOauthExceptionRenderer());
resources.authenticationEntryPoint(oAuth2AuthenticationEntryPoint);
resources.tokenServices(tokenServices);
resources.expressionHandler(new ExtendedOAuth2WebSecurityExpressionHandler());
final OAuth2AccessDeniedHandler oAuth2AccessDeniedHandler = new OAuth2AccessDeniedHandler();
oAuth2AccessDeniedHandler.setExceptionRenderer(new ProblemOauthExceptionRenderer());
resources.accessDeniedHandler(oAuth2AccessDeniedHandler);
}
Example #13
| Source File: OAuth2CustomResultConfiguration.java From onetwo with Apache License 2.0 | 4 votes |
|
@Bean
public OAuth2AccessDeniedHandler oauth2AccessDeniedHandler(ObjectMapperProvider objectMapperProvider){
OAuth2AccessDeniedHandler dh = new OAuth2AccessDeniedHandler();
dh.setExceptionRenderer(oauth2ExceptionRenderer(objectMapperProvider));
return dh;
}
Example #14
| Source File: ResourceServerConfig.java From pacbot with Apache License 2.0 | 3 votes |
|
/**
* Classic Spring Security stuff, defining how to handle {@link AccessDeniedException}s.
* Inject your custom exception translator into the OAuth2AccessDeniedHandler.
* (if you don't add this access denied exceptions may use a different format)
*
* @return AccessDeniedHandler
*/
@Bean
public AccessDeniedHandler accessDeniedHandler() {
final OAuth2AccessDeniedHandler handler = new OAuth2AccessDeniedHandler();
handler.setExceptionTranslator(exceptionTranslator());
return handler;
}
Example #15
| Source File: ResourceServerConfiguration.java From spring-cloud-contract-samples with Apache License 2.0 | 3 votes |
|
/**
* <p>
* Configures security.
* </p>
* @param http security to configure
* @throws Exception if something unexpected happened
*/
@Override
public void configure(HttpSecurity http) throws Exception {
notNull(http, "http");
http.csrf().disable().authorizeRequests().antMatchers("/**").authenticated().and()
.exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
