mirror of
https://gitee.com/log4j/pig.git
synced 2024-12-23 05:00:23 +08:00
!281 280 ⬆️ 升级 spring-authorization-server 到 0.4.0
Merge pull request !281 from 徐晓伟/spring-authorization-server-0.4.0
This commit is contained in:
commit
85f239f5bf
@ -34,9 +34,9 @@ import org.springframework.core.Ordered;
|
|||||||
import org.springframework.core.annotation.Order;
|
import org.springframework.core.annotation.Order;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
import org.springframework.security.oauth2.server.authorization.config.ProviderSettings;
|
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.DelegatingOAuth2TokenGenerator;
|
import org.springframework.security.oauth2.server.authorization.token.DelegatingOAuth2TokenGenerator;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.OAuth2RefreshTokenGenerator;
|
import org.springframework.security.oauth2.server.authorization.token.OAuth2RefreshTokenGenerator;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
|
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
|
||||||
@ -63,7 +63,7 @@ public class AuthorizationServerConfiguration {
|
|||||||
@Bean
|
@Bean
|
||||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||||
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
||||||
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer<>();
|
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer();
|
||||||
|
|
||||||
http.apply(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> {// 个性化认证授权端点
|
http.apply(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> {// 个性化认证授权端点
|
||||||
tokenEndpoint.accessTokenRequestConverter(accessTokenRequestConverter()) // 注入自定义的授权认证Converter
|
tokenEndpoint.accessTokenRequestConverter(accessTokenRequestConverter()) // 注入自定义的授权认证Converter
|
||||||
@ -78,7 +78,8 @@ public class AuthorizationServerConfiguration {
|
|||||||
DefaultSecurityFilterChain securityFilterChain = http.requestMatcher(endpointsMatcher)
|
DefaultSecurityFilterChain securityFilterChain = http.requestMatcher(endpointsMatcher)
|
||||||
.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated())
|
.authorizeRequests(authorizeRequests -> authorizeRequests.anyRequest().authenticated())
|
||||||
.apply(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
|
.apply(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
|
||||||
.providerSettings(ProviderSettings.builder().issuer(SecurityConstants.PROJECT_LICENSE).build()))
|
.authorizationServerSettings(AuthorizationServerSettings.builder()
|
||||||
|
.issuer(SecurityConstants.PROJECT_LICENSE).build()))
|
||||||
// 授权码登录的登录页个性化
|
// 授权码登录的登录页个性化
|
||||||
.and().apply(new FormIdentityLoginConfigurer()).and().build();
|
.and().apply(new FormIdentityLoginConfigurer()).and().build();
|
||||||
|
|
||||||
|
@ -46,12 +46,12 @@ import org.springframework.http.converter.HttpMessageConverter;
|
|||||||
import org.springframework.http.server.ServletServerHttpResponse;
|
import org.springframework.http.server.ServletServerHttpResponse;
|
||||||
import org.springframework.security.authentication.event.LogoutSuccessEvent;
|
import org.springframework.security.authentication.event.LogoutSuccessEvent;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||||
import org.springframework.security.oauth2.core.OAuth2TokenType;
|
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
import org.springframework.security.oauth2.core.http.converter.OAuth2AccessTokenResponseHttpMessageConverter;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
|
||||||
import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
|
import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
|
||||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||||
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
|
||||||
|
@ -3,10 +3,10 @@ package com.pig4cloud.pig.auth.support;
|
|||||||
import org.springframework.lang.Nullable;
|
import org.springframework.lang.Nullable;
|
||||||
import org.springframework.security.oauth2.core.ClaimAccessor;
|
import org.springframework.security.oauth2.core.ClaimAccessor;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||||
import org.springframework.security.oauth2.core.OAuth2TokenFormat;
|
|
||||||
import org.springframework.security.oauth2.core.OAuth2TokenType;
|
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.*;
|
import org.springframework.security.oauth2.server.authorization.token.*;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
import org.springframework.util.CollectionUtils;
|
