Add aad module

src/main/java/com/microsoft/azure/springcloudplayground/dependency/DependencyNames.java

@@ -13,6 +13,12 @@ public class DependencyNames {
     public static final String AZURE_SQL_SERVER = "azure-sql-server";
     public static final String AZURE_EVNET_HUB_BINDER = "azure-eventhub-binder";
     public static final String AZURE_EVNET_HUB_STARTER = "azure-eventhub-starter";
+    public static final String AZURE_ACTIVE_DIRECTORY = "azure-active-directory";
+    public static final String SPRING_THYMELEAF = "spring-thymeleaf";
+    public static final String SPRING_SECURITY = "spring-security";
+    public static final String SPRING_SECURITY_OAUTH2_CLIENT = "spring-security-oauth2-client";
+    public static final String SPRING_SECURITY_OAUTH2_JOSE = "spring-security-oauth2-jose";
+    public static final String THYMELEAF_EXTRAS = "thymeleaf-extra";
     public static final String WEB = "web";
     public static final String JPA = "jpa";
 }

src/main/java/com/microsoft/azure/springcloudplayground/generator/ProjectGenerator.java

@@ -246,6 +246,13 @@ private void generateAzureServiceSourceCode(@NonNull File srcDir, @NonNull Map<S
         write(new File(srcDir, appName + ".java"), "Application.java", serviceModel);
     }
 
+    private void generateFrontEndFiles(@NonNull File resourceDir, @NonNull Map<String, Object> serviceModel) {
+        // Write all files under templates/${module_name}/front to generated src/main/resources
+        Service service = getService(serviceModel);
+
+        service.getModules().forEach(m -> writeAllFilesToDirectory(resourceDir, m.getName() + "/front", serviceModel));
+    }
+
     private void generateInfrastructureServiceSourceCode(@NonNull File srcDir, @NonNull File resourceDir,
                                                          @NonNull Map<String, Object> serviceModel) {
         String serviceName = getServiceName(serviceModel);
@@ -287,6 +294,7 @@ private void generateMicroServiceSourceCode(@NonNull File serviceDir, @NonNull M
 
         if (ServiceNames.isAzureService(serviceName)) {
             generateAzureServiceSourceCode(srcDir, serviceModel);
+            generateFrontEndFiles(resourcesDir, serviceModel);
         } else {
             generateInfrastructureServiceSourceCode(srcDir, resourcesDir, serviceModel);
         }

src/main/java/com/microsoft/azure/springcloudplayground/module/ActiveDirectoryModule.java

@@ -0,0 +1,25 @@
+package com.microsoft.azure.springcloudplayground.module;
+
+import com.microsoft.azure.springcloudplayground.dependency.DependencyNames;
+import com.microsoft.azure.springcloudplayground.service.Annotation;
+
+import java.util.Arrays;
+
+public class ActiveDirectoryModule extends Module{
+    public ActiveDirectoryModule() {
+        super(ModuleNames.AZURE_ACTIVE_DIRECTORY);
+        this.getDependencies().addAll(Arrays.asList(
+                DependencyNames.CLOUD_EUREKA_CLIENT,
+                DependencyNames.CLOUD_CONFIG_CLIENT,
+                DependencyNames.WEB,
+                DependencyNames.AZURE_ACTIVE_DIRECTORY,
+                DependencyNames.SPRING_THYMELEAF,
+                DependencyNames.SPRING_SECURITY,
+                DependencyNames.SPRING_SECURITY_OAUTH2_CLIENT,
+                DependencyNames.SPRING_SECURITY_OAUTH2_JOSE,
+                DependencyNames.THYMELEAF_EXTRAS
+        ));
+
+        this.annotations.add(Annotation.ENABLE_DISCOVERY_CLIENT);
+    }
+}

src/main/java/com/microsoft/azure/springcloudplayground/module/ModuleNames.java

@@ -30,6 +30,8 @@ public class ModuleNames {
 
     public static final String AZURE_EVNET_HUB_BINDER = "azure-eventhub-binder";
 
+    public static final String AZURE_ACTIVE_DIRECTORY = "azure-active-directory";
+
     private static final Map<String, Module> NAME_TO_MODULE;
 
     static {
@@ -43,6 +45,7 @@ public class ModuleNames {
         map.put(AZURE_STORAGE, new StorageModule());
         map.put(AZURE_SQL_SERVER, new SqlServerModule());
         map.put(AZURE_EVNET_HUB_BINDER, new EventHubModule());
+        map.put(AZURE_ACTIVE_DIRECTORY, new ActiveDirectoryModule());
 
