forked from wuyouzhuguli/SpringAll
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
mrbird
committed
Jun 26, 2019
1 parent
eb854a4
commit 23a998d
Showing
18 changed files
with
775 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,70 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
<modelVersion>4.0.0</modelVersion> | ||
<parent> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter-parent</artifactId> | ||
<version>2.1.6.RELEASE</version> | ||
<relativePath/> <!-- lookup parent from repository --> | ||
</parent> | ||
<groupId>cc.mrbird</groupId> | ||
<artifactId>security</artifactId> | ||
<version>0.0.1-SNAPSHOT</version> | ||
<name>security</name> | ||
<description>Demo project for Spring Boot</description> | ||
|
||
<properties> | ||
<java.version>1.8</java.version> | ||
<spring-cloud.version>Greenwich.SR1</spring-cloud.version> | ||
</properties> | ||
|
||
<dependencies> | ||
<dependency> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter-web</artifactId> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.springframework.cloud</groupId> | ||
<artifactId>spring-cloud-starter</artifactId> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.springframework.cloud</groupId> | ||
<artifactId>spring-cloud-starter-oauth2</artifactId> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.springframework.cloud</groupId> | ||
<artifactId>spring-cloud-starter-security</artifactId> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.apache.commons</groupId> | ||
<artifactId>commons-lang3</artifactId> | ||
</dependency> | ||
<dependency> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-starter-data-redis</artifactId> | ||
</dependency> | ||
</dependencies> | ||
|
||
<dependencyManagement> | ||
<dependencies> | ||
<dependency> | ||
<groupId>org.springframework.cloud</groupId> | ||
<artifactId>spring-cloud-dependencies</artifactId> | ||
<version>${spring-cloud.version}</version> | ||
<type>pom</type> | ||
<scope>import</scope> | ||
</dependency> | ||
</dependencies> | ||
</dependencyManagement> | ||
|
||
<build> | ||
<plugins> | ||
<plugin> | ||
<groupId>org.springframework.boot</groupId> | ||
<artifactId>spring-boot-maven-plugin</artifactId> | ||
</plugin> | ||
</plugins> | ||
</build> | ||
|
||
</project> |
13 changes: 13 additions & 0 deletions
13
...pring-Security-OAuth2-Customize/src/main/java/cc/mrbird/security/SecurityApplication.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
package cc.mrbird.security; | ||
|
||
import org.springframework.boot.SpringApplication; | ||
import org.springframework.boot.autoconfigure.SpringBootApplication; | ||
|
||
@SpringBootApplication | ||
public class SecurityApplication { | ||
|
||
public static void main(String[] args) { | ||
SpringApplication.run(SecurityApplication.class, args); | ||
} | ||
|
||
} |
20 changes: 20 additions & 0 deletions
20
...y-OAuth2-Customize/src/main/java/cc/mrbird/security/config/AuthorizationServerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
package cc.mrbird.security.config; | ||
|
||
import org.springframework.context.annotation.Bean; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
import org.springframework.security.crypto.password.PasswordEncoder; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; | ||
|
||
/** | ||
* @author MrBird | ||
*/ | ||
@Configuration | ||
@EnableAuthorizationServer | ||
public class AuthorizationServerConfig { | ||
|
||
@Bean | ||
public PasswordEncoder passwordEncoder() { | ||
return new BCryptPasswordEncoder(); | ||
} | ||
} |
46 changes: 46 additions & 0 deletions
46
...curity-OAuth2-Customize/src/main/java/cc/mrbird/security/config/ResourceServerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
package cc.mrbird.security.config; | ||
|
||
import cc.mrbird.security.handler.MyAuthenticationFailureHandler; | ||
import cc.mrbird.security.handler.MyAuthenticationSucessHandler; | ||
import cc.mrbird.security.validate.smscode.SmsAuthenticationConfig; | ||
import cc.mrbird.security.validate.smscode.SmsCodeFilter; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.context.annotation.Configuration; | ||
import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; | ||
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; | ||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; | ||
|
||
/** | ||
* @author MrBird | ||
*/ | ||
@Configuration | ||
@EnableResourceServer | ||
public class ResourceServerConfig extends ResourceServerConfigurerAdapter { | ||
|
||
@Autowired | ||
private MyAuthenticationSucessHandler authenticationSucessHandler; | ||
@Autowired | ||
private MyAuthenticationFailureHandler authenticationFailureHandler; | ||
@Autowired | ||
private SmsCodeFilter smsCodeFilter; | ||
@Autowired | ||
private SmsAuthenticationConfig smsAuthenticationConfig; | ||
|
