refactor:oauth2认证重构

This commit is contained in:
haoxr 2020-09-17 19:53:26 +08:00
parent 9278d176c3
commit 93d4383d10
5 changed files with 42 additions and 8 deletions

View File

@ -17,6 +17,12 @@
<dependencies> <dependencies>
<dependency>
<groupId>com.youlai</groupId>
<artifactId>youlai-common-db</artifactId>
<version>${youlai-common.version}</version>
</dependency>
<dependency> <dependency>
<groupId>com.youlai</groupId> <groupId>com.youlai</groupId>
<artifactId>youlai-admin-api</artifactId> <artifactId>youlai-admin-api</artifactId>

View File

@ -1,6 +1,7 @@
package com.youlai.auth.config; package com.youlai.auth.config;
import com.youlai.auth.component.JwtTokenEnhancer; import com.youlai.auth.component.JwtTokenEnhancer;
import com.youlai.auth.service.JdbcClientDetailsServiceImpl;
import com.youlai.common.core.constant.AuthConstants; import com.youlai.common.core.constant.AuthConstants;
import lombok.SneakyThrows; import lombok.SneakyThrows;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -15,6 +16,8 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.A
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.security.oauth2.provider.token.TokenEnhancer; import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain; import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.TokenStore;
@ -22,6 +25,8 @@ import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenCo
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory; import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
import javax.annotation.Resource;
import javax.sql.DataSource;
import java.security.KeyPair; import java.security.KeyPair;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
@ -42,6 +47,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
@Autowired @Autowired
private RedisConnectionFactory redisConnectionFactory; private RedisConnectionFactory redisConnectionFactory;
@Autowired
private DataSource dataSource;
/** /**
* 配置客户端详情 * 配置客户端详情
* *
@ -51,15 +60,22 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
@Override @Override
@SneakyThrows @SneakyThrows
public void configure(ClientDetailsServiceConfigurer clients) throws Exception { public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory() /*clients.inMemory()
.withClient("client") .withClient("client")
.secret(passwordEncoder.encode("123456")) .secret(passwordEncoder.encode("123456"))
.scopes("all") .scopes("all")
.authorizedGrantTypes("password", "refresh_token") .authorizedGrantTypes("password", "refresh_token")
.accessTokenValiditySeconds(3600) .accessTokenValiditySeconds(3600)
.refreshTokenValiditySeconds(86400); .refreshTokenValiditySeconds(86400);*/
JdbcClientDetailsServiceImpl jdbcClientDetailsService=new JdbcClientDetailsServiceImpl(dataSource);
jdbcClientDetailsService.setFindClientDetailsSql(AuthConstants.CLIENT_DETAILS_FIND_SQL);
jdbcClientDetailsService.setSelectClientDetailsSql(AuthConstants.CLIENT_DETAILS_SELECT_SQL);
clients.withClientDetails(jdbcClientDetailsService);
} }
/** /**
* 配置令牌端点的安全约束 * 配置令牌端点的安全约束
* *

View File

@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
@Configuration @Configuration
@ -31,8 +32,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
} }
@Bean @Bean
public PasswordEncoder passwordEncoder() { public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(); return PasswordEncoderFactories.createDelegatingPasswordEncoder();
} }
@Bean @Bean

View File

@ -1,6 +1,7 @@
package com.youlai.auth.domain; package com.youlai.auth.domain;
import com.youlai.admin.api.dto.UserDTO; import com.youlai.admin.api.dto.UserDTO;
import com.youlai.common.core.constant.AuthConstants;
import lombok.Data; import lombok.Data;
import lombok.NoArgsConstructor; import lombok.NoArgsConstructor;
import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.GrantedAuthority;
@ -30,14 +31,14 @@ public class User implements UserDetails {
private Collection<SimpleGrantedAuthority> authorities; private Collection<SimpleGrantedAuthority> authorities;
public User(UserDTO user){ public User(UserDTO user) {
this.setId(user.getId()); this.setId(user.getId());
this.setUsername(user.getUsername()); this.setUsername(user.getUsername());
this.setPassword(user.getPassword()); this.setPassword(AuthConstants.BCRYPT + user.getPassword());
this.setEnabled(user.getStatus().equals(1)); this.setEnabled(user.getStatus().equals(1));
this.setClientId(user.getClientId()); this.setClientId(user.getClientId());
if(user.getRoles()!=null){ if (user.getRoles() != null) {
authorities=new ArrayList<>(); authorities = new ArrayList<>();
user.getRoles().forEach(roleId -> authorities.add(new SimpleGrantedAuthority(String.valueOf(roleId)))); user.getRoles().forEach(roleId -> authorities.add(new SimpleGrantedAuthority(String.valueOf(roleId))));
} }

View File

@ -1,11 +1,21 @@
package com.youlai.auth.service; package com.youlai.auth.service;
import lombok.SneakyThrows;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService; import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.stereotype.Service;
import javax.sql.DataSource; import javax.sql.DataSource;
public class JdbcClientDetailsServiceImpl extends JdbcClientDetailsService { public class JdbcClientDetailsServiceImpl extends JdbcClientDetailsService {
public JdbcClientDetailsServiceImpl(DataSource dataSource) { public JdbcClientDetailsServiceImpl(DataSource dataSource) {
super(dataSource); super(dataSource);
} }
@Override
@SneakyThrows
public ClientDetails loadClientByClientId(String clientId) {
return super.loadClientByClientId(clientId);
}
} }