User 2.0.1 spring boot. import config
monkeyk7
parent
d8c2871891
commit
0c28e7458c
|
|
@ -13,7 +13,7 @@ Base on Spring-Boot
|
||||||
<ol>
|
<ol>
|
||||||
<li>JDK (1.8.0_40)</li>
|
<li>JDK (1.8.0_40)</li>
|
||||||
<li>Servlet (3.1.0)</li>
|
<li>Servlet (3.1.0)</li>
|
||||||
<li>Spring Boot(1.5.9.RELEASE)</li>
|
<li>Spring Boot(2.0.1.RELEASE)</li>
|
||||||
</ol>
|
</ol>
|
||||||
<hr/>
|
<hr/>
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -5,35 +5,35 @@ truncate user_privilege;
|
||||||
-- admin, password is admin ( All privileges)
|
-- admin, password is admin ( All privileges)
|
||||||
insert into user_(id,guid,create_time,email,password,phone,username,default_user)
|
insert into user_(id,guid,create_time,email,password,phone,username,default_user)
|
||||||
values
|
values
|
||||||
(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'admin@wdcy.cc','21232f297a57a5a743894a0e4a801fc3','028-1234567','admin',true);
|
(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'admin@andaily.com','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',true);
|
||||||
|
|
||||||
-- unity, password is unity ( ROLE_UNITY)
|
-- unity, password is unity ( ROLE_UNITY)
|
||||||
insert into user_(id,guid,create_time,email,password,phone,username,default_user)
|
insert into user_(id,guid,create_time,email,password,phone,username,default_user)
|
||||||
values
|
values
|
||||||
(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@wdcy.cc','439b3a25b555b3bc8667a09a036ae70c','','unity',false);
|
(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@andaily.com','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',false);
|
||||||
|
|
||||||
insert into user_privilege(user_id,privilege) values (22,'UNITY');
|
insert into user_privilege(user_id,privilege) values (22,'UNITY');
|
||||||
|
|
||||||
-- mobile, password is mobile ( ROLE_MOBILE)
|
-- mobile, password is mobile ( ROLE_MOBILE)
|
||||||
insert into user_(id,guid,create_time,email,password,phone,username,default_user)
|
insert into user_(id,guid,create_time,email,password,phone,username,default_user)
|
||||||
values
|
values
|
||||||
(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@wdcy.cc','532c28d5412dd75bf975fb951c740a30','','mobile',false);
|
(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@andaily.com','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',false);
|
||||||
|
|
||||||
insert into user_privilege(user_id,privilege) values (23,'MOBILE');
|
insert into user_privilege(user_id,privilege) values (23,'MOBILE');
|
||||||
|
|
||||||
|
|
||||||
-- initial oauth client details test data
|
-- initial oauth client details test data
|
||||||
-- 'unity-client' support browser, js(flash) visit
|
-- 'unity-client' support browser, js(flash) visit, secret: unity
|
||||||
-- 'mobile-client' only support mobile-device visit
|
-- 'mobile-client' only support mobile-device visit, secret: mobile
|
||||||
truncate oauth_client_details;
|
truncate oauth_client_details;
|
||||||
insert into oauth_client_details
|
insert into oauth_client_details
|
||||||
(client_id, resource_ids, client_secret, scope, authorized_grant_types,
|
(client_id, resource_ids, client_secret, scope, authorized_grant_types,
|
||||||
web_server_redirect_uri,authorities, access_token_validity,
|
web_server_redirect_uri,authorities, access_token_validity,
|
||||||
refresh_token_validity, additional_information, create_time, archived, trusted)
|
refresh_token_validity, additional_information, create_time, archived, trusted)
|
||||||
values
|
values
|
||||||
('unity-client','unity-resource', 'unity', 'read,write','authorization_code,refresh_token,implicit',
|
('unity-client','unity-resource', '$2a$10$QQTKDdNfj9sPjak6c8oWaumvTsa10MxOBOV6BW3DvLWU6VrjDfDam', 'read,write','authorization_code,refresh_token,implicit',
|
||||||
null,'ROLE_CLIENT',null,
|
'http://localhost:8080/spring-oauth-server/unity/dashboard','ROLE_CLIENT',null,
|
||||||
null,null, now(), 0, 0),
|
null,null, now(), 0, 0),
|
||||||
('mobile-client','mobile-resource', 'mobile', 'read,write','password,refresh_token',
|
('mobile-client','mobile-resource', '$2a$10$uLvpxfvm3CuUyjIvYq7a9OUmd9b3tHFKrUaMyU/jC01thrTdkBDVm', 'read,write','password,refresh_token',
|
||||||
null,'ROLE_CLIENT',null,
|
null,'ROLE_CLIENT',null,
|
||||||
null,null, now(), 0, 0);
|
null,null, now(), 0, 0);
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
-- ###############
|
-- ###############
|
||||||
-- create MySQL database , if need create, cancel the comment
|
-- create MySQL database , if need create, cancel the comment
|
||||||
-- ###############
|
-- ###############
|
||||||
-- create database if not exists oauth2 default character set utf8;
|
-- create database if not exists oauth2_boot default character set utf8;
|
||||||
-- use oauth2 set default character = utf8;
|
-- use oauth2_boot set default character = utf8;
|
||||||
|
|
||||||
-- ###############
|
-- ###############
|
||||||
-- grant privileges to oauth2/oauth2
|
-- grant privileges to oauth2/oauth2
|
||||||
|
|
|
||||||
53
pom.xml
53
pom.xml
|
|
@ -14,7 +14,7 @@
|
||||||
<parent>
|
<parent>
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-starter-parent</artifactId>
|
<artifactId>spring-boot-starter-parent</artifactId>
|
||||||
<version>1.5.9.RELEASE</version>
|
<version>2.0.1.RELEASE</version>
|
||||||
<relativePath/> <!-- lookup parent from repository -->
|
<relativePath/> <!-- lookup parent from repository -->
|
||||||
</parent>
|
</parent>
|
||||||
|
|
||||||
|
|
@ -23,6 +23,7 @@
|
||||||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
|
||||||
<java.version>1.8</java.version>
|
<java.version>1.8</java.version>
|
||||||
|
|
||||||
|
<spring.security.oauth.version>2.3.0.RELEASE</spring.security.oauth.version>
