diff --git a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java index eb6d5394d..58db4a394 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java +++ b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java @@ -17,6 +17,7 @@ import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; @@ -48,7 +49,6 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap private DataSource dataSource; private AuthenticationManager authenticationManager; private UserDetailsServiceImpl userDetailsService; - private PasswordEncoder passwordEncoder; /** * 配置客户端详情(数据库) @@ -72,9 +72,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap tokenEnhancers.add(tokenEnhancer()); tokenEnhancers.add(jwtAccessTokenConverter()); tokenEnhancerChain.setTokenEnhancers(tokenEnhancers); - endpoints - .authenticationManager(authenticationManager) .accessTokenConverter(jwtAccessTokenConverter()) .tokenEnhancer(tokenEnhancerChain) @@ -94,14 +92,12 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap /** * 自定义认证异常响应数据 - * - * @return */ @Bean public AuthenticationEntryPoint authenticationEntryPoint() { return (request, response, e) -> { response.setStatus(HttpStatus.HTTP_OK); - response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); + response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE); response.setHeader("Access-Control-Allow-Origin", "*"); response.setHeader("Cache-Control", "no-cache"); Result result = Result.failed(ResultCode.CLIENT_AUTHENTICATION_FAILED); @@ -126,8 +122,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap */ @Bean public KeyPair keyPair() { - KeyStoreKeyFactory factory = new KeyStoreKeyFactory( - new ClassPathResource("youlai.jks"), "123456".toCharArray()); + KeyStoreKeyFactory factory = new KeyStoreKeyFactory(new ClassPathResource("youlai.jks"), "123456".toCharArray()); KeyPair keyPair = factory.getKeyPair("youlai", "123456".toCharArray()); return keyPair; } @@ -151,9 +146,19 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap @Bean public DaoAuthenticationProvider authenticationProvider() { DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); - provider.setHideUserNotFoundExceptions(false); + provider.setHideUserNotFoundExceptions(false); // 用户不存在异常抛出 provider.setUserDetailsService(userDetailsService); - provider.setPasswordEncoder(passwordEncoder); + provider.setPasswordEncoder(passwordEncoder()); return provider; } + + /** + * 密码编码器 + * 密码判读 DaoAuthenticationProvider#additionalAuthenticationChecks + * @return + */ + @Bean + public PasswordEncoder passwordEncoder() { + return PasswordEncoderFactories.createDelegatingPasswordEncoder(); + } } diff --git a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java index e81f5922a..8570009e8 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java +++ b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java @@ -30,17 +30,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .csrf().disable(); } - /** - * 如果不配置SpringBoot会自动配置一个AuthenticationManager,覆盖掉内存中的用户 - */ @Bean - public AuthenticationManager authenticationManagerBean() throws Exception { + public AuthenticationManager authenticationManager() throws Exception { return super.authenticationManagerBean(); } - @Bean - public PasswordEncoder passwordEncoder() { - return PasswordEncoderFactories.createDelegatingPasswordEncoder(); - } } diff --git a/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java b/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java index 1e9d03817..35e36c5a8 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java +++ b/youlai-auth/src/main/java/com/youlai/auth/exception/AuthExceptionHandler.java @@ -24,7 +24,6 @@ public class AuthExceptionHandler { return Result.failed(ResultCode.USER_NOT_EXIST); } - /** * 用户名和密码异常 * diff --git a/youlai-auth/src/main/java/com/youlai/auth/service/UserDetailsServiceImpl.java b/youlai-auth/src/main/java/com/youlai/auth/service/UserDetailsServiceImpl.java index 56da27b37..9300f5edf 100644 --- a/youlai-auth/src/main/java/com/youlai/auth/service/UserDetailsServiceImpl.java +++ b/youlai-auth/src/main/java/com/youlai/auth/service/UserDetailsServiceImpl.java @@ -19,7 +19,6 @@ import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Service; - /** * 自定义用户认证和授权 */ @@ -40,7 +39,7 @@ public class UserDetailsServiceImpl implements UserDetailsService { switch (clientId) { case AuthConstants.ADMIN_CLIENT_ID: // 后台用户 result = userFeignClient.getUserByUsername(username); - log.info("获取用户信息:{}",result.toString()); + log.info("获取用户信息:{}", result.toString()); if (ResultCode.SUCCESS.getCode().equals(result.getCode())) { UserDTO userDTO = (UserDTO) result.getData(); user = new User(userDTO);