Turning the app into a pure Facebook-App

[examples/facebook-app] / src / main / java / de / juplo / yourshouter / SocialConfig.java

diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java
index 4efa0e2..40a0aa5 100644 (file)
--- a/src/main/java/de/juplo/yourshouter/SocialConfig.java
+++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java
@@ -2,6 +2,8 @@ package de.juplo.yourshouter;
 
 
 
+import javax.inject.Inject;
+import javax.sql.DataSource;
 import org.apache.http.HttpRequestFactory;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -10,16 +12,18 @@ import org.springframework.context.annotation.ScopedProxyMode;
 import org.springframework.social.UserIdSource;
 import org.springframework.core.env.Environment;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.crypto.encrypt.Encryptors;
 import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
 import org.springframework.social.config.annotation.EnableSocial;
 import org.springframework.social.config.annotation.SocialConfigurerAdapter;
 import org.springframework.social.connect.Connection;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.ConnectionRepository;
+import org.springframework.social.connect.ConnectionSignUp;
 import org.springframework.social.connect.UsersConnectionRepository;
-import org.springframework.social.connect.mem.InMemoryUsersConnectionRepository;
+import org.springframework.social.connect.jdbc.JdbcUsersConnectionRepository;
 import org.springframework.social.connect.web.ConnectController;
-import org.springframework.social.connect.web.ProviderSignInController;
 import org.springframework.social.connect.web.SignInAdapter;
 import org.springframework.social.facebook.api.Facebook;
 import org.springframework.social.facebook.connect.FacebookConnectionFactory;
@@ -35,6 +39,14 @@ import org.springframework.social.facebook.web.CanvasSignInController;
 @EnableSocial
 public class SocialConfig extends SocialConfigurerAdapter
 {
+  @Inject
+  DataSource dataSource;
+  @Inject
+  ConnectionSignUp connectionSignUp;
+  @Inject
+  SignInAdapter signInAdapter;
+
+
   /**
    * Add a {@link FacebookConnectionFactory} to the configuration.
    * The factory is configured through the keys <code>facebook.app.id</code>
@@ -58,24 +70,31 @@ public class SocialConfig extends SocialConfigurerAdapter
   }
 
   /**
-   * Configure an instance of {@link InMemoryUsersConnection} as persistent
-   * store of user/connection-mappings.
+   * {@inheritDoc}
    *
-   * At the moment, no special configuration is needed.
+   * Configure an instance of {@link JdbcUsersConnection} as persistent
+   * store of user/connection-mappings.
+   * <p>
+   * The app-secret is reused as password for the encryption of the data.
+   * The salt can be changed in the <code>pom.xml</code>
+   * <p>
+   * This does only work, if you have the Java Crypto Extension (JCE) in
+   * full strength version, since Spring Security is using a 256-bit key.
    *
-   * @param connectionFactoryLocator
-   *     The {@link ConnectionFactoryLocator} will be injected by Spring.
-   * @return
-   *     The configured {@link UsersConnectionRepository}.
+   * @see http://stackoverflow.com/a/17637354
    */
   @Override
   public UsersConnectionRepository getUsersConnectionRepository(
       ConnectionFactoryLocator connectionFactoryLocator
       )
   {
-    InMemoryUsersConnectionRepository repository =
-        new InMemoryUsersConnectionRepository(connectionFactoryLocator);
-    repository.setConnectionSignUp(new ProviderUserIdConnectionSignUp());
+    JdbcUsersConnectionRepository repository =
+        new JdbcUsersConnectionRepository(
+            dataSource,
+            connectionFactoryLocator,
+            Encryptors.noOpText()
+            );
+    repository.setConnectionSignUp(connectionSignUp);
     return repository;
   }
 
@@ -93,7 +112,7 @@ public class SocialConfig extends SocialConfigurerAdapter
   @Override
   public UserIdSource getUserIdSource()
   {
-    return new SecurityContextUserIdSource();
+    return new SpringSecurityContextUserIdSource();
   }
 
 
@@ -121,29 +140,6 @@ public class SocialConfig extends SocialConfigurerAdapter
     return controller;
   }
 
-  /**
-   * Configure the {@link ProviderSignInController} to use our implementation
-   * of {@link SignInAdapter} to sign in the user by storing the ID in the
-   * {@link SecurityContext} and the user-cookie.
-   *
-   * @param factoryLocator The {@link ConnectionFactoryLocator} will be injected by Spring.
-   * @param repository The {@link UserConnectionRepository} will be injected by Spring.
-   * @return The configured {@link ProviderSignInController}
-   */
-  @Bean
-  public ProviderSignInController signInController(
-      ConnectionFactoryLocator factoryLocator,
-      UsersConnectionRepository repository
-      )
-  {
-    ProviderSignInController controller = new ProviderSignInController(
-        factoryLocator,
-        repository,
-        new UserCookieSignInAdapter()
-        );
-    return controller;
-  }
-
   /**
    * Configure the {@link CanvasSignInController} to enable sign-in through
    * the <code>signed_request</code>, that Facebook sends to the canvas-page.
@@ -164,7 +160,7 @@ public class SocialConfig extends SocialConfigurerAdapter
         new CanvasSignInController(
             factoryLocator,
             repository,
-            new UserCookieSignInAdapter(),
+            signInAdapter,
             env.getProperty("facebook.app.id"),
             env.getProperty("facebook.app.secret"),
             env.getProperty("facebook.app.canvas")