|
||||||
<test.skip>false</test.skip>
|
<test.skip>false</test.skip>
|
||||||
</properties>
|
</properties>
|
||||||
|
|
||||||
|
|
@ -44,14 +45,7 @@
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-starter-security</artifactId>
|
<artifactId>spring-boot-starter-security</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>org.springframework.boot</groupId>
|
|
||||||
<artifactId>spring-boot-starter-thymeleaf</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
|
||||||
<groupId>org.thymeleaf.extras</groupId>
|
|
||||||
<artifactId>thymeleaf-extras-springsecurity4</artifactId>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
<artifactId>spring-boot-starter-validation</artifactId>
|
<artifactId>spring-boot-starter-validation</artifactId>
|
||||||
|
|
@ -65,10 +59,36 @@
|
||||||
<artifactId>spring-boot-starter-jdbc</artifactId>
|
<artifactId>spring-boot-starter-jdbc</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<!--OAuth2-->
|
<!-- OAuth2-->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.security.oauth</groupId>
|
<groupId>org.springframework.security.oauth</groupId>
|
||||||
<artifactId>spring-security-oauth2</artifactId>
|
<artifactId>spring-security-oauth2</artifactId>
|
||||||
|
<version>${spring.security.oauth.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.springframework.security</groupId>
|
||||||
|
<artifactId>spring-security-taglibs</artifactId>
|
||||||
|
<version>4.2.3.RELEASE</version>
|
||||||
|
<exclusions>
|
||||||
|
<exclusion>
|
||||||
|
<groupId>org.springframework.security</groupId>
|
||||||
|
<artifactId>spring-security-acl</artifactId>
|
||||||
|
</exclusion>
|
||||||
|
<exclusion>
|
||||||
|
<groupId>org.springframework</groupId>
|
||||||
|
<artifactId>spring-beans</artifactId>
|
||||||
|
</exclusion>
|
||||||
|
<exclusion>
|
||||||
|
<groupId>org.springframework</groupId>
|
||||||
|
<artifactId>spring-core</artifactId>
|
||||||
|
</exclusion>
|
||||||
|
<exclusion>
|
||||||
|
<groupId>org.springframework</groupId>
|
||||||
|
<artifactId>spring-expression</artifactId>
|
||||||
|
</exclusion>
|
||||||
|
</exclusions>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
|
|
@ -84,6 +104,19 @@
|
||||||
<version>2.6</version>
|
<version>2.6</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.sitemesh</groupId>
|
||||||
|
<artifactId>sitemesh</artifactId>
|
||||||
|
<version>3.0.1</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>javax.servlet</groupId>
|
||||||
|
<artifactId>jstl</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
|
|
||||||
<!--Test-->
|
<!--Test-->
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.boot</groupId>
|
<groupId>org.springframework.boot</groupId>
|
||||||
|
|
|
||||||
|
|
@ -2,7 +2,7 @@ package com.monkeyk.sos;
|
||||||
|
|
||||||
import com.monkeyk.sos.web.WebUtils;
|
import com.monkeyk.sos.web.WebUtils;
|
||||||
import org.springframework.boot.builder.SpringApplicationBuilder;
|
import org.springframework.boot.builder.SpringApplicationBuilder;
|
||||||
import org.springframework.boot.web.support.SpringBootServletInitializer;
|
import org.springframework.boot.web.servlet.support.SpringBootServletInitializer;
|
||||||
|
|
||||||
import javax.servlet.ServletContext;
|
import javax.servlet.ServletContext;
|
||||||
import javax.servlet.ServletException;
|
import javax.servlet.ServletException;
|
||||||
|
|
@ -18,8 +18,8 @@ public class SpringOauthServerServletInitializer extends SpringBootServletInitia
|
||||||
@Override
|
@Override
|
||||||
public void onStartup(ServletContext servletContext) throws ServletException {
|
public void onStartup(ServletContext servletContext) throws ServletException {
|
||||||
super.onStartup(servletContext);
|
super.onStartup(servletContext);
|
||||||
|
//主版本号
|
||||||
servletContext.setAttribute("sosVersion", WebUtils.VERSION);
|
servletContext.setAttribute("mainVersion", WebUtils.VERSION);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,82 @@
|
||||||
|
package com.monkeyk.sos.config;
|
||||||
|
|
||||||
|
|
||||||
|
import com.monkeyk.sos.web.filter.CharacterEncodingIPFilter;
|
||||||
|
import com.monkeyk.sos.web.filter.SOSSiteMeshFilter;
|
||||||
|
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.http.converter.HttpMessageConverter;
|
||||||
|
import org.springframework.http.converter.StringHttpMessageConverter;
|
||||||
|
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
|
||||||
|
import javax.servlet.Filter;
|
||||||
|
import java.nio.charset.Charset;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 2018/1/30
|
||||||
|
* <p>
|
||||||
|
* Spring MVC 扩展配置
|
||||||
|
* <p>
|
||||||
|
*
|
||||||
|
* @author Shengzhao Li
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
public class MVCConfiguration implements WebMvcConfigurer {
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 扩展拦截器
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public void addInterceptors(InterceptorRegistry registry) {
|
||||||
|
|
||||||
|
WebMvcConfigurer.super.addInterceptors(registry);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 解决乱码问题
|
||||||
|
* For UTF-8
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public void configureMessageConverters(List<HttpMessageConverter<?>> converters) {
|
||||||
|
WebMvcConfigurer.super.configureMessageConverters(converters);
|
||||||
|
converters.add(new StringHttpMessageConverter(Charset.forName("UTF-8")));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 字符编码配置 UTF-8
|
||||||
|
*/
|
||||||
|
@Bean
|
||||||
|
public FilterRegistrationBean encodingFilter() {
|
||||||
|
FilterRegistrationBean<Filter> registrationBean = new FilterRegistrationBean<>();
|
||||||
|
registrationBean.setFilter(new CharacterEncodingIPFilter());
|
||||||
|
