109 升级 spring-security-oauth2 的版本到 2.0.6以上, 目前是1.0.5
113 Upgrade spring, spring security version to > 4.0 version: 0.4-beta0.4-beta
Li Shengzhao
parent
f6100f71c5
commit
efff49afbe
|
|
@ -16,7 +16,8 @@ create table oauth_client_details (
|
|||
additional_information VARCHAR(4096),
|
||||
create_time timestamp default now(),
|
||||
archived tinyint(1) default '0',
|
||||
trusted tinyint(1) default '0'
|
||||
trusted tinyint(1) default '0',
|
||||
autoapprove VARCHAR (255) default 'false'
|
||||
);
|
||||
|
||||
Drop table if exists oauth_client_token;
|
||||
|
|
|
|||
59
pom.xml
59
pom.xml
|
|
@ -6,18 +6,20 @@
|
|||
|
||||
<groupId>wdcy.cc</groupId>
|
||||
<artifactId>spring-oauth-server</artifactId>
|
||||
<version>0.3</version>
|
||||
<version>0.4-beta</version>
|
||||
<name>spring-oauth-server</name>
|
||||
<packaging>war</packaging>
|
||||
<description>Spring Oauth Server</description>
|
||||
|
||||
<properties>
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
<spring.version>3.1.1.RELEASE</spring.version>
|
||||
<spring.security.version>3.1.0.RELEASE</spring.security.version>
|
||||
<!--Next branch version: 2.0.7.RELEASE-->
|
||||
<spring.security.oauth.version>1.0.5.RELEASE</spring.security.oauth.version>
|
||||
<aspectj.version>1.6.10</aspectj.version>
|
||||
|
||||
<spring.version>4.1.6.RELEASE</spring.version>
|
||||
<spring.security.version>4.0.1.RELEASE</spring.security.version>
|
||||
<spring.security.oauth.version>2.0.7.RELEASE</spring.security.oauth.version>
|
||||
<fasterxml.jackson.version>2.5.4</fasterxml.jackson.version>
|
||||
|
||||
<aspectj.version>1.8.6</aspectj.version>
|
||||
<mybatis.version>3.2.1</mybatis.version>
|
||||
|
||||
<!--jdbc execute sql config-->
|
||||
|
|
@ -196,11 +198,17 @@
|
|||
<version>${aspectj.version}</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>commons-dbcp</groupId>
|
||||
<artifactId>commons-dbcp</artifactId>
|
||||
<version>1.4</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang</groupId>
|
||||
<artifactId>commons-lang</artifactId>
|
||||
<version>2.6</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>commons-io</groupId>
|
||||
|
|
@ -269,16 +277,16 @@
|
|||
<artifactId>spring-security-taglibs</artifactId>
|
||||
<version>${spring.security.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-acl</artifactId>
|
||||
<version>${spring.security.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-crypto</artifactId>
|
||||
<version>${spring.security.version}</version>
|
||||
</dependency>
|
||||
<!--<dependency>-->
|
||||
<!--<groupId>org.springframework.security</groupId>-->
|
||||
<!--<artifactId>spring-security-acl</artifactId>-->
|
||||
<!--<version>${spring.security.version}</version>-->
|
||||
<!--</dependency>-->
|
||||
<!--<dependency>-->
|
||||
<!--<groupId>org.springframework.security</groupId>-->
|
||||
<!--<artifactId>spring-security-crypto</artifactId>-->
|
||||
<!--<version>${spring.security.version}</version>-->
|
||||
<!--</dependency>-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-config</artifactId>
|
||||
|
|
@ -291,6 +299,13 @@
|
|||
<version>${spring.security.oauth.version}</version>
|
||||
</dependency>
|
||||
|
||||
<!--json-->
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
<version>${fasterxml.jackson.version}</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>mysql</groupId>
|
||||
<artifactId>mysql-connector-java</artifactId>
|
||||
|
|
@ -312,18 +327,6 @@
|
|||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>net.sf.json-lib</groupId>
|
||||
<artifactId>json-lib</artifactId>
|
||||
<version>2.4</version>
|
||||
<classifier>jdk15</classifier>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>commons-logging</groupId>
|
||||
<artifactId>commons-logging</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<!--mybatis-->
|
||||
<dependency>
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
package cc.wdcy.domain.oauth;
|
||||
|
||||
import org.springframework.security.oauth2.provider.JdbcClientDetailsService;
|
||||
