add client credentials for product

business/product-service/src/main/java/com/hncy/service/product/config/UserSecurityConfig.java

+package com.hncy.service.product.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.client.ClientHttpRequestFactory;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
+import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext;
+import org.springframework.security.oauth2.client.OAuth2RestOperations;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails;
+import org.springframework.security.oauth2.client.token.AccessTokenProvider;
+import org.springframework.security.oauth2.client.token.AccessTokenProviderChain;
+import org.springframework.security.oauth2.client.token.DefaultAccessTokenRequest;
+import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsAccessTokenProvider;
+import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
+import java.util.List;
+import java.util.ArrayList;
+
+@EnableOAuth2Client
+@Configuration
+public class UserSecurityConfig {
+
+    @Value("${security.oauth2.client.accessTokenUri}")
+    private String accessTokenUrl;
+
+    @Value("${security.oauth2.client.clientId}")
+    private String clientId;
+
+    @Value("${security.oauth2.client.clientSecret}")
+    private String clientSecret;
+
+    @Autowired(required = false)
+    ClientHttpRequestFactory clientHttpRequestFactory;
+
+    private ClientHttpRequestFactory getClientHttpRequestFactory() {
+        if (clientHttpRequestFactory == null) {
+            clientHttpRequestFactory = new SimpleClientHttpRequestFactory();
+        }
+        return clientHttpRequestFactory;
+    }
+
+    @Bean
+    @Qualifier("myClientOnlyRestTemplate")
+    public OAuth2RestOperations clientOnlyRestTemplate() {
+
+        OAuth2RestTemplate template = new OAuth2RestTemplate(fullAccessResourceDetailsClientOnly(), new DefaultOAuth2ClientContext(
+                new DefaultAccessTokenRequest()));
+
+        template.setRequestFactory(getClientHttpRequestFactory());
+        template.setAccessTokenProvider(clientAccessTokenProvider());
+
+        return template;
+    }
+
+    @Bean
+    public AccessTokenProvider clientAccessTokenProvider() {
+        ClientCredentialsAccessTokenProvider accessTokenProvider = new ClientCredentialsAccessTokenProvider();
+        accessTokenProvider.setRequestFactory(getClientHttpRequestFactory());
+        return accessTokenProvider;
+    }
+
+    @Bean
+    @Qualifier("productOnlyFullAcessDetails")
+    public OAuth2ProtectedResourceDetails fullAccessResourceDetailsClientOnly() {
+        ClientCredentialsResourceDetails resource = new ClientCredentialsResourceDetails();
+        resource.setAccessTokenUri(accessTokenUrl);
+        resource.setClientId(clientId);
+        resource.setClientSecret(clientSecret);
+        resource.setGrantType("client_credentials");
+
+        List<String> scopesList = new ArrayList<String>();
+        scopesList.add("user_info");
+        resource.setScope(scopesList);
+
+        return resource;
+    }
+
+}
\ No newline at end of file

business/product-service/src/main/java/com/hncy/service/product/controller/UserController.java

@@ -14,6 +14,7 @@ import java.util.Arrays;
 import org.springframework.web.client.RestTemplate;
 import org.springframework.http.ResponseEntity;
 import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand;
+import org.springframework.security.oauth2.client.OAuth2RestOperations;
 
 @RestController
 @Component
@@ -25,7 +26,7 @@ public class UserController {
     private String userDataUrl;
 
     @Autowired
-    private RestTemplate restTemplate;
+    private OAuth2RestOperations restTemplate;
 
     @RequestMapping(value = "/user/all")
 //    @HystrixCommand(fallbackMethod = "getDefaultUsers")

business/product-service/src/main/resources/application.yml

@@ -17,7 +17,7 @@ security:
       accessTokenUri: http://localhost:8081/auth/oauth/token
       userAuthorizationUri: http://localhost:8081/auth/oauth/authorize
       userLogoutUri: http://localhost:8081/auth/user/logout
-      userDataUri: http://oauth-service/auth/user/all
+      userDataUri: http://localhost:8081/auth/user/all
     resource:
       userInfoUri: http://localhost:8081/auth/user/userinfo
 

server/authorization-server/src/main/java/com/hncy/platform/auth/config/AuthServerConfig.java

@@ -26,7 +26,7 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter {
         clients.inMemory()
             .withClient("SampleClientId")
             .secret(passwordEncoder.encode("secret"))
-            .authorizedGrantTypes("authorization_code")
+            .authorizedGrantTypes("authorization_code", "client_credentials")
             .scopes("user_info")
             .autoApprove(true)
             .redirectUris("http://localhost:8083/login","http://localhost:8082/login")

server/authorization-server/src/main/resources/application.yml

@@ -8,6 +8,14 @@ spring:
   application:
     name: oauth-service
 
+security:
+  oauth2:
+    client:
+      client-id: SampleClientId
+      client-secret: secret
+      scope: read
+      auto-approve-scopes: '.*'
+
 ribbon:
   eureka:
     enabled: true