registrationBean.addUrlPatterns("/*");
|
||||||
|
//值越小越靠前
|
||||||
|
registrationBean.setOrder(1);
|
||||||
|
return registrationBean;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* sitemesh filter
|
||||||
|
*/
|
||||||
|
@Bean
|
||||||
|
public FilterRegistrationBean sitemesh() {
|
||||||
|
FilterRegistrationBean<Filter> registrationBean = new FilterRegistrationBean<>();
|
||||||
|
registrationBean.setFilter(new SOSSiteMeshFilter());
|
||||||
|
registrationBean.addUrlPatterns("/*");
|
||||||
|
//注意: 在 spring security filter之后
|
||||||
|
registrationBean.setOrder(8899);
|
||||||
|
return registrationBean;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,24 @@
|
||||||
|
package com.monkeyk.sos.config;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.security.access.expression.method.MethodSecurityExpressionHandler;
|
||||||
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||||
|
import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
|
||||||
|
import org.springframework.security.oauth2.provider.expression.OAuth2MethodSecurityExpressionHandler;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 2018/3/22
|
||||||
|
*
|
||||||
|
* @author Shengzhao Li
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
@EnableGlobalMethodSecurity(prePostEnabled = true, proxyTargetClass = true)
|
||||||
|
public class OAuth2MethodSecurityConfiguration extends GlobalMethodSecurityConfiguration {
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected MethodSecurityExpressionHandler createExpressionHandler() {
|
||||||
|
return new OAuth2MethodSecurityExpressionHandler();
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -1,125 +0,0 @@
|
||||||
package com.monkeyk.sos.config;
|
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.context.annotation.Configuration;
|
|
||||||
import org.springframework.security.access.AccessDecisionManager;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
|
||||||
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
|
|
||||||
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 2016/4/4
|
|
||||||
*
|
|
||||||
* @author Shengzhao Li
|
|
||||||
*/
|
|
||||||
@Configuration
|
|
||||||
public class OAuth2ServerConfig {
|
|
||||||
|
|
||||||
private static final String UNITY_RESOURCE_ID = "unity-resource";
|
|
||||||
private static final String MOBILE_RESOURCE_ID = "mobile-resource";
|
|
||||||
|
|
||||||
// unity-resource
|
|
||||||
@Configuration
|
|
||||||
@EnableResourceServer
|
|
||||||
protected static class UnityResourceServerConfiguration extends ResourceServerConfigurerAdapter {
|
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private AccessDecisionManager oauth2AccessDecisionManager;
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(ResourceServerSecurityConfigurer resources) {
|
|
||||||
resources.resourceId(UNITY_RESOURCE_ID).stateless(false);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(HttpSecurity http) throws Exception {
|
|
||||||
|
|
||||||
http.sessionManagement()
|
|
||||||
.sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
|
|
||||||
.and()
|
|
||||||
.requestMatchers().antMatchers("/unity/**")
|
|
||||||
.and()
|
|
||||||
.authorizeRequests()
|
|
||||||
.antMatchers("/unity/**")
|
|
||||||
.access("#oauth2.hasScope('read') or (!#oauth2.isOAuth() and hasRole('ROLE_UNITY'))");
|
|
||||||
// .accessDecisionManager(oauth2AccessDecisionManager)
|
|
||||||
// .and().csrf().disable();
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
//AuthorizationServer
|
|
||||||
@Configuration
|
|
||||||
@EnableAuthorizationServer
|
|
||||||
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
|
|
||||||
|
|
||||||
// @Autowired
|
|
||||||
// private DefaultTokenServices tokenServices;
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private TokenStore tokenStore;
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private UserApprovalHandler userApprovalHandler;
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private AuthorizationCodeServices authorizationCodeServices;
|
|
||||||
// @Autowired
|
|
||||||
// private ClientDetailsService clientDetailsService;
|
|
||||||
// @Autowired
|
|
||||||
// private OAuth2AccessDeniedHandler oauth2AccessDeniedHandler;
|
|
||||||
// @Autowired
|
|
||||||
// private OAuth2AuthenticationEntryPoint oAuth2AuthenticationEntryPoint;
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
|
||||||
// clients.withClientDetails(clientDetailsService);
|
|
||||||
clients.inMemory().withClient("unity-client")
|
|
||||||
.resourceIds(UNITY_RESOURCE_ID)
|
|
||||||
.authorizedGrantTypes("authorization_code", "refresh_token", "implicit")
|
|
||||||
.authorities("ROLE_UNITY")
|
|
||||||
.scopes("read")
|
|
||||||
.secret("unity")
|
|
||||||
.and()
|
|
||||||
.withClient("mobile-client")
|
|
||||||
.resourceIds(MOBILE_RESOURCE_ID)
|
|
||||||
.authorizedGrantTypes("password", "refresh_token")
|
|
||||||
.authorities("ROLE_CLIENT")
|
|
||||||
.scopes("read")
|
|
||||||
.secret("mobile");
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
|
|
||||||
endpoints.tokenStore(tokenStore)
|
|
||||||
.userApprovalHandler(userApprovalHandler)
|
|
||||||
.authorizationCodeServices(authorizationCodeServices);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
|
|
||||||
// security.accessDeniedHandler(oauth2AccessDeniedHandler)
|
|
||||||
// .authenticationEntryPoint(oAuth2AuthenticationEntryPoint)
|
|
||||||
// .allowFormAuthenticationForClients();
|
|
||||||
security.realm("spring-oauth-server_realm");
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
@ -0,0 +1,186 @@
|
||||||
|
package com.monkeyk.sos.config;
|
||||||
|
|
||||||
|
|
||||||
|
import com.monkeyk.sos.domain.oauth.CustomJdbcClientDetailsService;
|
||||||
|
import com.monkeyk.sos.service.OauthService;