         NAME_TO_MODULE = Collections.unmodifiableMap(map);
     }

src/main/resources/application.yml

@@ -12,6 +12,13 @@ playground:
         mappings:
           - versionRange: "2.0.0.RELEASE"
             version: 1.0.0.M1
+      azure-spring-boot:
+        groupId: com.microsoft.azure
+        artifactId: azure-spring-boot-bom
+        versionProperty: azure-spring-boot.version
+        mappings:
+          - versionRange: "2.0.0.RELEASE"
+            version: 2.0.5
       spring-cloud:
         groupId: org.springframework.cloud
         artifactId: spring-cloud-dependencies
@@ -86,6 +93,41 @@ playground:
           groupId: org.springframework.boot
           artifactId: spring-boot-starter-data-jpa
           weight: 100
+    - name: Spring Thymeleaf
+      content:
+        - name: Spring Thymeleaf
+          id: spring-thymeleaf
+          description: Spring Thymeleaf
+          groupId: org.springframework.boot
+          artifactId: spring-boot-starter-thymeleaf
+    - name: Thymeleaf Spring Security
+      content:
+        - name: Thymeleaf Spring Security
+          id: thymeleaf-extra
+          description: Spring Thymeleaf
+          groupId: org.thymeleaf.extras
+          artifactId: thymeleaf-extras-springsecurity4
+    - name: Spring Security Oauth2 Client
+      content:
+        - name: Spring Security Oauth2 Client
+          id: spring-security-oauth2-client
+          description: Spring Security
+          groupId: org.springframework.security
+          artifactId: spring-security-oauth2-client
+    - name: Spring Security Oauth2 Jose
+      content:
+        - name: Spring Security Oauth2 Jose
+          id: spring-security-oauth2-jose
+          description: Spring Security
+          groupId: org.springframework.security
+          artifactId: spring-security-oauth2-jose
+    - name: Spring Security
+      content:
+        - name: Spring Security
+          id: spring-security
+          description: Spring Security
+          groupId: org.springframework.boot
+          artifactId: spring-boot-starter-security
     - name: Cloud Config
       bom: spring-cloud
       versionRange: 1.2.3.RELEASE
@@ -243,6 +285,22 @@ playground:
             - rel: reference
               href: https://github.com/Microsoft/spring-cloud-azure/tree/1.0.0.M1/spring-cloud-azure-starters/spring-cloud-azure-starter-eventhub
               description: Reference doc
+    - name: Azure Spring Boot
+      bom: azure-spring-boot
+      versionRange: "2.0.0.RELEASE"
+      content:
+        - name: Azure Active Directory
+          id: azure-active-directory
+          groupId: com.microsoft.azure
+          artifactId: azure-active-directory-spring-boot-starter
+          description: Azure Active Directory
+          links:
+            - rel: sample
+              href: https://github.com/Microsoft/azure-spring-boot/tree/master/azure-spring-boot-samples/azure-active-directory-spring-boot-backend-sample
+              description: Spring Security 5 with Azure Active Directory sample
+            - rel: reference
+              href: https://github.com/Microsoft/azure-spring-boot/blob/master/azure-spring-boot-starters/azure-active-directory-spring-boot-starter/README.md
+              description: Reference doc
   services:
     - name: Infrastructure Spring Cloud Modules
       content:
@@ -273,7 +331,7 @@ playground:
           description: Spring Cloud Stream Binder for Azure Event Hub
         - name: Cache (Azure Redis Cache)
           id: azure-redis-cache
-          description: Spring Cloud Cache Integration with Azure Redis Cache
+          description: Spring Cloud Caching Integration with Azure Redis Cache
         - name: Resource (Azure Storage)
           id: azure-storage
           description: Spring Cloud Resource with Azure Storage

src/main/resources/static/css/customize.css

@@ -81,7 +81,7 @@ body, button, input, p, select, textarea, label, h1, h2, h3, h4 {
 
 .nav-title {
     color: #dedede !important;
-    font-size: 1.75rem;
+    font-size: 1.5rem;
 }
 
