forked from wuyouzhuguli/SpringAll
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
mrbird
committed
Jun 26, 2019
1 parent
23a998d
commit 81f4ef6
Showing
22 changed files
with
944 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
| xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> | ||
| <modelVersion>4.0.0</modelVersion> | ||
| <parent> | ||
| <groupId>org.springframework.boot</groupId> | ||
| <artifactId>spring-boot-starter-parent</artifactId> | ||
| <version>2.1.6.RELEASE</version> | ||
| <relativePath/> <!-- lookup parent from repository --> | ||
| </parent> | ||
| <groupId>cc.mrbird</groupId> | ||
| <artifactId>security</artifactId> | ||
| <version>0.0.1-SNAPSHOT</version> | ||
| <name>security</name> | ||
| <description>Demo project for Spring Boot</description> | ||
|
|
||
| <properties> | ||
| <java.version>1.8</java.version> | ||
| <spring-cloud.version>Greenwich.SR1</spring-cloud.version> | ||
| </properties> | ||
|
|
||
| <dependencies> | ||
| <dependency> | ||
| <groupId>org.springframework.boot</groupId> | ||
| <artifactId>spring-boot-starter-web</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.springframework.cloud</groupId> | ||
| <artifactId>spring-cloud-starter</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.springframework.cloud</groupId> | ||
| <artifactId>spring-cloud-starter-oauth2</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.springframework.cloud</groupId> | ||
| <artifactId>spring-cloud-starter-security</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.apache.commons</groupId> | ||
| <artifactId>commons-lang3</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>org.springframework.boot</groupId> | ||
| <artifactId>spring-boot-starter-data-redis</artifactId> | ||
| </dependency> | ||
| <dependency> | ||
| <groupId>io.jsonwebtoken</groupId> | ||
| <artifactId>jjwt</artifactId> | ||
| <version>0.9.1</version> | ||
| </dependency> | ||
| </dependencies> | ||
|
|
||
| <dependencyManagement> | ||
| <dependencies> | ||
| <dependency> | ||
| <groupId>org.springframework.cloud</groupId> | ||
| <artifactId>spring-cloud-dependencies</artifactId> | ||
| <version>${spring-cloud.version}</version> | ||
| <type>pom</type> | ||
| <scope>import</scope> | ||
| </dependency> | ||
| </dependencies> | ||
| </dependencyManagement> | ||
|
|
||
| <build> | ||
| <plugins> | ||
| <plugin> | ||
| <groupId>org.springframework.boot</groupId> | ||
| <artifactId>spring-boot-maven-plugin</artifactId> | ||
| </plugin> | ||
| </plugins> | ||
| </build> | ||
|
|
||
| </project> |
13 changes: 13 additions & 0 deletions
13
65.Spring-Security-OAuth2-Config/src/main/java/cc/mrbird/security/SecurityApplication.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,13 @@ | ||
| package cc.mrbird.security; | ||
|
|
||
| import org.springframework.boot.SpringApplication; | ||
| import org.springframework.boot.autoconfigure.SpringBootApplication; | ||
|
|
||
| @SpringBootApplication | ||
| public class SecurityApplication { | ||
|
|
||
| public static void main(String[] args) { | ||
| SpringApplication.run(SecurityApplication.class, args); | ||
| } | ||
|
|
||
| } |
74 changes: 74 additions & 0 deletions
74
...rity-OAuth2-Config/src/main/java/cc/mrbird/security/config/AuthorizationServerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| package cc.mrbird.security.config; | ||
|
|
||
| import cc.mrbird.security.service.UserDetailService; | ||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.security.authentication.AuthenticationManager; | ||
| import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | ||
| import org.springframework.security.crypto.password.PasswordEncoder; | ||
| import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; | ||
| import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; | ||
| import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; | ||
| import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; | ||
| import org.springframework.security.oauth2.provider.token.TokenEnhancer; | ||
| import org.springframework.security.oauth2.provider.token.TokenEnhancerChain; | ||
| import org.springframework.security.oauth2.provider.token.TokenStore; | ||
| import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; | ||
|
|
||
| import java.util.ArrayList; | ||
| import java.util.List; | ||
|
|
||
| /** | ||
| * @author MrBird | ||
| */ | ||
| @Configuration | ||
| @EnableAuthorizationServer | ||
| public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { | ||
|
|
||
| // @Autowired | ||
| // private TokenStore redisTokenStore; | ||
| @Autowired | ||
| private TokenStore jwtTokenStore; | ||
| @Autowired | ||