|
||||||
|
import com.monkeyk.sos.service.UserService;
|
||||||
|
import com.monkeyk.sos.web.oauth.OauthUserApprovalHandler;
|
||||||
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.beans.factory.annotation.Qualifier;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
||||||
|
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
||||||
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
||||||
|
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
|
||||||
|
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
|
||||||
|
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
|
||||||
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
|
||||||
|
|
||||||
|
import javax.sql.DataSource;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 2018/2/8
|
||||||
|
* <p>
|
||||||
|
* <p>
|
||||||
|
* OAuth2 config
|
||||||
|
*
|
||||||
|
* @author Shengzhao Li
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
public class OAuth2ServerConfiguration {
|
||||||
|
|
||||||
|
|
||||||
|
// unity resource
|
||||||
|
@Configuration
|
||||||
|
@EnableResourceServer
|
||||||
|
protected static class UnityResourceServerConfiguration extends ResourceServerConfigurerAdapter {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(ResourceServerSecurityConfigurer resources) {
|
||||||
|
resources.resourceId("unity-resource").stateless(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(HttpSecurity http) throws Exception {
|
||||||
|
http
|
||||||
|
// Since we want the protected resources to be accessible in the UI as well we need
|
||||||
|
// session creation to be allowed (it's disabled by default in 2.0.6)
|
||||||
|
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
|
||||||
|
.and()
|
||||||
|
.requestMatchers().antMatchers("/unity/**")
|
||||||
|
.and()
|
||||||
|
.authorizeRequests()
|
||||||
|
.antMatchers("/unity/**").access("#oauth2.hasScope('read') and hasRole('ROLE_UNITY')");
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
// mobile resource
|
||||||
|
@Configuration
|
||||||
|
@EnableResourceServer
|
||||||
|
protected static class MobileResourceServerConfiguration extends ResourceServerConfigurerAdapter {
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(ResourceServerSecurityConfigurer resources) {
|
||||||
|
resources.resourceId("mobile-resource").stateless(false);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(HttpSecurity http) throws Exception {
|
||||||
|
http
|
||||||
|
// Since we want the protected resources to be accessible in the UI as well we need
|
||||||
|
// session creation to be allowed (it's disabled by default in 2.0.6)
|
||||||
|
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
|
||||||
|
.and()
|
||||||
|
.requestMatchers().antMatchers("/m/**")
|
||||||
|
.and()
|
||||||
|
.authorizeRequests()
|
||||||
|
.antMatchers("/m/**").access("#oauth2.hasScope('read') and hasRole('ROLE_MOBILE')");
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
@Configuration
|
||||||
|
@EnableAuthorizationServer
|
||||||
|
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
|
||||||
|
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private TokenStore tokenStore;
|
||||||
|
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private ClientDetailsService clientDetailsService;
|
||||||
|
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private OauthService oauthService;
|
||||||
|
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private AuthorizationCodeServices authorizationCodeServices;
|
||||||
|
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private UserService userDetailsService;
|
||||||
|
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
@Qualifier("authenticationManagerBean")
|
||||||
|
private AuthenticationManager authenticationManager;
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
||||||
|
|
||||||
|
clients.withClientDetails(clientDetailsService);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public TokenStore tokenStore(DataSource dataSource) {
|
||||||
|
return new JdbcTokenStore(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public ClientDetailsService clientDetailsService(DataSource dataSource) {
|
||||||
|
return new CustomJdbcClientDetailsService(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public AuthorizationCodeServices authorizationCodeServices(DataSource dataSource) {
|
||||||
|
return new JdbcAuthorizationCodeServices(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
|
||||||
|
endpoints.tokenStore(tokenStore)
|
||||||
|
.authorizationCodeServices(authorizationCodeServices)
|
||||||
|
.userApprovalHandler(userApprovalHandler())
|
||||||
|
.authenticationManager(authenticationManager);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
|
||||||
|
oauthServer.realm("spring-oauth-server")
|
||||||
|
.allowFormAuthenticationForClients();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public OAuth2RequestFactory oAuth2RequestFactory() {
|
||||||
|
return new DefaultOAuth2RequestFactory(clientDetailsService);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public UserApprovalHandler userApprovalHandler() {
|
||||||
|
OauthUserApprovalHandler userApprovalHandler = new OauthUserApprovalHandler();
|
||||||
|
userApprovalHandler.setOauthService(oauthService);
|
||||||
|
userApprovalHandler.setTokenStore(tokenStore);
|
||||||
|
userApprovalHandler.setClientDetailsService(this.clientDetailsService);
|
||||||
|
userApprovalHandler.setRequestFactory(oAuth2RequestFactory());
|
||||||
|
return userApprovalHandler;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -1,40 +1,21 @@
|
||||||
package com.monkeyk.sos.config;
|
package com.monkeyk.sos.config;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.oauth.CustomJdbcClientDetailsService;