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
||||
|
||||
import javax.sql.DataSource;
|
||||
|
||||
|
|
@ -12,7 +12,7 @@ import javax.sql.DataSource;
|
|||
public class CustomJdbcClientDetailsService extends JdbcClientDetailsService {
|
||||
|
||||
private static final String SELECT_CLIENT_DETAILS_SQL = "select client_id, client_secret, resource_ids, scope, authorized_grant_types, " +
|
||||
"web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information " +
|
||||
"web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove " +
|
||||
"from oauth_client_details where client_id = ? and archived = 0 ";
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,10 +1,8 @@
|
|||
package cc.wdcy.web;
|
||||
|
||||
import net.sf.json.JSON;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
||||
/**
|
||||
* @author Shengzhao Li
|
||||
|
|
@ -17,16 +15,28 @@ public abstract class WebUtils {
|
|||
}
|
||||
|
||||
|
||||
public static void writeJson(HttpServletResponse response, JSON json) {
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
try {
|
||||
PrintWriter writer = response.getWriter();
|
||||
json.write(writer);
|
||||
writer.flush();
|
||||
} catch (IOException e) {
|
||||
throw new IllegalStateException("Write json to response error", e);
|
||||
/**
|
||||
* Retrieve client ip address
|
||||
*
|
||||
* @param request HttpServletRequest
|
||||
* @return IP
|
||||
*/
|
||||
public static String retrieveClientIp(HttpServletRequest request) {
|
||||
String ip = request.getHeader("x-forwarded-for");
|
||||
if (isUnAvailableIp(ip)) {
|
||||
ip = request.getHeader("Proxy-Client-IP");
|
||||
}
|
||||
if (isUnAvailableIp(ip)) {
|
||||
ip = request.getHeader("WL-Proxy-Client-IP");
|
||||
}
|
||||
if (isUnAvailableIp(ip)) {
|
||||
ip = request.getRemoteAddr();
|
||||
}
|
||||
return ip;
|
||||
}
|
||||
|
||||
private static boolean isUnAvailableIp(String ip) {
|
||||
return (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip));
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -2,14 +2,10 @@ package cc.wdcy.web.controller.mobile;
|
|||
|
||||
import cc.wdcy.domain.dto.UserJsonDto;
|
||||
import cc.wdcy.service.UserService;
|
||||
import net.sf.json.JSONObject;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import static cc.wdcy.web.WebUtils.writeJson;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
/**
|
||||
* @author Shengzhao Li
|
||||
|
|
@ -28,9 +24,9 @@ public class MobileController {
|
|||
}
|
||||
|
||||
@RequestMapping("user_info")
|
||||
public void userInfo(HttpServletResponse response) throws Exception {
|
||||
final UserJsonDto jsonDto = userService.loadCurrentUserJsonDto();
|
||||
writeJson(response, JSONObject.fromObject(jsonDto));
|
||||
@ResponseBody
|
||||
public UserJsonDto userInfo() throws Exception {
|
||||
return userService.loadCurrentUserJsonDto();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -2,14 +2,10 @@ package cc.wdcy.web.controller.unity;
|
|||
|
||||
import cc.wdcy.domain.dto.UserJsonDto;
|
||||
import cc.wdcy.service.UserService;
|
||||
import net.sf.json.JSONObject;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import static cc.wdcy.web.WebUtils.writeJson;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
/**
|
||||
* @author Shengzhao Li
|
||||
|
|
@ -29,9 +25,9 @@ public class UnityController {
|
|||
}
|
||||
|
||||
@RequestMapping("user_info")
|
||||
public void userInfo(HttpServletResponse response) throws Exception {
|
||||
final UserJsonDto jsonDto = userService.loadCurrentUserJsonDto();
|
||||
writeJson(response, JSONObject.fromObject(jsonDto));
|
||||
@ResponseBody
|
||||
public UserJsonDto userInfo() throws Exception {
|
||||
return userService.loadCurrentUserJsonDto();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -4,12 +4,12 @@ import cc.wdcy.domain.oauth.OauthClientDetails;
|
|||
import cc.wdcy.service.OauthService;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.oauth2.provider.AuthorizationRequest;
|
||||
import org.springframework.security.oauth2.provider.approval.TokenServicesUserApprovalHandler;
