@Test public void orderIsUnchangedWhenThereAreMultipleResourceServerConfigurations() { this.context = new AnnotationConfigWebApplicationContext(); this.context.register(DoubleResourceConfiguration.class); TestPropertyValues.of("security.oauth2.resource.tokenInfoUri:http://example.com", "security.oauth2.client.clientId=acme").applyTo(this.context); this.context.refresh(); assertThat(this.context .getBean("adminResources", ResourceServerConfiguration.class).getOrder()) .isEqualTo(3); assertThat(this.context .getBean("otherResources", ResourceServerConfiguration.class).getOrder()) .isEqualTo(4); }
@Bean protected ResourceServerConfiguration adminResources() { ResourceServerConfiguration resource = new ResourceServerConfiguration() { // Switch off the Spring Boot @Autowired configurers @Override public void setConfigurers(List<ResourceServerConfigurer> configurers) { super.setConfigurers(configurers); } }; resource.setOrder(3); return resource; }
@Bean protected ResourceServerConfiguration otherResources() { ResourceServerConfiguration resource = new ResourceServerConfiguration() { // Switch off the Spring Boot @Autowired configurers @Override public void setConfigurers(List<ResourceServerConfigurer> configurers) { super.setConfigurers(configurers); } }; resource.setOrder(4); return resource; }
/** * Resource of api * * @return {@link ResourceServerConfiguration} */ @Bean protected ResourceServerConfiguration adminResources() { ResourceServerConfiguration resource = new ResourceServerConfiguration() { // Switch off the Spring Boot @Autowired configurers public void setConfigurers(List<ResourceServerConfigurer> configurers) { super.setConfigurers(configurers); } }; resource.setConfigurers(Collections.singletonList(new ResourceServerConfigurerAdapter() { @Override public void configure(ResourceServerSecurityConfigurer resources) throws Exception { resources.resourceId(RESOURCE_ID); } @Override public void configure(HttpSecurity http) throws Exception { http .csrf().disable() .authorizeRequests() .antMatchers(OPEN_URL).permitAll() .antMatchers(MANAGEMENT_URL).hasAnyAuthority("root", "management") .antMatchers(APP_URL).hasAnyAuthority("root", "management", "app"); } })); resource.setOrder(1); return resource; }
@Override public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { if (bean instanceof ResourceServerConfiguration) { ResourceServerConfiguration configuration = (ResourceServerConfiguration) bean; configuration.setOrder(getOrder()); } return bean; }
@Override public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException { if (bean instanceof ResourceServerConfiguration) { if (this.context.getBeanNamesForType(ResourceServerConfiguration.class, false, false).length == 1) { ResourceServerConfiguration config = (ResourceServerConfiguration) bean; config.setOrder(this.properties.getFilterOrder()); } } return bean; }