| private JwtAccessTokenConverter jwtAccessTokenConverter; | ||
| @Autowired | ||
| private AuthenticationManager authenticationManager; | ||
| @Autowired | ||
| private TokenEnhancer tokenEnhancer; | ||
| @Autowired | ||
| private UserDetailService userDetailService; | ||
|
|
||
| @Bean | ||
| public PasswordEncoder passwordEncoder() { | ||
| return new BCryptPasswordEncoder(); | ||
| } | ||
|
|
||
| @Override | ||
| public void configure(AuthorizationServerEndpointsConfigurer endpoints) { | ||
| TokenEnhancerChain enhancerChain = new TokenEnhancerChain(); | ||
| List<TokenEnhancer> enhancers = new ArrayList<>(); | ||
| enhancers.add(tokenEnhancer); | ||
| enhancers.add(jwtAccessTokenConverter); | ||
| enhancerChain.setTokenEnhancers(enhancers); | ||
| endpoints.authenticationManager(authenticationManager) | ||
| .tokenStore(jwtTokenStore) | ||
| .accessTokenConverter(jwtAccessTokenConverter) | ||
| .userDetailsService(userDetailService); | ||
| } | ||
|
|
||
| @Override | ||
| public void configure(ClientDetailsServiceConfigurer clients) throws Exception { | ||
| clients.inMemory() | ||
| .withClient("test1") | ||
| .secret(new BCryptPasswordEncoder().encode("test1111")) | ||
| .authorizedGrantTypes("password", "refresh_token") | ||
| .accessTokenValiditySeconds(3600) | ||
| .refreshTokenValiditySeconds(864000) | ||
| .scopes("all", "a", "b", "c") | ||
| .and() | ||
| .withClient("test2") | ||
| .secret(new BCryptPasswordEncoder().encode("test2222")) | ||
| .accessTokenValiditySeconds(7200); | ||
| } | ||
| } |
33 changes: 33 additions & 0 deletions
33
65.Spring-Security-OAuth2-Config/src/main/java/cc/mrbird/security/config/JWTokenConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| package cc.mrbird.security.config; | ||
|
|
||
| import cc.mrbird.security.enhancer.JWTokenEnhancer; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.security.oauth2.provider.token.TokenEnhancer; | ||
| import org.springframework.security.oauth2.provider.token.TokenStore; | ||
| import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; | ||
| import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; | ||
|
|
||
| /** | ||
| * @author MrBird | ||
| */ | ||
| @Configuration | ||
| public class JWTokenConfig { | ||
|
|
||
| @Bean | ||
| public TokenStore jwtTokenStore() { | ||
| return new JwtTokenStore(jwtAccessTokenConverter()); | ||
| } | ||
|
|
||
| @Bean | ||
| public JwtAccessTokenConverter jwtAccessTokenConverter() { | ||
| JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter(); | ||
| accessTokenConverter.setSigningKey("test_key"); // 签名密钥 | ||
| return accessTokenConverter; | ||
| } | ||
|
|
||
| @Bean | ||
| public TokenEnhancer tokenEnhancer() { | ||
| return new JWTokenEnhancer(); | ||
| } | ||
| } |
46 changes: 46 additions & 0 deletions
46
...-Security-OAuth2-Config/src/main/java/cc/mrbird/security/config/ResourceServerConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,46 @@ | ||
| package cc.mrbird.security.config; | ||
|
|
||
| import cc.mrbird.security.handler.MyAuthenticationFailureHandler; | ||
| import cc.mrbird.security.handler.MyAuthenticationSucessHandler; | ||
| import cc.mrbird.security.validate.smscode.SmsAuthenticationConfig; | ||
| import cc.mrbird.security.validate.smscode.SmsCodeFilter; | ||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.security.config.annotation.web.builders.HttpSecurity; | ||
| import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; | ||
| import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; | ||
| import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; | ||
|
|
||
| /** | ||
| * @author MrBird | ||
| */ | ||
| @Configuration | ||
| @EnableResourceServer | ||
| public class ResourceServerConfig extends ResourceServerConfigurerAdapter { | ||
|
|
||
| @Autowired | ||
| private MyAuthenticationSucessHandler authenticationSucessHandler; | ||
| @Autowired | ||
| private MyAuthenticationFailureHandler authenticationFailureHandler; | ||
| @Autowired | ||
| private SmsCodeFilter smsCodeFilter; | ||
| @Autowired | ||
| private SmsAuthenticationConfig smsAuthenticationConfig; | ||
|
|
||
| @Override | ||
| public void configure(HttpSecurity http) throws Exception { | ||
| http.addFilterBefore(smsCodeFilter, UsernamePasswordAuthenticationFilter.class) // 添加短信验证码校验过滤器 | ||
| .formLogin() // 表单登录 | ||
| .loginProcessingUrl("/login") // 处理表单登录 URL | ||
| .successHandler(authenticationSucessHandler) // 处理登录成功 | ||
| .failureHandler(authenticationFailureHandler) // 处理登录失败 | ||
| .and() | ||
| .authorizeRequests() // 授权配置 | ||
| .antMatchers("/code/sms").permitAll() | ||
| .anyRequest() // 所有请求 | ||
