/spring-oauth2-cassandra-token-store

Cassandra Token Store for Spring Security OAuth2

Primary LanguageJavaMIT LicenseMIT

Cassandra OAuth2 Token Store for Spring Security OAuth2 Build Status Coverage Status

Implementation of org.springframework.security.oauth2.provider.token.TokenStore backed by Cassandra (which can be executed on multi node cluster).

Getting Started

Implementation follows similar data model with org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore in persisting OAuth2 tokens in Cassandra.

CassandraTokenStore includes some enhancements on top of RedisTokenStore such as;

  • Use of Cassandra batches to achieve atomicity while persisting OAuth2 tokens
  • Removal of unnecessary ACCESS_TO_REFRESH tuple which is used to store access token - refresh token in RedisTokenStore. (See spring-security-oauth#1138)

Prerequisites

Dependencies listed below;

  • spring-boot-starter-data-cassandra provides Cassandra interface for performing CRUD on OAuth tokens
  • spring-security-oauth2 provides OAuth 2.0 API
  • jackson-databind provides ObjectMapper API which is used to serialize OAuth tokens before storing them in Cassandra

Installing

Implementation follows the same directory structure with token store examples provided by spring-security-oauth. You can simply copy this repository and autowire CassandraTokenStore into AuthorizationServerEndpointsConfigurer.tokenStore(TokenStore)

@Configuration
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private TokenStore cassandraTokenStore;

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.tokenStore(tokenStore);
    }
}

Running the tests

CassandraTokenStore is tested using spring-security-oauth2 token store tests.

CassandraTokenStoreTests initializes a test context which looks for connecting to an external standalone Cassandra instance listening connections on 127.0.0.1:9042.

CassandraTokenStoreTests can be executed as shown below;

./gradlew test --tests mertz.security.oauth2.provider.token.store.cassandra.CassandraTokenStoreTests

EmbeddedCassandraTokenStoreTests extends CassandraTokenStoreTests for providing a test context which starts an embedded Cassandra instance listening connections on 127.0.0.1:9142. Embedded Cassandra is provided by Spring for Cassandra unit.

EmbeddedCassandraTokenStoreTests can be executed as shown below;

./gradlew test --tests mertz.security.oauth2.provider.token.store.cassandra.EmbeddedCassandraTokenStoreTests

License

This project is licensed under the MIT License - see the LICENSE.md file for details