Merge pull request #12 from mzlnk/feature/GH-11

GH-11: added support for cookie token resolver

Author: mzlnk

autoconfigure/src/main/java/io/mzlnk/springframework/multitenant/oauth2/resourceserver/AutoConfiguration.java

@@ -2,6 +2,7 @@
 
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.properties.AuthenticationProviderProperties;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.MultitenantAuthenticationManagerResolver;
+import io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token.TokenResolver;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.tenant.AuthenticationTenant;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.tenant.matcher.AuthenticationTenantMatcher;
 import org.springframework.boot.context.properties.ConfigurationProperties;
@@ -37,8 +38,9 @@ public AuthenticationProviderProperties authenticationProviderProperties() {
     @Bean
     public MultitenantAuthenticationManagerResolver multitenantAuthenticationManagerResolver(AuthenticationProviderProperties properties,
                                                                                              List<AuthenticationTenantMatcher> matchers,
-                                                                                             AuthenticationTenantFactory tenantFactory) {
-        return new MultitenantAuthenticationManagerResolver(properties, matchers, tenantFactory);
+                                                                                             AuthenticationTenantFactory tenantFactory,
+                                                                                             TokenResolver tokenResolver) {
+        return new MultitenantAuthenticationManagerResolver(properties, matchers, tenantFactory, tokenResolver);
     }
 
     @Bean

autoconfigure/src/main/java/io/mzlnk/springframework/multitenant/oauth2/resourceserver/resolver/MultitenantAuthenticationManagerResolver.java

@@ -4,6 +4,7 @@
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.properties.AuthenticationProviderProperties;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.properties.TokenType;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.jwt.JwtAuthenticationManagerResolver;
+import io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token.TokenResolver;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.tenant.AuthenticationTenant;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.tenant.AuthenticationTenantFactory;
 import io.mzlnk.springframework.multitenant.oauth2.resourceserver.tenant.JwtAuthenticationTenant;
@@ -33,16 +34,18 @@ public class MultitenantAuthenticationManagerResolver implements AuthenticationM
     private final Map<String, AuthenticationProvider> opaqueProviders;
     private final JwtAuthenticationManagerResolver jwtResolver;
 
-    private final BearerTokenResolver tokenResolver = new DefaultBearerTokenResolver();
+    private final TokenResolver tokenResolver;
 
     public MultitenantAuthenticationManagerResolver(AuthenticationProviderProperties tenantsProperties,
                                                     List<AuthenticationTenantMatcher> externalMatchers,
-                                                    AuthenticationTenantFactory tenantFactory) {
+                                                    AuthenticationTenantFactory tenantFactory,
+                                                    TokenResolver tokenResolver) {
 
         this.tenants = tenantFactory.create(tenantsProperties.getTenants(), externalMatchers);
         this.tenantsByIssuer = this.tenants.stream().collect(Collectors.toMap(AuthenticationTenant::getIssuer, a -> a));
         this.opaqueProviders = opaqueTokenAuthenticationProviders();
         this.jwtResolver = jwtResolver();
+        this.tokenResolver = tokenResolver;
     }
 
     @Override

autoconfigure/src/main/java/io/mzlnk/springframework/multitenant/oauth2/resourceserver/resolver/token/CookieTokenResolver.java

@@ -0,0 +1,24 @@
+package io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+
+public class CookieTokenResolver implements TokenResolver {
+
+    private final String cookieName;
+
+    public CookieTokenResolver(String cookieName) {
+        this.cookieName = cookieName;
+    }
+
+    @Override
+    public String resolve(HttpServletRequest httpRequest) {
+        return Arrays.stream(httpRequest.getCookies())
+                .filter(cookie -> cookie.getName().equals(this.cookieName))
+                .findAny()
+                .map(Cookie::getValue)
+                .orElse(null);
+    }
+
+}

autoconfigure/src/main/java/io/mzlnk/springframework/multitenant/oauth2/resourceserver/resolver/token/DefaultTokenResolver.java

@@ -0,0 +1,17 @@
+package io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token;
+
+import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;
+import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class DefaultTokenResolver implements TokenResolver {
+
+    private final BearerTokenResolver resolver = new DefaultBearerTokenResolver();
+
+    @Override
+    public String resolve(HttpServletRequest httpRequest) {
+        return resolver.resolve(httpRequest);
+    }
+
+}

autoconfigure/src/main/java/io/mzlnk/springframework/multitenant/oauth2/resourceserver/resolver/token/TokenResolver.java

@@ -0,0 +1,9 @@
+package io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token;
+
+import javax.servlet.http.HttpServletRequest;
+
+public interface TokenResolver {
+
+    String resolve(HttpServletRequest httpRequest);
+
+}

autoconfigure/src/main/java/io/mzlnk/springframework/multitenant/oauth2/resourceserver/resolver/token/TokenResolverAutoConfiguration.java

@@ -0,0 +1,27 @@
+package io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Primary;
+
+@Configuration
+public class TokenResolverAutoConfiguration {
+
+    @Bean
+    @Primary
+    @ConditionalOnProperty(
+            prefix = "oauth2.resource.server.token-resolver",
+            name = "type",
+            havingValue = "COOKIE")
+    public TokenResolver cookieTokenResolver(@Value("${oauth2.resource.server.token-resolver.cookie-name:access_token}") String cookieName) {
+        return new CookieTokenResolver(cookieName);
+    }
+
+    @Bean
+    public TokenResolver defaultTokenResolver() {
+        return new DefaultTokenResolver();
+    }
+
+}

autoconfigure/src/main/resources/META-INF/spring.factories

@@ -1,3 +1,4 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
   io.mzlnk.springframework.multitenant.oauth2.resourceserver.AutoConfiguration,\
-  io.mzlnk.springframework.multitenant.oauth2.resourceserver.FactoriesAutoConfiguration
+  io.mzlnk.springframework.multitenant.oauth2.resourceserver.FactoriesAutoConfiguration,\
+  io.mzlnk.springframework.multitenant.oauth2.resourceserver.resolver.token.TokenResolverAutoConfiguration