| .authenticated() // 都需要认证 | ||
| .and() | ||
| .csrf().disable() | ||
| .apply(smsAuthenticationConfig); | ||
| } | ||
| } |
20 changes: 20 additions & 0 deletions
20
65.Spring-Security-OAuth2-Config/src/main/java/cc/mrbird/security/config/SecurityConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| package cc.mrbird.security.config; | ||
|
|
||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.security.authentication.AuthenticationManager; | ||
| import org.springframework.security.config.BeanIds; | ||
| import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; | ||
|
|
||
| /** | ||
| * @author MrBird | ||
| */ | ||
| @Configuration | ||
| public class SecurityConfig extends WebSecurityConfigurerAdapter { | ||
|
|
||
| @Bean(name = BeanIds.AUTHENTICATION_MANAGER) | ||
| @Override | ||
| public AuthenticationManager authenticationManagerBean() throws Exception { | ||
| return super.authenticationManagerBean(); | ||
| } | ||
| } |
24 changes: 24 additions & 0 deletions
24
...ring-Security-OAuth2-Config/src/main/java/cc/mrbird/security/config/TokenStoreConfig.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| package cc.mrbird.security.config; | ||
|
|
||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.context.annotation.Bean; | ||
| import org.springframework.context.annotation.Configuration; | ||
| import org.springframework.data.redis.connection.RedisConnectionFactory; | ||
| import org.springframework.security.oauth2.provider.token.TokenStore; | ||
| import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; | ||
|
|
||
| /** | ||
| * @author MrBird | ||
| */ | ||
| @Configuration | ||
| public class TokenStoreConfig { | ||
|
|
||
| @Autowired | ||
| private RedisConnectionFactory redisConnectionFactory; | ||
|
|
||
| // @Bean | ||
| // public TokenStore redisTokenStore(){ | ||
| // return new RedisTokenStore(redisConnectionFactory); | ||
| // } | ||
|
|
||
| } |
26 changes: 26 additions & 0 deletions
26
...ng-Security-OAuth2-Config/src/main/java/cc/mrbird/security/controller/UserController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| package cc.mrbird.security.controller; | ||
|
|
||
| import io.jsonwebtoken.Jwts; | ||
| import org.apache.commons.lang3.StringUtils; | ||
| import org.springframework.security.core.Authentication; | ||
| import org.springframework.security.core.annotation.AuthenticationPrincipal; | ||
| import org.springframework.web.bind.annotation.GetMapping; | ||
| import org.springframework.web.bind.annotation.RestController; | ||
|
|
||
| import javax.servlet.http.HttpServletRequest; | ||
| import java.nio.charset.StandardCharsets; | ||
|
|
||
| /** | ||
| * @author MrBird | ||
| */ | ||
| @RestController | ||
| public class UserController { | ||
|
|
||
| @GetMapping("index") | ||
| public Object index(@AuthenticationPrincipal Authentication authentication, HttpServletRequest request) { | ||
| String header = request.getHeader("Authorization"); | ||
| String token = StringUtils.substringAfter(header, "bearer "); | ||
|
|
||
| return Jwts.parser().setSigningKey("test_key".getBytes(StandardCharsets.UTF_8)).parseClaimsJws(token).getBody(); | ||
| } | ||
| } |
33 changes: 33 additions & 0 deletions
33
...ecurity-OAuth2-Config/src/main/java/cc/mrbird/security/controller/ValidateController.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| package cc.mrbird.security.controller; | ||
|
|
||
| import cc.mrbird.security.service.RedisCodeService; | ||
| import cc.mrbird.security.validate.smscode.SmsCode; | ||
| import org.apache.commons.lang3.RandomStringUtils; | ||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.web.bind.annotation.GetMapping; | ||
| import org.springframework.web.bind.annotation.RestController; | ||
| import org.springframework.web.context.request.ServletWebRequest; | ||
|
|
||
| import javax.servlet.http.HttpServletRequest; | ||
| import javax.servlet.http.HttpServletResponse; | ||
|
|
||
| @RestController | ||
| public class ValidateController { | ||
|
|
||
| @Autowired | ||
| private RedisCodeService redisCodeService; | ||
|
|
||
| @GetMapping("/code/sms") | ||
| public void createSmsCode(HttpServletRequest request, HttpServletResponse response, String mobile) throws Exception { | ||
| SmsCode smsCode = createSMSCode(); | ||
| redisCodeService.save(smsCode, new ServletWebRequest(request), mobile); | ||
| // 输出验证码到控制台代替短信发送服务 | ||
| System.out.println("手机号" + mobile + "的登录验证码为:" + smsCode.getCode() + ",有效时间为120秒"); | ||
| } | ||
|
|
||
| private SmsCode createSMSCode() { | ||
| String code = RandomStringUtils.randomNumeric(6); | ||
| return new SmsCode(code); | ||
| } | ||
|
|
||
| } |
Oops, something went wrong.