add gitlab oauth2

gitlab/build.gradle

@@ -0,0 +1,21 @@
+plugins {
+    id 'org.springframework.boot' version '2.6.6'
+    id 'io.spring.dependency-management' version '1.0.11.RELEASE'
+    id 'java'
+}
+
+group = 'example.oauth2'
+version = '1.0-SNAPSHOT'
+sourceCompatibility = JavaVersion.VERSION_11
+
+repositories {
+    mavenCentral()
+}
+
+dependencies {
+    implementation('org.springframework.boot:spring-boot-starter-web')
+    implementation('org.springframework.boot:spring-boot-starter-freemarker')
+
+    implementation('org.springframework.boot:spring-boot-starter-security')
+    implementation('org.springframework.security:spring-security-oauth2-client')
+}

gitlab/src/main/java/example/oauth2/gitlab/ApplicationGitLab.java

@@ -0,0 +1,13 @@
+package example.oauth2.gitlab;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class ApplicationGitLab {
+
+    public static void main(String[] args) {
+        SpringApplication.run(ApplicationGitLab.class, args);
+    }
+
+}

gitlab/src/main/java/example/oauth2/gitlab/config/GitLabOAuth2Config.java

@@ -0,0 +1,50 @@
+package example.oauth2.gitlab.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.core.env.Environment;
+import org.springframework.security.oauth2.client.InMemoryOAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.registration.ClientRegistration;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+import org.springframework.security.oauth2.client.registration.InMemoryClientRegistrationRepository;
+import org.springframework.security.oauth2.core.AuthorizationGrantType;
+import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
+
+public class GitLabOAuth2Config {
+
+    private static final String GITLAB_CLIENT_PROPERTY_KEY = "spring.security.oauth2.client.registration.gitlab";
+    private static final String DEFAULT_REDIRECT_URL = "{baseUrl}/{action}/oauth2/code/{registrationId}";
+
+    private final Environment env;
+
+    public GitLabOAuth2Config(Environment env) {
+        this.env = env;
+    }
+
+    @Bean
+    public ClientRegistrationRepository gitlabClientRegistrationRepository() {
+        String clientId = env.getProperty(GITLAB_CLIENT_PROPERTY_KEY + ".client-id");
+        String clientSecret = env.getProperty(GITLAB_CLIENT_PROPERTY_KEY + ".client-secret");
+
+        ClientRegistration clientRegistration = ClientRegistration.withRegistrationId("gitlab")
+            .authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
+            .redirectUri(DEFAULT_REDIRECT_URL)
+            .scope("read_user")
+            .authorizationUri("https://gitlab.com/oauth/authorize")
+            .tokenUri("https://gitlab.com/oauth/token")
+            .jwkSetUri("https://gitlab.com/oauth/discovery/keys")
+            .userInfoUri("https://gitlab.com/api/v4/user")
+            .userNameAttributeName("username")
+            .clientName("gitlab-app")
+            .clientId(clientId)
+            .clientSecret(clientSecret)
+            .build();
+
+        return new InMemoryClientRegistrationRepository(clientRegistration);
+    }
+
+    @Bean
+    public OAuth2AuthorizedClientService gitlabAuthorizedClientService(ClientRegistrationRepository clientRegistrationRepository) {
+        return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
+    }
+}

gitlab/src/main/java/example/oauth2/gitlab/config/MvcConfig.java

@@ -0,0 +1,15 @@
+package example.oauth2.gitlab.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class MvcConfig implements WebMvcConfigurer {
+
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/").setViewName("index");
+        registry.addViewController("/secret").setViewName("secret");
+    }
+}

gitlab/src/main/java/example/oauth2/gitlab/config/WebSecurityConfig.java

@@ -0,0 +1,37 @@
+package example.oauth2.gitlab.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
+
+@EnableWebSecurity
+@Configuration
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    private final ClientRegistrationRepository clientRegistrationRepository;
+    private final OAuth2AuthorizedClientService authorizedClientService;
+
+    public WebSecurityConfig(ClientRegistrationRepository gitlabClientRegistrationRepository,
+                             OAuth2AuthorizedClientService gitlabAuthorizedClientService) {
+        this.clientRegistrationRepository = gitlabClientRegistrationRepository;
+        this.authorizedClientService = gitlabAuthorizedClientService;
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        //@formatter:off
+        http
+            .authorizeRequests()
+            .antMatchers("/").permitAll() //Доступ разрешен всем пользователей
+            .anyRequest().authenticated() //Все остальные страницы требуют аутентификации
+            .and()
+            .oauth2Login()
+            .clientRegistrationRepository(clientRegistrationRepository)
+            .authorizedClientService(authorizedClientService)
+        ;
+        //@formatter:on
+    }
+}

gitlab/src/main/resources/application.yml

@@ -0,0 +1,17 @@
+server:
+  address: 127.0.0.1
+  port: 8080
+
+debug: true
+
+spring:
+  freemarker:
+    template-loader-path: classpath:/templates
+    suffix: .ftlh
+  security:
+    oauth2:
+      client:
+        registration:
+          gitlab:
+            client-id: 8b22a9eaee0936a6dc369e3e101c675fde7663962973cdc51e3fc67883888ea4
+            client-secret: 6d38287ff1c7d4d2e2a19041c52eef3d128ca050ee9a55668870d66edee9167a

gitlab/src/main/resources/templates/includes/foother.ftlh

@@ -0,0 +1,2 @@
+</body>
+</html>

gitlab/src/main/resources/templates/includes/header.ftlh

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html lang="ru">
+<head>
+    <title>GitHub OAuth2 Example</title>
+    <link rel="icon" href="data:;base64,=">
+</head>
+<body>
+<h1>GitHub OAuth2 Example</h1>
+<hr>

gitlab/src/main/resources/templates/index.ftlh

@@ -0,0 +1,7 @@
+<#include "includes/header.ftlh">
+<p>
+    Home public page<br>
+    ---&gt; <a href="/secret">Secret Page</a> &lt;---<br>
+    [ <a href="/oauth2/authorization/gitlab">Login GitLab</a> ]
+</p>
+<#include "includes/foother.ftlh">

gitlab/src/main/resources/templates/secret.ftlh

@@ -0,0 +1,3 @@
+<#include "includes/header.ftlh">
+<p style="color: red">[TOP SECRET PAGE]</p>
+<#include "includes/foother.ftlh">

settings.gradle

@@ -3,3 +3,4 @@ rootProject.name = 'spring-oauth2-examples'
 include('discord')
 include('github')
 include('twitch')
+include('gitlab')