 .button,.file-cta,.file-name,.input,.pagination-ellipsis,.pagination-link,.pagination-next,.pagination-previous,.select select,.textarea {

src/main/resources/templates/azure-active-directory/AADController.java

@@ -0,0 +1,44 @@
+package {{packageName}};
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
+import org.springframework.security.oauth2.client.OAuth2AuthorizedClientService;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+@RequestMapping("/aad")
+public class AADController {
+    @Autowired
+    private OAuth2AuthorizedClientService authorizedClientService;
+
+    @GetMapping("group1")
+    @ResponseBody
+    @PreAuthorize("hasRole('ROLE_group1')")
+    public String group1() {
+        return "group1 message";
+    }
+
+    @GetMapping("group2")
+    @ResponseBody
+    @PreAuthorize("hasRole('ROLE_group2')")
+    public String group2() {
+        return "group2 message";
+    }
+
+    @GetMapping("/")
+    public String index(Model model, OAuth2AuthenticationToken authentication) {
+        final OAuth2AuthorizedClient authorizedClient =
+                this.authorizedClientService.loadAuthorizedClient(
+                        authentication.getAuthorizedClientRegistrationId(),
+                        authentication.getName());
+        model.addAttribute("userName", authentication.getName());
+        model.addAttribute("clientName", authorizedClient.getClientRegistration().getClientName());
+        return "aadIndex";
+    }
+}

src/main/resources/templates/azure-active-directory/AADOAuth2LoginSecurityConfig.java

@@ -0,0 +1,28 @@
+package {{packageName}};
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserRequest;
+import org.springframework.security.oauth2.client.userinfo.OAuth2UserService;
+import org.springframework.security.oauth2.core.oidc.user.OidcUser;
+
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class AADOAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
+    @Autowired
+    private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                .anyRequest().authenticated()
+                .and()
+                .oauth2Login()
+                .userInfoEndpoint()
+                .oidcUserService(oidcUserService);
+    }
+}

src/main/resources/templates/azure-active-directory/application.properties

@@ -0,0 +1,9 @@
+server.port={{port}}
+
+spring.security.oauth2.client.registration.azure.client-id=xxxxxx-your-client-id-xxxxxx
+spring.security.oauth2.client.registration.azure.client-secret=xxxxxx-your-client-secret-xxxxxx
+
+azure.activedirectory.tenant-id=xxxxxx-your-tenant-id-xxxxxx
+# It's suggested the logged in user should at least belong to one of the below groups
+# If not, the logged in user will not be able to access any authorization controller rest APIs
+azure.activedirectory.active-directory-groups=group1, group2

src/main/resources/templates/azure-active-directory/bootstrap.properties

@@ -0,0 +1,3 @@
+spring.application.name={{name}}
+spring.cloud.config.uri=http://${CONFIG_SERVER_NAME:localhost}:8888
+spring.cloud.config.fail-fast=true

src/main/resources/templates/azure-active-directory/front/aadIndex.html

@@ -0,0 +1,37 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4">
+<head>
+    <title>Spring Security - OAuth 2.0 Login</title>
+    <meta charset="utf-8" />
+</head>
+<body>
+<div style="float: right" th:fragment="logout" sec:authorize="isAuthenticated()">
+    <div>
+        <span style="font-weight:bold">User: </span><span sec:authentication="name"></span>
+    </div>
+    <div>
+        <span style="font-weight:bold">Default Authorities: </span><span sec:authentication="principal.authorities"></span>
+    </div>
+    <div>
+        <span style="font-weight:bold">Mapped Authorities: </span><span sec:authentication="authorities"></span>
+    </div>
+    <div>&nbsp;</div>
+    <div style="float:right">
+        <form action="#" th:action="@{/logout}" method="post">
+            <input type="submit" value="Logout" />
+        </form>
+    </div>
+</div>
+<h1>Azure Active Directory OAuth 2.0 Login with Spring Security</h1>
+<div>
+    You are successfully logged in <span style="font-weight:bold" th:text="${userName}"></span>
+    via the OAuth 2.0 Client <span style="font-weight:bold" th:text="${clientName}"></span>
+</div>
+<div>&nbsp;</div>
+<div>&nbsp;</div>
+<div>
+    <a href="/group1" >group1 Message</a> |
+    <a href="/group2" >group2 Message</a>
+</div>
+</body>
+</html>

src/main/resources/templates/home.mustache

@@ -27,7 +27,7 @@
         <div class="navbar-menu is-active">
             <div class="navbar-start">
                 <h1 class="navbar-item nav-title" >
-                    Azure Spring Cloud Playground
+                    Spring Cloud Azure Playground
                 </h1>
             </div>
         </div>