|
||||
import org.springframework.security.oauth2.provider.approval.TokenStoreUserApprovalHandler;
|
||||
|
||||
/**
|
||||
* @author Shengzhao Li
|
||||
*/
|
||||
public class OauthUserApprovalHandler extends TokenServicesUserApprovalHandler {
|
||||
public class OauthUserApprovalHandler extends TokenStoreUserApprovalHandler {
|
||||
|
||||
private OauthService oauthService;
|
||||
|
||||
|
|
|
|||
|
|
@ -3,9 +3,9 @@
|
|||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:tx="http://www.springframework.org/schema/tx" xmlns:context="http://www.springframework.org/schema/context"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
|
||||
http://www.springframework.org/schema/tx
|
||||
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd">
|
||||
http://www.springframework.org/schema/tx/spring-tx-4.0.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.1.xsd">
|
||||
|
||||
|
||||
<!--annotation configuration -->
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@
|
|||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns:oauth2="http://www.springframework.org/schema/security/oauth2"
|
||||
xmlns:mvc="http://www.springframework.org/schema/mvc"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
|
||||
http://www.springframework.org/schema/security
|
||||
http://www.springframework.org/schema/security/spring-security-3.1.xsd http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-1.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-3.1.xsd">
|
||||
http://www.springframework.org/schema/security/spring-security-4.0.xsd http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2-2.0.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc-4.0.xsd">
|
||||
|
||||
<!--<debug/>-->
|
||||
|
||||
|
|
@ -23,35 +23,38 @@
|
|||
<mvc:default-servlet-handler/>
|
||||
|
||||
<http pattern="/oauth/token" create-session="stateless" authentication-manager-ref="oauth2AuthenticationManager"
|
||||
entry-point-ref="oauth2AuthenticationEntryPoint">
|
||||
entry-point-ref="oauth2AuthenticationEntryPoint" use-expressions="false">
|
||||
<intercept-url pattern="/oauth/token" access="IS_AUTHENTICATED_FULLY"/>
|
||||
<anonymous enabled="false"/>
|
||||
<http-basic entry-point-ref="oauth2AuthenticationEntryPoint"/>
|
||||
|
||||
<custom-filter ref="clientCredentialsTokenEndpointFilter" before="BASIC_AUTH_FILTER"/>
|
||||
<access-denied-handler ref="oauth2AccessDeniedHandler"/>
|
||||
<csrf disabled="true"/>
|
||||
</http>
|
||||
|
||||
<!--unity http configuration-->
|
||||
<http pattern="/unity/**" create-session="never" entry-point-ref="oauth2AuthenticationEntryPoint"
|
||||
access-decision-manager-ref="oauth2AccessDecisionManager">
|
||||
access-decision-manager-ref="oauth2AccessDecisionManager" use-expressions="false">
|
||||
<anonymous enabled="false"/>
|
||||
|
||||
<intercept-url pattern="/unity/**" access="ROLE_UNITY,SCOPE_READ"/>
|
||||
|
||||
<custom-filter ref="unityResourceServer" before="PRE_AUTH_FILTER"/>
|
||||
<access-denied-handler ref="oauth2AccessDeniedHandler"/>
|
||||
<csrf disabled="true"/>
|
||||
</http>
|
||||
|
||||
<!--mobile http configuration-->
|
||||
<http pattern="/m/**" create-session="never" entry-point-ref="oauth2AuthenticationEntryPoint"
|
||||
access-decision-manager-ref="oauth2AccessDecisionManager">
|
||||
access-decision-manager-ref="oauth2AccessDecisionManager" use-expressions="false">
|
||||
<anonymous enabled="false"/>
|
||||
|
||||
<intercept-url pattern="/m/**" access="ROLE_MOBILE,SCOPE_READ"/>
|
||||
|
||||
<custom-filter ref="mobileResourceServer" before="PRE_AUTH_FILTER"/>
|
||||
<access-denied-handler ref="oauth2AccessDeniedHandler"/>
|
||||
<csrf disabled="true"/>
|
||||
</http>
|
||||
|
||||
<beans:bean id="clientCredentialsTokenEndpointFilter"
|
||||
|
|
@ -87,7 +90,7 @@
|
|||
|
||||
<!--Config token services-->
|
||||
<!--<beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.InMemoryTokenStore"/>-->
|
||||
<beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.JdbcTokenStore">
|
||||