||
@Override | ||
public void configure(HttpSecurity http) throws Exception { | ||
http.addFilterBefore(smsCodeFilter, UsernamePasswordAuthenticationFilter.class) // 添加短信验证码校验过滤器 | ||
.formLogin() // 表单登录 | ||
.loginProcessingUrl("/login") // 处理表单登录 URL | ||
.successHandler(authenticationSucessHandler) // 处理登录成功 | ||
.failureHandler(authenticationFailureHandler) // 处理登录失败 | ||
.and() | ||
.authorizeRequests() // 授权配置 | ||
.antMatchers("/code/sms").permitAll() | ||
.anyRequest() // 所有请求 | ||
.authenticated() // 都需要认证 | ||
.and() | ||
.csrf().disable() | ||
.apply(smsAuthenticationConfig); | ||
} | ||
} |
18 changes: 18 additions & 0 deletions
18
...Security-OAuth2-Customize/src/main/java/cc/mrbird/security/controller/UserController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
package cc.mrbird.security.controller; | ||
|
||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.core.annotation.AuthenticationPrincipal; | ||
import org.springframework.web.bind.annotation.GetMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
|
||
/** | ||
* @author MrBird | ||
*/ | ||
@RestController | ||
public class UserController { | ||
|
||
@GetMapping("index") | ||
public Object index(@AuthenticationPrincipal Authentication authentication){ | ||
return authentication; | ||
} | ||
} |
33 changes: 33 additions & 0 deletions
33
...rity-OAuth2-Customize/src/main/java/cc/mrbird/security/controller/ValidateController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package cc.mrbird.security.controller; | ||
|
||
import cc.mrbird.security.service.RedisCodeService; | ||
import cc.mrbird.security.validate.smscode.SmsCode; | ||
import org.apache.commons.lang3.RandomStringUtils; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.web.bind.annotation.GetMapping; | ||
import org.springframework.web.bind.annotation.RestController; | ||
import org.springframework.web.context.request.ServletWebRequest; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
|
||
@RestController | ||
public class ValidateController { | ||
|
||
@Autowired | ||
private RedisCodeService redisCodeService; | ||
|
||
@GetMapping("/code/sms") | ||
public void createSmsCode(HttpServletRequest request, HttpServletResponse response, String mobile) throws Exception { | ||
SmsCode smsCode = createSMSCode(); | ||
redisCodeService.save(smsCode, new ServletWebRequest(request), mobile); | ||
// 输出验证码到控制台代替短信发送服务 | ||
System.out.println("手机号" + mobile + "的登录验证码为:" + smsCode.getCode() + ",有效时间为120秒"); | ||
} | ||
|
||
private SmsCode createSMSCode() { | ||
String code = RandomStringUtils.randomNumeric(6); | ||
return new SmsCode(code); | ||
} | ||
|
||
} |
67 changes: 67 additions & 0 deletions
67
64.Spring-Security-OAuth2-Customize/src/main/java/cc/mrbird/security/domain/MyUser.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,67 @@ | ||
package cc.mrbird.security.domain; | ||
|
||
import java.io.Serializable; | ||
|
||
public class MyUser implements Serializable { | ||
private static final long serialVersionUID = 3497935890426858541L; | ||
|
||
private String userName; | ||
|
||
private String password; | ||
|
||
private boolean accountNonExpired = true; | ||
|
||
private boolean accountNonLocked= true; | ||
|
||
private boolean credentialsNonExpired= true; | ||
|
||
private boolean enabled= true; | ||
|
||
public String getUserName() { | ||
return userName; | ||
} | ||
|
||
public void setUserName(String userName) { | ||
this.userName = userName; | ||
} | ||
|
||
public String getPassword() { | ||
return password; | ||
} | ||
|
||
public void setPassword(String password) { | ||
this.password = password; | ||
} | ||
|
||
public boolean isAccountNonExpired() { | ||
return accountNonExpired; | ||
} | ||
|
||
public void setAccountNonExpired(boolean accountNonExpired) { | ||
this.accountNonExpired = accountNonExpired; | ||
} | ||
|
||
public boolean isAccountNonLocked() { | ||
return accountNonLocked; | ||
} | ||
|
||
public void setAccountNonLocked(boolean accountNonLocked) { | ||
this.accountNonLocked = accountNonLocked; | ||
} | ||
|
||
public boolean isCredentialsNonExpired() { | ||
return credentialsNonExpired; | ||
} | ||
|
||
public void setCredentialsNonExpired(boolean credentialsNonExpired) { | ||
this.credentialsNonExpired = credentialsNonExpired; | ||
} | ||
|
||
public boolean isEnabled() { | ||
return enabled; | ||
} | ||
|
||
public void setEnabled(boolean enabled) { | ||
this.enabled = enabled; | ||
} | ||
} |
28 changes: 28 additions & 0 deletions
28
...h2-Customize/src/main/java/cc/mrbird/security/handler/MyAuthenticationFailureHandler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
package cc.mrbird.security.handler; | ||
|
||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.http.HttpStatus; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.core.AuthenticationException; | ||