|
|
||||||
import com.monkeyk.sos.service.OauthService;
|
|
||||||
import com.monkeyk.sos.service.UserService;
|
import com.monkeyk.sos.service.UserService;
|
||||||
import com.monkeyk.sos.web.oauth.OauthUserApprovalHandler;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.access.vote.AuthenticatedVoter;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.access.vote.RoleVoter;
|
|
||||||
import org.springframework.security.access.vote.UnanimousBased;
|
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
|
import org.springframework.security.authentication.AuthenticationProvider;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2RequestFactory;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;
|
|
||||||
import org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService;
|
|
||||||
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
|
||||||
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
|
|
||||||
import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler;
|
|
||||||
import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;
|
|
||||||
import org.springframework.security.oauth2.provider.expression.OAuth2WebSecurityExpressionHandler;
|
|
||||||
import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;
|
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
|
||||||
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
|
|
||||||
import org.springframework.security.oauth2.provider.vote.ScopeVoter;
|
|
||||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||||
|
|
||||||
import javax.sql.DataSource;
|
|
||||||
import java.util.Arrays;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 2016/4/3
|
* 2016/4/3
|
||||||
* <p/>
|
* <p/>
|
||||||
|
|
@ -51,145 +32,72 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||||
private UserService userService;
|
private UserService userService;
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
@Override
|
||||||
public void globalUserDetails(AuthenticationManagerBuilder auth) throws Exception {
|
@Bean
|
||||||
auth.userDetailsService(userService);
|
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||||
// auth.inMemoryAuthentication().withUser("marissa").password("koala").roles("USER").and().withUser("paul")
|
return super.authenticationManagerBean();
|
||||||
// .password("emu").roles("USER");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(WebSecurity web) throws Exception {
|
public void configure(WebSecurity web) throws Exception {
|
||||||
web.ignoring().antMatchers("/resources/**");
|
//Ignore, public
|
||||||
web.expressionHandler(new OAuth2WebSecurityExpressionHandler());
|
web.ignoring().antMatchers("/public/**", "/static/**");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
|
// http.csrf().disable()
|
||||||
http.authorizeRequests()
|
http.authorizeRequests()
|
||||||
.antMatchers("/oauth/**").hasAnyRole("ROLE_USER", "ROLE_UNITY", "ROLE_MOBILE")
|
.antMatchers("/public/**").permitAll()
|
||||||
// .antMatchers("/**").anonymous()
|
.antMatchers("/resources/**").permitAll()
|
||||||
|
.antMatchers("/login*").permitAll()
|
||||||
|
|
||||||
|
.antMatchers("/admin/**").hasAnyRole("ADMIN")
|
||||||
|
|
||||||
|
.antMatchers(HttpMethod.GET, "/login*").anonymous()
|
||||||
|
.anyRequest().authenticated()
|
||||||
.and()
|
.and()
|
||||||
.exceptionHandling().accessDeniedPage("/login.jsp?authorization_error=2")
|
.formLogin()
|
||||||
|
.loginPage("/login")
|
||||||
|
.loginProcessingUrl("/signin")
|
||||||
|
.failureUrl("/login?error=1")
|
||||||
|
.usernameParameter("oidc_user")
|
||||||
|
.passwordParameter("oidcPwd")
|
||||||
.and()
|
.and()
|
||||||
.csrf()
|
.csrf()
|
||||||
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize"))
|
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/authorize"))
|
||||||
|
.requireCsrfProtectionMatcher(new AntPathRequestMatcher("/oauth/token"))
|
||||||
.disable()
|
.disable()
|
||||||
.logout()
|
.logout()
|
||||||
.logoutUrl("/logout.do")
|
.logoutUrl("/signout")
|
||||||
.logoutSuccessUrl("/index.jsp")
|
.deleteCookies("JSESSIONID")
|
||||||
|
.logoutSuccessUrl("/")
|
||||||
.and()
|
.and()
|
||||||
.formLogin()
|
.exceptionHandling();
|
||||||
.loginProcessingUrl("/login.do")
|
|
||||||
.failureUrl("/login.jsp?authentication_error=1")
|
|
||||||
.loginPage("/login.jsp")
|
|
||||||
.defaultSuccessUrl("/index.jsp");
|
|
||||||
|
|
||||||
|
|
||||||
|
http.authenticationProvider(authenticationProvider());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Bean
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
public AuthenticationProvider authenticationProvider() {
|
||||||
auth.userDetailsService(userService)
|
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
|
||||||
.passwordEncoder(new Md5PasswordEncoder());
|
daoAuthenticationProvider.setUserDetailsService(userService);
|
||||||
}
|
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
|
||||||
|
return daoAuthenticationProvider;
|
||||||
/*
|
|
||||||
* OAuth2 Configuration start
|
|
||||||
* */
|
|
||||||
|
|
||||||
@Bean(name = "clientDetailsService")
|
|
||||||
public ClientDetailsService clientDetailsService(DataSource dataSource) {
|
|
||||||
return new CustomJdbcClientDetailsService(dataSource);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "tokenStore")
|
/**
|
||||||
public TokenStore tokenStore(DataSource dataSource) {
|
* BCrypt 加密
|
||||||
return new JdbcTokenStore(dataSource);
|
*
|
||||||
|
* @return PasswordEncoder
|
||||||
|
*/
|
||||||
|
@Bean
|
||||||
|
public PasswordEncoder passwordEncoder() {
|
||||||
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
// @Bean(name = "tokenServices")
|
|
||||||
// public DefaultTokenServices tokenServices(TokenStore tokenStore, ClientDetailsService clientDetailsService) {
