Switched from the manual implemented authentication-layer to Spring Security

[examples/facebook-app] / src / main / java / de / juplo / yourshouter / SocialConfig.java

diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java
index ff69151..7cc9a63 100644 (file)
--- a/src/main/java/de/juplo/yourshouter/SocialConfig.java
+++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java
@@ -2,18 +2,23 @@ package de.juplo.yourshouter;
 
 
 
+import javax.inject.Inject;
+import org.apache.http.HttpRequestFactory;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Scope;
 import org.springframework.context.annotation.ScopedProxyMode;
 import org.springframework.social.UserIdSource;
 import org.springframework.core.env.Environment;
+import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
+import org.springframework.security.core.context.SecurityContext;
 import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
 import org.springframework.social.config.annotation.EnableSocial;
 import org.springframework.social.config.annotation.SocialConfigurerAdapter;
 import org.springframework.social.connect.Connection;
 import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.ConnectionRepository;
+import org.springframework.social.connect.ConnectionSignUp;
 import org.springframework.social.connect.UsersConnectionRepository;
 import org.springframework.social.connect.mem.InMemoryUsersConnectionRepository;
 import org.springframework.social.connect.web.ConnectController;
@@ -21,6 +26,7 @@ import org.springframework.social.connect.web.ProviderSignInController;
 import org.springframework.social.connect.web.SignInAdapter;
 import org.springframework.social.facebook.api.Facebook;
 import org.springframework.social.facebook.connect.FacebookConnectionFactory;
+import org.springframework.social.facebook.web.CanvasSignInController;
 
 
 /**
@@ -32,6 +38,12 @@ import org.springframework.social.facebook.connect.FacebookConnectionFactory;
 @EnableSocial
 public class SocialConfig extends SocialConfigurerAdapter
 {
+  @Inject
+  ConnectionSignUp connectionSignUp;
+  @Inject
+  SignInAdapter signInAdapter;
+
+
   /**
    * Add a {@link FacebookConnectionFactory} to the configuration.
    * The factory is configured through the keys <code>facebook.app.id</code>
@@ -72,7 +84,7 @@ public class SocialConfig extends SocialConfigurerAdapter
   {
     InMemoryUsersConnectionRepository repository =
         new InMemoryUsersConnectionRepository(connectionFactoryLocator);
-    repository.setConnectionSignUp(new ProviderUserIdConnectionSignUp());
+    repository.setConnectionSignUp(connectionSignUp);
     return repository;
   }
 
@@ -90,7 +102,7 @@ public class SocialConfig extends SocialConfigurerAdapter
   @Override
   public UserIdSource getUserIdSource()
   {
-    return new SecurityContextUserIdSource();
+    return new SpringSecurityContextUserIdSource();
   }
 
 
@@ -133,14 +145,38 @@ public class SocialConfig extends SocialConfigurerAdapter
       UsersConnectionRepository repository
       )
   {
-    ProviderSignInController controller = new ProviderSignInController(
-        factoryLocator,
-        repository,
-        new UserCookieSignInAdapter()
-        );
+    ProviderSignInController controller =
+        new ProviderSignInController(factoryLocator, repository, signInAdapter);
     return controller;
   }
 
+  /**
+   * Configure the {@link CanvasSignInController} to enable sign-in through
+   * the <code>signed_request</code>, that Facebook sends to the canvas-page.
+   *
+   * @param factoryLocator The {@link ConnectionFactoryLocator} will be injected by Spring.
+   * @param repository The {@link UserConnectionRepository} will be injected by Spring.
+   * @param env The {@link Environment}, to read additional parameters from.
+   * @return The configured {@link CanvasSignInController}
+   */
+  @Bean
+  public CanvasSignInController canvasSignInController(
+      ConnectionFactoryLocator factoryLocator,
+      UsersConnectionRepository repository,
+      Environment env
+      )
+  {
+    return
+        new CanvasSignInController(
+            factoryLocator,
+            repository,
+            signInAdapter,
+            env.getProperty("facebook.app.id"),
+            env.getProperty("facebook.app.secret"),
+            env.getProperty("facebook.app.canvas")
+            );
+  }
+
   /**
    * Configure a scoped bean named <code>facebook</code>, that enables
    * access to the Graph-API in the name of the current user.
@@ -160,4 +196,28 @@ public class SocialConfig extends SocialConfigurerAdapter
         repository.findPrimaryConnection(Facebook.class);
     return connection != null ? connection.getApi() : null;
   }
+
+  /**
+   * Use the <code>HttpClient</code> from Apaches <code>HttpComponents</code>
+   * for HTTP-requests.
+   *
+   * We also configure shorter intervals for the connection timeout and the
+   * read timeout.
+   *
+   * @param env The {@link Environment}, to read additional parameters from.
+   * @return The alternative implementation of {@link HttpRequestFactory}.
+   */
+  @Bean
+  public HttpComponentsClientHttpRequestFactory requestFactory(Environment env)
+  {
+    HttpComponentsClientHttpRequestFactory factory =
+        new HttpComponentsClientHttpRequestFactory();
+    factory.setConnectTimeout(
+        Integer.parseInt(env.getProperty("httpclient.timeout.connection"))
+        );
+    factory.setReadTimeout(
+        Integer.parseInt(env.getProperty("httpclient.timeout.read"))
+        );
+    return factory;
+  }
 }