mirror of
https://gitee.com/youlaitech/youlai-mall.git
synced 2024-12-23 05:00:25 +08:00
refactor:oauth2认证重构
This commit is contained in:
parent
9278d176c3
commit
93d4383d10
@ -17,6 +17,12 @@
|
|||||||
|
|
||||||
<dependencies>
|
<dependencies>
|
||||||
|
|
||||||
|
<dependency>
|
||||||
|
<groupId>com.youlai</groupId>
|
||||||
|
<artifactId>youlai-common-db</artifactId>
|
||||||
|
<version>${youlai-common.version}</version>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>com.youlai</groupId>
|
<groupId>com.youlai</groupId>
|
||||||
<artifactId>youlai-admin-api</artifactId>
|
<artifactId>youlai-admin-api</artifactId>
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package com.youlai.auth.config;
|
package com.youlai.auth.config;
|
||||||
|
|
||||||
import com.youlai.auth.component.JwtTokenEnhancer;
|
import com.youlai.auth.component.JwtTokenEnhancer;
|
||||||
|
import com.youlai.auth.service.JdbcClientDetailsServiceImpl;
|
||||||
import com.youlai.common.core.constant.AuthConstants;
|
import com.youlai.common.core.constant.AuthConstants;
|
||||||
import lombok.SneakyThrows;
|
import lombok.SneakyThrows;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@ -15,6 +16,8 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.A
|
|||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
||||||
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
||||||
|
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
|
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
|
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
@ -22,6 +25,8 @@ import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenCo
|
|||||||
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
|
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
|
||||||
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
|
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
|
||||||
|
|
||||||
|
import javax.annotation.Resource;
|
||||||
|
import javax.sql.DataSource;
|
||||||
import java.security.KeyPair;
|
import java.security.KeyPair;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
@ -42,6 +47,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
|
|||||||
@Autowired
|
@Autowired
|
||||||
private RedisConnectionFactory redisConnectionFactory;
|
private RedisConnectionFactory redisConnectionFactory;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private DataSource dataSource;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 配置客户端详情
|
* 配置客户端详情
|
||||||
*
|
*
|
||||||
@ -51,15 +60,22 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
|
|||||||
@Override
|
@Override
|
||||||
@SneakyThrows
|
@SneakyThrows
|
||||||
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
||||||
clients.inMemory()
|
/*clients.inMemory()
|
||||||
.withClient("client")
|
.withClient("client")
|
||||||
.secret(passwordEncoder.encode("123456"))
|
.secret(passwordEncoder.encode("123456"))
|
||||||
.scopes("all")
|
.scopes("all")
|
||||||
.authorizedGrantTypes("password", "refresh_token")
|
.authorizedGrantTypes("password", "refresh_token")
|
||||||
.accessTokenValiditySeconds(3600)
|
.accessTokenValiditySeconds(3600)
|
||||||
.refreshTokenValiditySeconds(86400);
|
.refreshTokenValiditySeconds(86400);*/
|
||||||
|
|
||||||
|
JdbcClientDetailsServiceImpl jdbcClientDetailsService=new JdbcClientDetailsServiceImpl(dataSource);
|
||||||
|
jdbcClientDetailsService.setFindClientDetailsSql(AuthConstants.CLIENT_DETAILS_FIND_SQL);
|
||||||
|
jdbcClientDetailsService.setSelectClientDetailsSql(AuthConstants.CLIENT_DETAILS_SELECT_SQL);
|
||||||
|
clients.withClientDetails(jdbcClientDetailsService);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 配置令牌端点的安全约束
|
* 配置令牌端点的安全约束
|
||||||
*
|
*
|
||||||
|
@ -12,6 +12,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@ -31,8 +32,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public PasswordEncoder passwordEncoder() {
|
public PasswordEncoder passwordEncoder() {
|
||||||
return new BCryptPasswordEncoder();
|
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package com.youlai.auth.domain;
|
package com.youlai.auth.domain;
|
||||||
|
|
||||||
import com.youlai.admin.api.dto.UserDTO;
|
import com.youlai.admin.api.dto.UserDTO;
|
||||||
|
import com.youlai.common.core.constant.AuthConstants;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
import lombok.NoArgsConstructor;
|
import lombok.NoArgsConstructor;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
@ -30,14 +31,14 @@ public class User implements UserDetails {
|
|||||||
|
|
||||||
private Collection<SimpleGrantedAuthority> authorities;
|
private Collection<SimpleGrantedAuthority> authorities;
|
||||||
|
|
||||||
public User(UserDTO user){
|
public User(UserDTO user) {
|
||||||
this.setId(user.getId());
|
this.setId(user.getId());
|
||||||
this.setUsername(user.getUsername());
|
this.setUsername(user.getUsername());
|
||||||
this.setPassword(user.getPassword());
|
this.setPassword(AuthConstants.BCRYPT + user.getPassword());
|
||||||
this.setEnabled(user.getStatus().equals(1));
|
this.setEnabled(user.getStatus().equals(1));
|
||||||
this.setClientId(user.getClientId());
|
this.setClientId(user.getClientId());
|
||||||
if(user.getRoles()!=null){
|
if (user.getRoles() != null) {
|
||||||
authorities=new ArrayList<>();
|
authorities = new ArrayList<>();
|
||||||
user.getRoles().forEach(roleId -> authorities.add(new SimpleGrantedAuthority(String.valueOf(roleId))));
|
user.getRoles().forEach(roleId -> authorities.add(new SimpleGrantedAuthority(String.valueOf(roleId))));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,11 +1,21 @@
|
|||||||
package com.youlai.auth.service;
|
package com.youlai.auth.service;
|
||||||
|
|
||||||
|
import lombok.SneakyThrows;
|
||||||
|
import org.springframework.security.oauth2.provider.ClientDetails;
|
||||||
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
||||||
|
import org.springframework.stereotype.Service;
|
||||||
|
|
||||||
import javax.sql.DataSource;
|
import javax.sql.DataSource;
|
||||||
|
|
||||||
public class JdbcClientDetailsServiceImpl extends JdbcClientDetailsService {
|
public class JdbcClientDetailsServiceImpl extends JdbcClientDetailsService {
|
||||||
|
|
||||||
public JdbcClientDetailsServiceImpl(DataSource dataSource) {
|
public JdbcClientDetailsServiceImpl(DataSource dataSource) {
|
||||||
super(dataSource);
|
super(dataSource);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
@SneakyThrows
|
||||||
|
public ClientDetails loadClientByClientId(String clientId) {
|
||||||
|
return super.loadClientByClientId(clientId);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user