import org.springframework.util.CollectionUtils;
|
||||||
@ -35,8 +35,8 @@ public class CustomeOAuth2AccessTokenGenerator implements OAuth2TokenGenerator<O
|
|||||||
}
|
}
|
||||||
|
|
||||||
String issuer = null;
|
String issuer = null;
|
||||||
if (context.getProviderContext() != null) {
|
if (context.getAuthorizationServerContext() != null) {
|
||||||
issuer = context.getProviderContext().getIssuer();
|
issuer = context.getAuthorizationServerContext().getIssuer();
|
||||||
}
|
}
|
||||||
RegisteredClient registeredClient = context.getRegisteredClient();
|
RegisteredClient registeredClient = context.getRegisteredClient();
|
||||||
|
|
||||||
@ -65,7 +65,7 @@ public class CustomeOAuth2AccessTokenGenerator implements OAuth2TokenGenerator<O
|
|||||||
OAuth2TokenClaimsContext.Builder accessTokenContextBuilder = OAuth2TokenClaimsContext.with(claimsBuilder)
|
OAuth2TokenClaimsContext.Builder accessTokenContextBuilder = OAuth2TokenClaimsContext.with(claimsBuilder)
|
||||||
.registeredClient(context.getRegisteredClient())
|
.registeredClient(context.getRegisteredClient())
|
||||||
.principal(context.getPrincipal())
|
.principal(context.getPrincipal())
|
||||||
.providerContext(context.getProviderContext())
|
.authorizationServerContext(context.getAuthorizationServerContext())
|
||||||
.authorizedScopes(context.getAuthorizedScopes())
|
.authorizedScopes(context.getAuthorizedScopes())
|
||||||
.tokenType(context.getTokenType())
|
.tokenType(context.getTokenType())
|
||||||
.authorizationGrantType(context.getAuthorizationGrantType());
|
.authorizationGrantType(context.getAuthorizationGrantType());
|
||||||
|
@ -13,10 +13,11 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|||||||
import org.springframework.security.oauth2.core.*;
|
import org.springframework.security.oauth2.core.*;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
|
||||||
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
|
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2ClientAuthenticationToken;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.security.oauth2.server.authorization.context.ProviderContextHolder;
|
import org.springframework.security.oauth2.server.authorization.context.AuthorizationServerContextHolder;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
|
import org.springframework.security.oauth2.server.authorization.token.DefaultOAuth2TokenContext;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
|
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
|
||||||
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
|
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
|
||||||
@ -144,7 +145,7 @@ public abstract class OAuth2ResourceOwnerBaseAuthenticationProvider<T extends OA
|
|||||||
DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
|
DefaultOAuth2TokenContext.Builder tokenContextBuilder = DefaultOAuth2TokenContext.builder()
|
||||||
.registeredClient(registeredClient)
|
.registeredClient(registeredClient)
|
||||||
.principal(usernamePasswordAuthentication)
|
.principal(usernamePasswordAuthentication)
|
||||||
.providerContext(ProviderContextHolder.getProviderContext())
|
.authorizationServerContext(AuthorizationServerContextHolder.getContext())
|
||||||
.authorizedScopes(authorizedScopes)
|
.authorizedScopes(authorizedScopes)
|
||||||
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
|
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
|
||||||
.authorizationGrant(resouceOwnerBaseAuthentication);
|
.authorizationGrant(resouceOwnerBaseAuthentication);
|
||||||
@ -153,7 +154,8 @@ public abstract class OAuth2ResourceOwnerBaseAuthenticationProvider<T extends OA
|
|||||||
OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization
|
OAuth2Authorization.Builder authorizationBuilder = OAuth2Authorization
|
||||||
.withRegisteredClient(registeredClient).principalName(usernamePasswordAuthentication.getName())
|
.withRegisteredClient(registeredClient).principalName(usernamePasswordAuthentication.getName())
|
||||||
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
|
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
|
||||||
.attribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME, authorizedScopes);
|
// 0.4.0 新增的方法
|
||||||
|
.authorizedScopes(authorizedScopes);
|
||||||
|
|
||||||
// ----- Access token -----
|
// ----- Access token -----
|
||||||
OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
|
OAuth2TokenContext tokenContext = tokenContextBuilder.tokenType(OAuth2TokenType.ACCESS_TOKEN).build();
|
||||||
