Switched from InMemoryUsers- to JdbcUsersConnectionRepository with H2

[examples/facebook-app] / src / main / java / de / juplo / yourshouter / SocialConfig.java

diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java
index 7cc9a63..466ed23 100644 (file)
--- a/src/main/java/de/juplo/yourshouter/SocialConfig.java
+++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java
@@ -2,8 +2,11 @@ package de.juplo.yourshouter;
 
 
 
+import java.math.BigInteger;
 import javax.inject.Inject;
+import javax.sql.DataSource;
 import org.apache.http.HttpRequestFactory;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Scope;
@@ -12,6 +15,7 @@ import org.springframework.social.UserIdSource;
 import org.springframework.core.env.Environment;
 import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
 import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.crypto.encrypt.Encryptors;
 import org.springframework.social.config.annotation.ConnectionFactoryConfigurer;
 import org.springframework.social.config.annotation.EnableSocial;
 import org.springframework.social.config.annotation.SocialConfigurerAdapter;
@@ -20,7 +24,7 @@ import org.springframework.social.connect.ConnectionFactoryLocator;
 import org.springframework.social.connect.ConnectionRepository;
 import org.springframework.social.connect.ConnectionSignUp;
 import org.springframework.social.connect.UsersConnectionRepository;
-import org.springframework.social.connect.mem.InMemoryUsersConnectionRepository;
+import org.springframework.social.connect.jdbc.JdbcUsersConnectionRepository;
 import org.springframework.social.connect.web.ConnectController;
 import org.springframework.social.connect.web.ProviderSignInController;
 import org.springframework.social.connect.web.SignInAdapter;
@@ -38,11 +42,18 @@ import org.springframework.social.facebook.web.CanvasSignInController;
 @EnableSocial
 public class SocialConfig extends SocialConfigurerAdapter
 {
+  @Inject
+  DataSource dataSource;
   @Inject
   ConnectionSignUp connectionSignUp;
   @Inject
   SignInAdapter signInAdapter;
 
+  @Value("${facebook.app.secret}")
+  String secret;
+  @Value("${facebook.app.salt}")
+  String salt;
+
 
   /**
    * Add a {@link FacebookConnectionFactory} to the configuration.
@@ -67,23 +78,33 @@ public class SocialConfig extends SocialConfigurerAdapter
   }
 
   /**
-   * Configure an instance of {@link InMemoryUsersConnection} as persistent
-   * store of user/connection-mappings.
+   * {@inheritDoc}
    *
-   * At the moment, no special configuration is needed.
+   * Configure an instance of {@link JdbcUsersConnection} as persistent
+   * store of user/connection-mappings.
+   * <p>
+   * The app-secret is reused as password for the encryption of the data.
+   * The salt can be changed in the <code>pom.xml</code>
+   * <p>
+   * This does only work, if you have the Java Crypto Extension (JCE) in
+   * full strength version, since Spring Security is using a 256-bit key.
    *
-   * @param connectionFactoryLocator
-   *     The {@link ConnectionFactoryLocator} will be injected by Spring.
-   * @return
-   *     The configured {@link UsersConnectionRepository}.
+   * @see http://stackoverflow.com/a/17637354
    */
   @Override
   public UsersConnectionRepository getUsersConnectionRepository(
       ConnectionFactoryLocator connectionFactoryLocator
       )
   {
-    InMemoryUsersConnectionRepository repository =
-        new InMemoryUsersConnectionRepository(connectionFactoryLocator);
+    JdbcUsersConnectionRepository repository =
+        new JdbcUsersConnectionRepository(
+            dataSource,
+            connectionFactoryLocator,
+            Encryptors.text(
+                secret,
+                String.format("%08x", new BigInteger(1, salt.getBytes()))
+                )
+            );
     repository.setConnectionSignUp(connectionSignUp);
     return repository;
   }