import org.springframework.security.web.authentication.AuthenticationFailureHandler; | ||
import org.springframework.stereotype.Component; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import java.io.IOException; | ||
|
||
@Component | ||
public class MyAuthenticationFailureHandler implements AuthenticationFailureHandler { | ||
|
||
@Autowired | ||
private ObjectMapper mapper; | ||
|
||
@Override | ||
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, | ||
AuthenticationException exception) throws IOException { | ||
response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); | ||
response.setContentType("application/json;charset=utf-8"); | ||
response.getWriter().write(mapper.writeValueAsString(exception.getMessage())); | ||
} | ||
} |
93 changes: 93 additions & 0 deletions
93
...th2-Customize/src/main/java/cc/mrbird/security/handler/MyAuthenticationSucessHandler.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
package cc.mrbird.security.handler; | ||
|
||
import com.fasterxml.jackson.databind.ObjectMapper; | ||
import org.apache.commons.lang3.StringUtils; | ||
import org.slf4j.Logger; | ||
import org.slf4j.LoggerFactory; | ||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.security.authentication.BadCredentialsException; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.oauth2.common.OAuth2AccessToken; | ||
import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException; | ||
import org.springframework.security.oauth2.provider.*; | ||
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; | ||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; | ||
import org.springframework.stereotype.Component; | ||
|
||
import javax.servlet.http.HttpServletRequest; | ||
import javax.servlet.http.HttpServletResponse; | ||
import java.io.IOException; | ||
import java.nio.charset.StandardCharsets; | ||
import java.util.Base64; | ||
import java.util.HashMap; | ||
|
||
@Component | ||
public class MyAuthenticationSucessHandler implements AuthenticationSuccessHandler { | ||
|
||
private Logger log = LoggerFactory.getLogger(this.getClass()); | ||
|
||
@Autowired | ||
private ClientDetailsService clientDetailsService; | ||
@Autowired | ||
private AuthorizationServerTokenServices authorizationServerTokenServices; | ||
|
||
@Override | ||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { | ||
// 1. 从请求头中获取 ClientId | ||
String header = request.getHeader("Authorization"); | ||
if (header == null || !header.startsWith("Basic ")) { | ||
throw new UnapprovedClientAuthenticationException("请求头中无client信息"); | ||
} | ||
|
||
String[] tokens = this.extractAndDecodeHeader(header, request); | ||
String clientId = tokens[0]; | ||
String clientSecret = tokens[1]; | ||
|
||
TokenRequest tokenRequest = null; | ||
|
||
// 2. 通过 ClientDetailsService 获取 ClientDetails | ||
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); | ||
|
||
// 3. 校验 ClientId和 ClientSecret的正确性 | ||
if (clientDetails == null) { | ||
throw new UnapprovedClientAuthenticationException("clientId:" + clientId + "对应的信息不存在"); | ||
} else if (!StringUtils.equals(clientDetails.getClientSecret(), clientSecret)) { | ||
throw new UnapprovedClientAuthenticationException("clientSecret不正确"); | ||
} else { | ||
// 4. 通过 TokenRequest构造器生成 TokenRequest | ||
tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom"); | ||
} | ||
|
||
// 5. 通过 TokenRequest的 createOAuth2Request方法获取 OAuth2Request | ||
OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); | ||
// 6. 通过 Authentication和 OAuth2Request构造出 OAuth2Authentication | ||
OAuth2Authentication auth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); | ||
|
||
// 7. 通过 AuthorizationServerTokenServices 生成 OAuth2AccessToken | ||
OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(auth2Authentication); | ||
|
||
// 8. 返回 Token | ||
log.info("登录成功"); | ||
response.setContentType("application/json;charset=UTF-8"); | ||
response.getWriter().write(new ObjectMapper().writeValueAsString(token)); | ||
} | ||
|
||
private String[] extractAndDecodeHeader(String header, HttpServletRequest request) { | ||
byte[] base64Token = header.substring(6).getBytes(StandardCharsets.UTF_8); | ||
|
||
byte[] decoded; | ||
try { | ||
decoded = Base64.getDecoder().decode(base64Token); | ||
} catch (IllegalArgumentException var7) { | ||
throw new BadCredentialsException("Failed to decode basic authentication token"); | ||
} | ||
|
||
String token = new String(decoded, StandardCharsets.UTF_8); | ||
int delim = token.indexOf(":"); | ||
if (delim == -1) { | ||
throw new BadCredentialsException("Invalid basic authentication token"); | ||
} else { | ||
return new String[]{token.substring(0, delim), token.substring(delim + 1)}; | ||
} | ||
} | ||
} |
Oops, something went wrong.