|
|
||||||
// final DefaultTokenServices tokenServices = new DefaultTokenServices();
|
|
||||||
// tokenServices.setTokenStore(tokenStore);
|
|
||||||
// tokenServices.setClientDetailsService(clientDetailsService);
|
|
||||||
// tokenServices.setSupportRefreshToken(true);
|
|
||||||
// return tokenServices;
|
|
||||||
// }
|
|
||||||
|
|
||||||
@Bean(name = "oAuth2RequestFactory")
|
|
||||||
public OAuth2RequestFactory oAuth2RequestFactory(ClientDetailsService clientDetailsService) {
|
|
||||||
return new DefaultOAuth2RequestFactory(clientDetailsService);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "oauthUserApprovalHandler")
|
|
||||||
public UserApprovalHandler oauthUserApprovalHandler(TokenStore tokenStore, ClientDetailsService clientDetailsService, OAuth2RequestFactory oAuth2RequestFactory, OauthService oauthService) {
|
|
||||||
OauthUserApprovalHandler userApprovalHandler = new OauthUserApprovalHandler();
|
|
||||||
userApprovalHandler.setTokenStore(tokenStore);
|
|
||||||
userApprovalHandler.setClientDetailsService(clientDetailsService);
|
|
||||||
userApprovalHandler.setRequestFactory(oAuth2RequestFactory);
|
|
||||||
userApprovalHandler.setOauthService(oauthService);
|
|
||||||
return userApprovalHandler;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "jdbcAuthorizationCodeServices")
|
|
||||||
public AuthorizationCodeServices jdbcAuthorizationCodeServices(DataSource dataSource) {
|
|
||||||
return new JdbcAuthorizationCodeServices(dataSource);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "oauth2AuthenticationEntryPoint")
|
|
||||||
public OAuth2AuthenticationEntryPoint oauth2AuthenticationEntryPoint() {
|
|
||||||
return new OAuth2AuthenticationEntryPoint();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "oauth2ClientDetailsUserService")
|
|
||||||
public ClientDetailsUserDetailsService oauth2ClientDetailsUserService(ClientDetailsService clientDetailsService) {
|
|
||||||
return new ClientDetailsUserDetailsService(clientDetailsService);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
// @Bean(name = "oauth2AuthenticationManager")
|
|
||||||
// public AuthenticationManager oauth2AuthenticationManager(ClientDetailsUserDetailsService detailsService) {
|
|
||||||
// DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
|
|
||||||
// daoAuthenticationProvider.setUserDetailsService(detailsService);
|
|
||||||
// List<AuthenticationProvider> providers = Arrays.asList(daoAuthenticationProvider);
|
|
||||||
// return new ProviderManager(providers);
|
|
||||||
// }
|
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "oauth2AccessDecisionManager")
|
|
||||||
public UnanimousBased oauth2AccessDecisionManager() {
|
|
||||||
return new UnanimousBased(Arrays.asList(
|
|
||||||
new ScopeVoter(),
|
|
||||||
new RoleVoter(),
|
|
||||||
new AuthenticatedVoter()));
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@Bean(name = "oauth2AccessDeniedHandler")
|
|
||||||
public OAuth2AccessDeniedHandler oauth2AccessDeniedHandler() {
|
|
||||||
return new OAuth2AccessDeniedHandler();
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
// @Bean(name = "clientCredentialsTokenEndpointFilter")
|
|
||||||
// public ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter(AuthenticationManager oauth2AuthenticationManager) {
|
|
||||||
// ClientCredentialsTokenEndpointFilter clientCredentialsTokenEndpointFilter = new ClientCredentialsTokenEndpointFilter();
|
|
||||||
// clientCredentialsTokenEndpointFilter.setAuthenticationManager(oauth2AuthenticationManager);
|
|
||||||
// return clientCredentialsTokenEndpointFilter;
|
|
||||||
// }
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.infrastructure;
|
package com.monkeyk.sos.infrastructure;
|
||||||
|
|
||||||
import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 2016/3/25
|
* 2016/3/25
|
||||||
|
|
@ -14,8 +14,8 @@ public abstract class PasswordHandler {
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public static String md5(String password) {
|
public static String encode(String password) {
|
||||||
Md5PasswordEncoder encoder = new Md5PasswordEncoder();
|
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
|
||||||
return encoder.encodePassword(password, null);
|
return encoder.encode(password);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.service;
|
package com.monkeyk.sos.service;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.OauthClientDetailsDto;
|
import com.monkeyk.sos.service.dto.OauthClientDetailsDto;
|
||||||
import com.monkeyk.sos.domain.oauth.OauthClientDetails;
|
import com.monkeyk.sos.domain.oauth.OauthClientDetails;
|
||||||
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
package com.monkeyk.sos.service;
|
package com.monkeyk.sos.service;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.UserFormDto;
|
import com.monkeyk.sos.service.dto.UserFormDto;
|
||||||
import com.monkeyk.sos.domain.dto.UserJsonDto;
|
import com.monkeyk.sos.service.dto.UserJsonDto;
|
||||||
import com.monkeyk.sos.domain.dto.UserOverviewDto;
|
import com.monkeyk.sos.service.dto.UserOverviewDto;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
package com.monkeyk.sos.domain.dto;
|
package com.monkeyk.sos.service.dto;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.oauth.OauthClientDetails;
|
import com.monkeyk.sos.domain.oauth.OauthClientDetails;
|
||||||
import com.monkeyk.sos.infrastructure.DateUtils;
|
import com.monkeyk.sos.infrastructure.DateUtils;
|
||||||
|
|
@ -9,7 +9,7 @@
|
||||||
* it only in accordance with the terms of the license agreement you
|
* it only in accordance with the terms of the license agreement you
|
||||||
* entered into with MONKEYK Information Technology Co. Ltd.