@ -171,7 +173,8 @@ public abstract class OAuth2ResourceOwnerBaseAuthenticationProvider<T extends OA
|
|||||||
.token(accessToken,
|
.token(accessToken,
|
||||||
(metadata) -> metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME,
|
(metadata) -> metadata.put(OAuth2Authorization.Token.CLAIMS_METADATA_NAME,
|
||||||
((ClaimAccessor) generatedAccessToken).getClaims()))
|
((ClaimAccessor) generatedAccessToken).getClaims()))
|
||||||
.attribute(OAuth2Authorization.AUTHORIZED_SCOPE_ATTRIBUTE_NAME, authorizedScopes)
|
// 0.4.0 新增的方法
|
||||||
|
.authorizedScopes(authorizedScopes)
|
||||||
.attribute(Principal.class.getName(), usernamePasswordAuthentication);
|
.attribute(Principal.class.getName(), usernamePasswordAuthentication);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -12,9 +12,9 @@ import org.springframework.security.core.userdetails.UserDetails;
|
|||||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||||
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
|
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
|
||||||
import org.springframework.security.oauth2.core.OAuth2TokenType;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
|
||||||
import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
|
import org.springframework.security.oauth2.server.resource.InvalidBearerTokenException;
|
||||||
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
|
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
|
||||||
|
|
||||||
|
@ -5,12 +5,12 @@ import org.springframework.data.redis.core.RedisTemplate;
|
|||||||
import org.springframework.data.redis.serializer.RedisSerializer;
|
import org.springframework.data.redis.serializer.RedisSerializer;
|
||||||
import org.springframework.lang.Nullable;
|
import org.springframework.lang.Nullable;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
import org.springframework.security.oauth2.core.OAuth2AccessToken;
|
||||||
import org.springframework.security.oauth2.core.OAuth2AuthorizationCode;
|
|
||||||
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
|
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
|
||||||
import org.springframework.security.oauth2.core.OAuth2TokenType;
|
|
||||||
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
|
||||||
import org.springframework.util.Assert;
|
import org.springframework.util.Assert;
|
||||||
|
|
||||||
import java.time.temporal.ChronoUnit;
|
import java.time.temporal.ChronoUnit;
|
||||||
|
@ -13,11 +13,11 @@ import lombok.SneakyThrows;
|
|||||||
import org.springframework.cache.annotation.Cacheable;
|
import org.springframework.cache.annotation.Cacheable;
|
||||||
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
import org.springframework.security.oauth2.core.AuthorizationGrantType;
|
||||||
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
|
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
|
||||||
import org.springframework.security.oauth2.core.OAuth2TokenFormat;
|
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
|
||||||
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
|
||||||
import org.springframework.security.oauth2.server.authorization.config.ClientSettings;
|
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
|
||||||
import org.springframework.security.oauth2.server.authorization.config.TokenSettings;
|
import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
|
||||||
|
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
|
||||||
import org.springframework.util.StringUtils;
|
import org.springframework.util.StringUtils;
|
||||||
|
|
||||||
import java.time.Duration;
|
import java.time.Duration;
|
||||||
|
2
pom.xml
2
pom.xml
@ -34,7 +34,7 @@
|
|||||||
<maven.compiler.source>1.8</maven.compiler.source>
|
<maven.compiler.source>1.8</maven.compiler.source>
|
||||||
<maven.compiler.target>1.8</maven.compiler.target>
|
<maven.compiler.target>1.8</maven.compiler.target>
|
||||||
<spring-boot-admin.version>2.7.7</spring-boot-admin.version>
|
<spring-boot-admin.version>2.7.7</spring-boot-admin.version>
|
||||||
<spring.authorization.version>0.3.1</spring.authorization.version>
|
<spring.authorization.version>0.4.0</spring.authorization.version>
|
||||||
<dynamic-ds.version>3.5.1</dynamic-ds.version>
|
<dynamic-ds.version>3.5.1</dynamic-ds.version>
|
||||||
<captcha.version>2.2.2</captcha.version>
|
<captcha.version>2.2.2</captcha.version>
|
||||||
<velocity.version>2.3</velocity.version>
|
<velocity.version>2.3</velocity.version>
|
||||||
|
Loading…
Reference in New Issue
Block a user