mirror of
https://gitee.com/log4j/pig.git
synced 2025-01-03 23:42:22 +08:00
!454 spring authorization server apply已过时
Merge pull request !454 from twelvet/jdk17-dev
This commit is contained in:
commit
b53256bc18
@ -33,6 +33,7 @@ import org.springframework.context.annotation.Configuration;
|
|||||||
import org.springframework.core.Ordered;
|
import org.springframework.core.Ordered;
|
||||||
import org.springframework.core.annotation.Order;
|
import org.springframework.core.annotation.Order;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
|
import org.springframework.security.config.Customizer;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||||
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
|
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
|
||||||
@ -65,14 +66,14 @@ public class AuthorizationServerConfiguration {
|
|||||||
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
||||||
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer();
|
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer();
|
||||||
|
|
||||||
http.apply(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> {// 个性化认证授权端点
|
http.with(authorizationServerConfigurer.tokenEndpoint((tokenEndpoint) -> {// 个性化认证授权端点
|
||||||
tokenEndpoint.accessTokenRequestConverter(accessTokenRequestConverter()) // 注入自定义的授权认证Converter
|
tokenEndpoint.accessTokenRequestConverter(accessTokenRequestConverter()) // 注入自定义的授权认证Converter
|
||||||
.accessTokenResponseHandler(new PigAuthenticationSuccessEventHandler()) // 登录成功处理器
|
.accessTokenResponseHandler(new PigAuthenticationSuccessEventHandler()) // 登录成功处理器
|
||||||
.errorResponseHandler(new PigAuthenticationFailureEventHandler());// 登录失败处理器
|
.errorResponseHandler(new PigAuthenticationFailureEventHandler());// 登录失败处理器
|
||||||
}).clientAuthentication(oAuth2ClientAuthenticationConfigurer -> // 个性化客户端认证
|
}).clientAuthentication(oAuth2ClientAuthenticationConfigurer -> // 个性化客户端认证
|
||||||
oAuth2ClientAuthenticationConfigurer.errorResponseHandler(new PigAuthenticationFailureEventHandler()))// 处理客户端认证异常
|
oAuth2ClientAuthenticationConfigurer.errorResponseHandler(new PigAuthenticationFailureEventHandler()))// 处理客户端认证异常
|
||||||
.authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint// 授权码端点个性化confirm页面
|
.authorizationEndpoint(authorizationEndpoint -> authorizationEndpoint// 授权码端点个性化confirm页面
|
||||||
.consentPage(SecurityConstants.CUSTOM_CONSENT_PAGE_URI)));
|
.consentPage(SecurityConstants.CUSTOM_CONSENT_PAGE_URI)), Customizer.withDefaults());
|
||||||
|
|
||||||
AntPathRequestMatcher[] requestMatchers = new AntPathRequestMatcher[] {
|
AntPathRequestMatcher[] requestMatchers = new AntPathRequestMatcher[] {
|
||||||
AntPathRequestMatcher.antMatcher("/token/**"), AntPathRequestMatcher.antMatcher("/actuator/**"),
|
AntPathRequestMatcher.antMatcher("/token/**"), AntPathRequestMatcher.antMatcher("/actuator/**"),
|
||||||
@ -83,10 +84,11 @@ public class AuthorizationServerConfiguration {
|
|||||||
authorizeRequests.requestMatchers(requestMatchers).permitAll();
|
authorizeRequests.requestMatchers(requestMatchers).permitAll();
|
||||||
authorizeRequests.anyRequest().authenticated();
|
authorizeRequests.anyRequest().authenticated();
|
||||||
})
|
})
|
||||||
.apply(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
|
.with(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
|
||||||
.authorizationServerSettings(
|
.authorizationServerSettings(
|
||||||
AuthorizationServerSettings.builder().issuer(SecurityConstants.PROJECT_LICENSE).build()));
|
AuthorizationServerSettings.builder().issuer(SecurityConstants.PROJECT_LICENSE).build()),
|
||||||
http.apply(new FormIdentityLoginConfigurer());
|
Customizer.withDefaults());
|
||||||
|
http.with(new FormIdentityLoginConfigurer(), Customizer.withDefaults());
|
||||||
DefaultSecurityFilterChain securityFilterChain = http.build();
|
DefaultSecurityFilterChain securityFilterChain = http.build();
|
||||||
|
|
||||||
// 注入自定义授权模式实现
|
// 注入自定义授权模式实现
|
||||||
|
@ -20,6 +20,7 @@ import com.pig4cloud.pig.auth.support.core.FormIdentityLoginConfigurer;
|
|||||||
import com.pig4cloud.pig.auth.support.core.PigDaoAuthenticationProvider;
|
import com.pig4cloud.pig.auth.support.core.PigDaoAuthenticationProvider;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.core.annotation.Order;
|
import org.springframework.core.annotation.Order;
|
||||||
|
import org.springframework.security.config.Customizer;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||||
@ -48,7 +49,7 @@ public class WebSecurityConfiguration {
|
|||||||
.permitAll()// 开放自定义的部分端点
|
.permitAll()// 开放自定义的部分端点
|
||||||
.anyRequest()
|
.anyRequest()
|
||||||
.authenticated()).headers(header -> header.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin)// 避免iframe同源无法登录许iframe
|
.authenticated()).headers(header -> header.frameOptions(HeadersConfigurer.FrameOptionsConfig::sameOrigin)// 避免iframe同源无法登录许iframe
|
||||||
).apply(new FormIdentityLoginConfigurer()); // 表单登录个性化
|
).with(new FormIdentityLoginConfigurer(), Customizer.withDefaults()); // 表单登录个性化
|
||||||
// 处理 UsernamePasswordAuthenticationToken
|
// 处理 UsernamePasswordAuthenticationToken
|
||||||
http.authenticationProvider(new PigDaoAuthenticationProvider());
|
http.authenticationProvider(new PigDaoAuthenticationProvider());
|
||||||
return http.build();
|
return http.build();
|
||||||
|
@ -24,9 +24,9 @@ import java.util.*;
|
|||||||
public class CustomeOAuth2AccessTokenGenerator implements OAuth2TokenGenerator<OAuth2AccessToken> {
|
public class CustomeOAuth2AccessTokenGenerator implements OAuth2TokenGenerator<OAuth2AccessToken> {
|
||||||
|
|
||||||
private OAuth2TokenCustomizer<OAuth2TokenClaimsContext> accessTokenCustomizer;
|
private OAuth2TokenCustomizer<OAuth2TokenClaimsContext> accessTokenCustomizer;
|
||||||
private final StringKeyGenerator accessTokenGenerator =
|
|
||||||
new Base64StringKeyGenerator(Base64.getUrlEncoder().withoutPadding(), 96);
|
|
||||||
|
|
||||||
|
private final StringKeyGenerator accessTokenGenerator = new Base64StringKeyGenerator(
|
||||||
|
Base64.getUrlEncoder().withoutPadding(), 96);
|
||||||
|
|
||||||
@Nullable
|
@Nullable
|
||||||
@Override
|
@Override
|
||||||
@ -85,8 +85,8 @@ public class CustomeOAuth2AccessTokenGenerator implements OAuth2TokenGenerator<O
|
|||||||
|
|
||||||
OAuth2TokenClaimsSet accessTokenClaimsSet = claimsBuilder.build();
|
OAuth2TokenClaimsSet accessTokenClaimsSet = claimsBuilder.build();
|
||||||
return new CustomeOAuth2AccessTokenGenerator.OAuth2AccessTokenClaims(OAuth2AccessToken.TokenType.BEARER,
|
return new CustomeOAuth2AccessTokenGenerator.OAuth2AccessTokenClaims(OAuth2AccessToken.TokenType.BEARER,
|
||||||
this.accessTokenGenerator.generateKey(), accessTokenClaimsSet.getIssuedAt(), accessTokenClaimsSet.getExpiresAt(),
|
this.accessTokenGenerator.generateKey(), accessTokenClaimsSet.getIssuedAt(),
|
||||||
context.getAuthorizedScopes(), accessTokenClaimsSet.getClaims());
|
accessTokenClaimsSet.getExpiresAt(), context.getAuthorizedScopes(), accessTokenClaimsSet.getClaims());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -111,7 +111,7 @@ public class PigDaoAuthenticationProvider extends AbstractUserDetailsAuthenticat
|
|||||||
.filter(service -> service.support(finalClientId, grantType))
|
.filter(service -> service.support(finalClientId, grantType))
|
||||||
.max(Comparator.comparingInt(Ordered::getOrder));
|
.max(Comparator.comparingInt(Ordered::getOrder));
|
||||||
|
|
||||||
if (!optional.isPresent()) {
|
if (optional.isEmpty()) {
|
||||||
throw new InternalAuthenticationServiceException("UserDetailsService error , not register");
|
throw new InternalAuthenticationServiceException("UserDetailsService error , not register");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -48,13 +48,17 @@ public class PigInitQuartzJob implements InitializingBean {
|
|||||||
sysJobService.list().forEach(sysjob -> {
|
sysJobService.list().forEach(sysjob -> {
|
||||||
if (PigQuartzEnum.JOB_STATUS_RELEASE.getType().equals(sysjob.getJobStatus())) {
|
if (PigQuartzEnum.JOB_STATUS_RELEASE.getType().equals(sysjob.getJobStatus())) {
|
||||||
taskUtil.removeJob(sysjob, scheduler);
|
taskUtil.removeJob(sysjob, scheduler);
|
||||||
} else if (PigQuartzEnum.JOB_STATUS_RUNNING.getType().equals(sysjob.getJobStatus())) {
|
}
|
||||||
|
else if (PigQuartzEnum.JOB_STATUS_RUNNING.getType().equals(sysjob.getJobStatus())) {
|
||||||
taskUtil.resumeJob(sysjob, scheduler);
|
taskUtil.resumeJob(sysjob, scheduler);
|
||||||
} else if (PigQuartzEnum.JOB_STATUS_NOT_RUNNING.getType().equals(sysjob.getJobStatus())) {
|
}
|
||||||
|
else if (PigQuartzEnum.JOB_STATUS_NOT_RUNNING.getType().equals(sysjob.getJobStatus())) {
|
||||||
taskUtil.pauseJob(sysjob, scheduler);
|
taskUtil.pauseJob(sysjob, scheduler);
|
||||||
} else {
|
}
|
||||||
|
else {
|
||||||
taskUtil.removeJob(sysjob, scheduler);
|
taskUtil.removeJob(sysjob, scheduler);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user