|
* entered into with MONKEYK Information Technology Co. Ltd.
|
||||||
*/
|
*/
|
||||||
package com.monkeyk.sos.domain.dto;
|
package com.monkeyk.sos.service.dto;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.user.Privilege;
|
import com.monkeyk.sos.domain.user.Privilege;
|
||||||
import com.monkeyk.sos.domain.user.User;
|
import com.monkeyk.sos.domain.user.User;
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
package com.monkeyk.sos.domain.dto;
|
package com.monkeyk.sos.service.dto;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.user.Privilege;
|
import com.monkeyk.sos.domain.user.Privilege;
|
||||||
import com.monkeyk.sos.domain.user.User;
|
import com.monkeyk.sos.domain.user.User;
|
||||||
|
|
@ -36,7 +36,7 @@ public class UserFormDto extends UserDto {
|
||||||
.username(getUsername())
|
.username(getUsername())
|
||||||
.phone(getPhone())
|
.phone(getPhone())
|
||||||
.email(getEmail())
|
.email(getEmail())
|
||||||
.password(PasswordHandler.md5(getPassword()));
|
.password(PasswordHandler.encode(getPassword()));
|
||||||
user.privileges().addAll(getPrivileges());
|
user.privileges().addAll(getPrivileges());
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
package com.monkeyk.sos.domain.dto;
|
package com.monkeyk.sos.service.dto;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.user.Privilege;
|
import com.monkeyk.sos.domain.user.Privilege;
|
||||||
import com.monkeyk.sos.domain.user.User;
|
import com.monkeyk.sos.domain.user.User;
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
package com.monkeyk.sos.domain.dto;
|
package com.monkeyk.sos.service.dto;
|
||||||
|
|
||||||
import java.io.Serializable;
|
import java.io.Serializable;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.service.impl;
|
package com.monkeyk.sos.service.impl;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.OauthClientDetailsDto;
|
import com.monkeyk.sos.service.dto.OauthClientDetailsDto;
|
||||||
import com.monkeyk.sos.domain.oauth.OauthClientDetails;
|
import com.monkeyk.sos.domain.oauth.OauthClientDetails;
|
||||||
import com.monkeyk.sos.domain.oauth.OauthRepository;
|
import com.monkeyk.sos.domain.oauth.OauthRepository;
|
||||||
import com.monkeyk.sos.service.OauthService;
|
import com.monkeyk.sos.service.OauthService;
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
package com.monkeyk.sos.service.impl;
|
package com.monkeyk.sos.service.impl;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.UserDto;
|
import com.monkeyk.sos.service.dto.UserDto;
|
||||||
import com.monkeyk.sos.domain.dto.UserFormDto;
|
import com.monkeyk.sos.service.dto.UserFormDto;
|
||||||
import com.monkeyk.sos.domain.dto.UserJsonDto;
|
import com.monkeyk.sos.service.dto.UserJsonDto;
|
||||||
import com.monkeyk.sos.domain.dto.UserOverviewDto;
|
import com.monkeyk.sos.service.dto.UserOverviewDto;
|
||||||
import com.monkeyk.sos.domain.shared.security.WdcyUserDetails;
|
import com.monkeyk.sos.domain.shared.security.WdcyUserDetails;
|
||||||
import com.monkeyk.sos.domain.user.User;
|
import com.monkeyk.sos.domain.user.User;
|
||||||
import com.monkeyk.sos.domain.user.UserRepository;
|
import com.monkeyk.sos.domain.user.UserRepository;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.web.controller;
|
package com.monkeyk.sos.web.controller;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.OauthClientDetailsDto;
|
import com.monkeyk.sos.service.dto.OauthClientDetailsDto;
|
||||||
import com.monkeyk.sos.service.OauthService;
|
import com.monkeyk.sos.service.OauthService;
|
||||||
import com.monkeyk.sos.web.oauth.OauthClientDetailsDtoValidator;
|
import com.monkeyk.sos.web.oauth.OauthClientDetailsDtoValidator;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
|
|
||||||
|
|
@ -204,7 +204,7 @@ public class OAuthRestController implements InitializingBean, ApplicationContext
|
||||||
@Override
|
@Override
|
||||||
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
|
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
|
||||||
if (this.authenticationManager == null) {
|
if (this.authenticationManager == null) {
|
||||||
this.authenticationManager = (AuthenticationManager) applicationContext.getBean("authenticationManager");
|
this.authenticationManager = (AuthenticationManager) applicationContext.getBean("authenticationManagerBean");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,7 +1,7 @@
|
||||||
package com.monkeyk.sos.web.controller;
|
package com.monkeyk.sos.web.controller;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.UserFormDto;
|
import com.monkeyk.sos.service.dto.UserFormDto;
|
||||||
import com.monkeyk.sos.domain.dto.UserOverviewDto;
|
import com.monkeyk.sos.service.dto.UserOverviewDto;
|