<beans:bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
|
||||
<beans:constructor-arg index="0" ref="dataSource"/>
|
||||
</beans:bean>
|
||||
|
||||
|
|
@ -104,8 +107,16 @@
|
|||
<!--<oauth2:expression-handler id="oauth2ExpressionHandler"/>-->
|
||||
<!--<oauth2:web-expression-handler id="oauth2WebExpressionHandler"/>-->
|
||||
|
||||
<beans:bean class="org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory"
|
||||
id="oAuth2RequestFactory">
|
||||
<beans:constructor-arg name="clientDetailsService" ref="clientDetailsService"/>
|
||||
</beans:bean>
|
||||
|
||||
|
||||
<beans:bean id="oauthUserApprovalHandler" class="cc.wdcy.web.oauth.OauthUserApprovalHandler">
|
||||
<beans:property name="tokenServices" ref="tokenServices"/>
|
||||
<beans:property name="tokenStore" ref="tokenStore"/>
|
||||
<beans:property name="clientDetailsService" ref="clientDetailsService"/>
|
||||
<beans:property name="requestFactory" ref="oAuth2RequestFactory"/>
|
||||
<beans:property name="oauthService" ref="oauthService"/>
|
||||
</beans:bean>
|
||||
|
||||
|
|
@ -156,7 +167,7 @@
|
|||
class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler"/>
|
||||
|
||||
|
||||
<http access-denied-page="/login.jsp?authorization_error=2" disable-url-rewriting="true"
|
||||
<http disable-url-rewriting="true" use-expressions="false"
|
||||
authentication-manager-ref="authenticationManager">
|
||||
<intercept-url pattern="/oauth/**" access="ROLE_USER,ROLE_UNITY,ROLE_MOBILE"/>
|
||||
<intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY"/>
|
||||
|
|
@ -164,7 +175,9 @@
|
|||
<form-login authentication-failure-url="/login.jsp?authentication_error=1" default-target-url="/index.jsp"
|
||||
login-page="/login.jsp" login-processing-url="/login.do"/>
|
||||
<logout logout-success-url="/index.jsp" logout-url="/logout.do"/>
|
||||
<access-denied-handler error-page="/login.jsp?authorization_error=2"/>
|
||||
<anonymous/>
|
||||
<csrf disabled="true"/>
|
||||
</http>
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tx="http://www.springframework.org/schema/tx"
|
||||
xmlns:aop="http://www.springframework.org/schema/aop"
|
||||
xsi:schemaLocation="http://www.springframework.org/schema/beans
|
||||
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-2.5.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-2.0.xsd">
|
||||
http://www.springframework.org/schema/beans/spring-beans-4.0.xsd http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-4.0.xsd http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-4.0.xsd">
|
||||
|
||||
<!--aop-->
|
||||
<aop:config>
|
||||
|
|
|
|||
|
|
@ -18,11 +18,8 @@
|
|||
<mvc:resources mapping="/index.jsp*" location="/index.jsp"/>
|
||||
<mvc:resources mapping="/resources/**" location="/resources/"/>
|
||||
|
||||
<bean class="org.springframework.web.servlet.mvc.annotation.DefaultAnnotationHandlerMapping">
|
||||
<property name="order" value="2"/>
|
||||
</bean>
|
||||
<bean class="org.springframework.web.servlet.mvc.annotation.AnnotationMethodHandlerAdapter">
|
||||
</bean>
|
||||
<mvc:annotation-driven/>
|
||||
<mvc:default-servlet-handler/>
|
||||
|
||||
<bean class="org.springframework.web.servlet.view.InternalResourceViewResolver">
|
||||
<property name="viewClass" value="org.springframework.web.servlet.view.JstlView"/>
|
||||
|
|
|
|||
|
|
@ -16,11 +16,11 @@
|
|||
<form action="${pageContext.request.contextPath}/login.do" method="post">
|
||||
|
||||
<label for="username">Username:</label>
|
||||
<input type="text" id="username" name="j_username" value="" required="required"/>
|
||||
<input type="text" id="username" name="username" value="" required="required"/>
|
||||
<br/>
|
||||
<br/>
|
||||
<label for="password">Password:</label>
|
||||
<input type="password" name="j_password" id="password" value="" required="required"/>
|
||||
<input type="password" name="password" id="password" value="" required="required"/>
|
||||
<br/>
|
||||
<input type="submit" value="Login" class="btn btn-primary"/>
|
||||
<span class="text-danger">
|
||||
|
|
|
|||
Loading…
Reference in New Issue