X-Git-Url: http://juplo.de/gitweb/?a=blobdiff_plain;f=src%2Fmain%2Fjava%2Fde%2Fjuplo%2Fyourshouter%2FSocialConfig.java;h=40a0aa5f7c2132d3575f099351cfbc5e7fa8d64c;hb=f1e0b9b0179c176ad143862cbe56a24d319c87ba;hp=4efa0e2e592911f09a152814984126c631969485;hpb=f45e5e611f7d990477ede18dfc79a18d926eb347;p=examples%2Ffacebook-app diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java index 4efa0e2..40a0aa5 100644 --- a/src/main/java/de/juplo/yourshouter/SocialConfig.java +++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java @@ -2,6 +2,8 @@ package de.juplo.yourshouter; +import javax.inject.Inject; +import javax.sql.DataSource; import org.apache.http.HttpRequestFactory; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -10,16 +12,18 @@ import org.springframework.context.annotation.ScopedProxyMode; import org.springframework.social.UserIdSource; import org.springframework.core.env.Environment; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.crypto.encrypt.Encryptors; import org.springframework.social.config.annotation.ConnectionFactoryConfigurer; import org.springframework.social.config.annotation.EnableSocial; import org.springframework.social.config.annotation.SocialConfigurerAdapter; import org.springframework.social.connect.Connection; import org.springframework.social.connect.ConnectionFactoryLocator; import org.springframework.social.connect.ConnectionRepository; +import org.springframework.social.connect.ConnectionSignUp; import org.springframework.social.connect.UsersConnectionRepository; -import org.springframework.social.connect.mem.InMemoryUsersConnectionRepository; +import org.springframework.social.connect.jdbc.JdbcUsersConnectionRepository; import org.springframework.social.connect.web.ConnectController; -import org.springframework.social.connect.web.ProviderSignInController; import org.springframework.social.connect.web.SignInAdapter; import org.springframework.social.facebook.api.Facebook; import org.springframework.social.facebook.connect.FacebookConnectionFactory; @@ -35,6 +39,14 @@ import org.springframework.social.facebook.web.CanvasSignInController; @EnableSocial public class SocialConfig extends SocialConfigurerAdapter { + @Inject + DataSource dataSource; + @Inject + ConnectionSignUp connectionSignUp; + @Inject + SignInAdapter signInAdapter; + + /** * Add a {@link FacebookConnectionFactory} to the configuration. * The factory is configured through the keys facebook.app.id @@ -58,24 +70,31 @@ public class SocialConfig extends SocialConfigurerAdapter } /** - * Configure an instance of {@link InMemoryUsersConnection} as persistent - * store of user/connection-mappings. + * {@inheritDoc} * - * At the moment, no special configuration is needed. + * Configure an instance of {@link JdbcUsersConnection} as persistent + * store of user/connection-mappings. + *

+ * The app-secret is reused as password for the encryption of the data. + * The salt can be changed in the pom.xml + *

+ * This does only work, if you have the Java Crypto Extension (JCE) in + * full strength version, since Spring Security is using a 256-bit key. * - * @param connectionFactoryLocator - * The {@link ConnectionFactoryLocator} will be injected by Spring. - * @return - * The configured {@link UsersConnectionRepository}. + * @see http://stackoverflow.com/a/17637354 */ @Override public UsersConnectionRepository getUsersConnectionRepository( ConnectionFactoryLocator connectionFactoryLocator ) { - InMemoryUsersConnectionRepository repository = - new InMemoryUsersConnectionRepository(connectionFactoryLocator); - repository.setConnectionSignUp(new ProviderUserIdConnectionSignUp()); + JdbcUsersConnectionRepository repository = + new JdbcUsersConnectionRepository( + dataSource, + connectionFactoryLocator, + Encryptors.noOpText() + ); + repository.setConnectionSignUp(connectionSignUp); return repository; } @@ -93,7 +112,7 @@ public class SocialConfig extends SocialConfigurerAdapter @Override public UserIdSource getUserIdSource() { - return new SecurityContextUserIdSource(); + return new SpringSecurityContextUserIdSource(); } @@ -121,29 +140,6 @@ public class SocialConfig extends SocialConfigurerAdapter return controller; } - /** - * Configure the {@link ProviderSignInController} to use our implementation - * of {@link SignInAdapter} to sign in the user by storing the ID in the - * {@link SecurityContext} and the user-cookie. - * - * @param factoryLocator The {@link ConnectionFactoryLocator} will be injected by Spring. - * @param repository The {@link UserConnectionRepository} will be injected by Spring. - * @return The configured {@link ProviderSignInController} - */ - @Bean - public ProviderSignInController signInController( - ConnectionFactoryLocator factoryLocator, - UsersConnectionRepository repository - ) - { - ProviderSignInController controller = new ProviderSignInController( - factoryLocator, - repository, - new UserCookieSignInAdapter() - ); - return controller; - } - /** * Configure the {@link CanvasSignInController} to enable sign-in through * the signed_request, that Facebook sends to the canvas-page. @@ -164,7 +160,7 @@ public class SocialConfig extends SocialConfigurerAdapter new CanvasSignInController( factoryLocator, repository, - new UserCookieSignInAdapter(), + signInAdapter, env.getProperty("facebook.app.id"), env.getProperty("facebook.app.secret"), env.getProperty("facebook.app.canvas")