||||||
import com.monkeyk.sos.service.UserService;
|
import com.monkeyk.sos.service.UserService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.web.controller;
|
package com.monkeyk.sos.web.controller;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.UserFormDto;
|
import com.monkeyk.sos.service.dto.UserFormDto;
|
||||||
import com.monkeyk.sos.domain.user.Privilege;
|
import com.monkeyk.sos.domain.user.Privilege;
|
||||||
import com.monkeyk.sos.service.UserService;
|
import com.monkeyk.sos.service.UserService;
|
||||||
import org.apache.commons.lang.StringUtils;
|
import org.apache.commons.lang.StringUtils;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.web.controller.mobile;
|
package com.monkeyk.sos.web.controller.mobile;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.UserJsonDto;
|
import com.monkeyk.sos.service.dto.UserJsonDto;
|
||||||
import com.monkeyk.sos.service.UserService;
|
import com.monkeyk.sos.service.UserService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.web.controller.unity;
|
package com.monkeyk.sos.web.controller.unity;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.UserJsonDto;
|
import com.monkeyk.sos.service.dto.UserJsonDto;
|
||||||
import com.monkeyk.sos.service.UserService;
|
import com.monkeyk.sos.service.UserService;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,31 @@
|
||||||
|
package com.monkeyk.sos.web.filter;
|
||||||
|
|
||||||
|
import org.sitemesh.builder.SiteMeshFilterBuilder;
|
||||||
|
import org.sitemesh.config.ConfigurableSiteMeshFilter;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 2018/2/3
|
||||||
|
* <p>
|
||||||
|
* Replace decorator.xml
|
||||||
|
* <p>
|
||||||
|
* Sitemesh
|
||||||
|
*
|
||||||
|
* @author Shengzhao Li
|
||||||
|
*/
|
||||||
|
public class SOSSiteMeshFilter extends ConfigurableSiteMeshFilter {
|
||||||
|
|
||||||
|
|
||||||
|
public SOSSiteMeshFilter() {
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void applyCustomConfiguration(SiteMeshFilterBuilder builder) {
|
||||||
|
|
||||||
|
builder.addDecoratorPath("/*", "/WEB-INF/jsp/decorators/main.jsp")
|
||||||
|
|
||||||
|
.addExcludedPath("/static/**");
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
package com.monkeyk.sos.web.oauth;
|
package com.monkeyk.sos.web.oauth;
|
||||||
|
|
||||||
import com.monkeyk.sos.domain.dto.OauthClientDetailsDto;
|
import com.monkeyk.sos.service.dto.OauthClientDetailsDto;
|
||||||
import com.monkeyk.sos.service.OauthService;
|
import com.monkeyk.sos.service.OauthService;
|
||||||
import org.apache.commons.lang.StringUtils;
|
import org.apache.commons.lang.StringUtils;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
|
|
||||||
|
|
@ -5,20 +5,19 @@ spring.application.name=spring-oauth-server
|
||||||
# MySQL
|
# MySQL
|
||||||
#####################
|
#####################
|
||||||
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
|
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
|
||||||
spring.datasource.url=jdbc:mysql://localhost:3306/oauth2?autoReconnect=true&autoReconnectForPools=true&useUnicode=true&characterEncoding=utf8
|
spring.datasource.url=jdbc:mysql://localhost:3306/oauth2_boot?autoReconnect=true&autoReconnectForPools=true&useUnicode=true&characterEncoding=utf8
|
||||||
spring.datasource.data-username=andaily
|
spring.datasource.data-username=andaily
|
||||||
spring.datasource.data-password=andaily
|
spring.datasource.data-password=andaily
|
||||||
#
|
#
|
||||||
#THYMELEAF
|
# MVC
|
||||||
|
spring.mvc.ignore-default-model-on-redirect=false
|
||||||
|
spring.http.encoding.enabled=true
|
||||||
|
spring.http.encoding.charset=UTF-8
|
||||||
|
spring.http.encoding.force=true
|
||||||
|
spring.mvc.locale=zh_CN
|
||||||
|
spring.mvc.view.prefix=/WEB-INF/jsp/
|
||||||
|
spring.mvc.view.suffix=.jsp
|
||||||
#
|
#
|
||||||
spring.thymeleaf.prefix=/WEB-INF/view/
|
|
||||||
spring.thymeleaf.suffix=.html
|
|
||||||
spring.thymeleaf.mode=HTML5
|
|
||||||
spring.thymeleaf.encoding=UTF-8
|
|
||||||
# ;charset=<encoding> is added
|
|
||||||
spring.thymeleaf.content-type=text/html
|
|
||||||
# set to false for hot refresh
|
|
||||||
spring.thymeleaf.cache=false
|
|
||||||
#
|
#
|
||||||
# Logging
|
# Logging
|
||||||
#
|
#
|
||||||
|
|
|
||||||
|
|
@ -14,7 +14,7 @@ public class PasswordHandlerTest {
|
||||||
@Test
|
@Test
|
||||||
public void testMd5() throws Exception {
|
public void testMd5() throws Exception {
|
||||||
|
|
||||||
final String md5 = PasswordHandler.md5("123456");
|
final String md5 = PasswordHandler.encode("123456");
|
||||||
assertNotNull(md5);
|
assertNotNull(md5);
|
||||||
System.out.println(md5);
|
System.out.println(md5);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue