mirror of
https://gitee.com/log4j/pig.git
synced 2024-12-22 12:48:58 +08:00
fix(auth): Boot jdk17 版本启动时SecurityFilterChain报错
Closes IBB9HM
This commit is contained in:
冷冷
parent
6877d1a4ae
commit
d2f3176147
@ -4,7 +4,7 @@ body:
|
||||
- type: dropdown
|
||||
id: version
|
||||
attributes:
|
||||
label: PIG版本
|
||||
label: PIG版本(提问先右上角 Star ♥️)
|
||||
options:
|
||||
- "不处理PIGX或其他魔改版本"
|
||||
- "3.8"
|
||||
@ -22,7 +22,7 @@ body:
|
||||
- type: textarea
|
||||
id: desired-solution
|
||||
attributes:
|
||||
label: 问题描述
|
||||
label: 问题描述,提供详细截图和报错
|
||||
description: 详细问题,提供相应截图和日志,一分钟的描述不需要期望别人花半小时帮你排查
|
||||
validations:
|
||||
required: true
|
||||
|
||||
@ -27,9 +27,6 @@ import com.pig4cloud.pig.auth.support.handler.PigAuthenticationSuccessEventHandl
|
||||
import com.pig4cloud.pig.auth.support.password.OAuth2ResourceOwnerPasswordAuthenticationProvider;
|
||||
import com.pig4cloud.pig.auth.support.sms.OAuth2ResourceOwnerSmsAuthenticationProvider;
|
||||
import com.pig4cloud.pig.common.core.constant.SecurityConstants;
|
||||
import com.pig4cloud.pig.common.security.component.PermitAllUrlProperties;
|
||||
import com.pig4cloud.pig.common.security.component.PigBearerTokenExtractor;
|
||||
import com.pig4cloud.pig.common.security.component.ResourceAuthExceptionEntryPoint;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
@ -38,18 +35,14 @@ import org.springframework.core.annotation.Order;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.Customizer;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
|
||||
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
|
||||
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
|
||||
import org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings;
|
||||
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
|
||||
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.AuthenticationConverter;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
|
||||
/**
|
||||
* @author lengleng 认证授权服务器配置
|
||||
@ -58,29 +51,22 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
@RequiredArgsConstructor
|
||||
public class PigBootSecurityServerConfiguration {
|
||||
|
||||
private final ResourceAuthExceptionEntryPoint resourceAuthExceptionEntryPoint;
|
||||
|
||||
private final OpaqueTokenIntrospector customOpaqueTokenIntrospector;
|
||||
|
||||
private final AuthenticationConverter accessTokenRequestConverter;
|
||||
|
||||
private final OAuth2AuthorizationService authorizationService;
|
||||
|
||||
private final PigBearerTokenExtractor pigBearerTokenExtractor;
|
||||
|
||||
private final PasswordDecoderFilter passwordDecoderFilter;
|
||||
|
||||
private final OAuth2TokenGenerator oAuth2TokenGenerator;
|
||||
|
||||
private final ValidateCodeFilter validateCodeFilter;
|
||||
|
||||
private final PermitAllUrlProperties permitAllUrl;
|
||||
|
||||
@Bean
|
||||
@Order(Ordered.HIGHEST_PRECEDENCE)
|
||||
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
|
||||
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer = new OAuth2AuthorizationServerConfigurer();
|
||||
|
||||
// 配置授权服务器的安全策略,只有/oauth2/**的请求才会走如下的配置
|
||||
http.securityMatcher("/oauth2/**");
|
||||
// 增加验证码过滤器
|
||||
http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
// 增加密码解密过滤器
|
||||
@ -99,25 +85,6 @@ public class PigBootSecurityServerConfiguration {
|
||||
AuthorizationServerSettings.builder().issuer(SecurityConstants.PROJECT_LICENSE).build()),
|
||||
Customizer.withDefaults());
|
||||
|
||||
// 资源服务器配置
|
||||
AntPathRequestMatcher[] requestMatchers = permitAllUrl.getUrls()
|
||||
.stream()
|
||||
.map(AntPathRequestMatcher::new)
|
||||
.toList()
|
||||
.toArray(new AntPathRequestMatcher[] {});
|
||||
|
||||
http.authorizeHttpRequests(authorizeRequests -> authorizeRequests.requestMatchers(requestMatchers)
|
||||
.permitAll()
|
||||
.anyRequest()
|
||||
.authenticated())
|
||||
.oauth2ResourceServer(
|
||||
oauth2 -> oauth2.opaqueToken(token -> token.introspector(customOpaqueTokenIntrospector))
|
||||
.authenticationEntryPoint(resourceAuthExceptionEntryPoint)
|
||||
.bearerTokenResolver(pigBearerTokenExtractor))
|
||||
.exceptionHandling(configurer -> configurer.authenticationEntryPoint(resourceAuthExceptionEntryPoint))
|
||||
.headers(headers -> headers.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
|
||||
.csrf(AbstractHttpConfigurer::disable);
|
||||
|
||||
http.with(authorizationServerConfigurer.authorizationService(authorizationService)// redis存储token的实现
|
||||
.authorizationServerSettings(
|
||||
AuthorizationServerSettings.builder().issuer(SecurityConstants.PROJECT_LICENSE).build()),
|
||||
|
||||
Loading…
Reference in New Issue
Block a user