Skip to content

caelcs/spring-security-mongo

Repository files navigation

Spring Security Mongo

Build Status Coverage Status Maven Central

Library to provide full implementation of all the repositories and provider necessary to have all the security persisted in MongoDB.

  • ApprovalStore
  • ClientDetailsService
  • ClientRegistrationService
  • TokenStore
  • UserDetailsManager
  • ClientTokenServices

Important

The library does not provides the necessary config to use these services, you will have to do that for your self. On the other hand I have another library that you can use shows how to configure all the services and have up and running your oauth2 server.

https://github.com/caelcs/base-auth2-server

How to use it

Step 1

Add as dependency to your project and then use the beans in your Spring Oauth2 Configuration

Note:

Spring Boot 2.x and Oath2 library and Mongo Driver 3.6 has bring a lot of changes that are not backward compatible unless that you play around with dependencies. So I have updated all the dependencies to use the latest from version 3.0.0.

  • Spring Boot 1.5.x -> use 2.0.0
  • Spring Boot 2.x.x -> use 3.0.0

Step 2

Add this annotation to your configuration class:

@Configuration
@EnableSecurityMongo
public class MongoSecurityConfiguration {

}

Having this annotation will define in your spring context all the necessary to use this library.

Step 3

Create in your mongo instance the user that you will use to access the database

db.createUser(
  {
    user: "oauth2",
    pwd: "testpass",
    roles: [ { role: "readWrite", db: "invoicer" } ]
  }
)

Step 4

define the following properties in your app if you want to use the default Mongo client. If you want to use your own version just DO NOT ADD these properties.

mongo.host=localhost
mongo.port=27017
mongo.database=testdb
mongo.username=testuser
mongo.password=testpassword

Creating users manually in Mongo DB

You can produce the json to create in your mongo instance the users by executing some of the integration tests or just insert this json:

Mongo User

{
    "_id" : "testuser",
    "_class" : "uk.co.caeldev.springsecuritymongo.domain.User",
    "password" : "testpassword",
    "userUUID" : LUUID("03479d48-93cf-5e55-974f-842eb0200ca8"),
    "authorities" : [ 
        {
            "role" : "ROLE_USER",
            "_class" : "org.springframework.security.core.authority.SimpleGrantedAuthority"
        }
    ],
    "accountNonExpired" : true,
    "accountNonLocked" : true,
    "credentialsNonExpired" : true,
    "enabled" : true
}

Mongo Client Detail

{
    "_id" : "testclient",
    "_class" : "uk.co.caeldev.springsecuritymongo.domain.MongoClientDetails",
    "clientSecret" : "testclientsecret",
    "scope" : [ 
        "read"
    ],
    "resourceIds" : [ 
        "oauth2-resource"
    ],
    "authorizedGrantTypes" : [ 
        "authorization_code", 
        "implicit"
    ],
    "registeredRedirectUris" : [ 
        "http://www.google.co.uk"
    ],
    "authorities" : [ 
        {
            "role" : "ROLE_CLIENT",
            "_class" : "org.springframework.security.core.authority.SimpleGrantedAuthority"
        }
    ],
    "accessTokenValiditySeconds" : 30000.0000000000000000,
    "refreshTokenValiditySeconds" : 30000.0000000000000000,
    "additionalInformation" : {},
    "autoApproveScopes" : [ 
        ""
    ]
}