diff --git a/pom.xml b/pom.xml
index c25f3e0..7d2ddbf 100644
--- a/pom.xml
+++ b/pom.xml
@@ -117,6 +117,11 @@
mybatis-plus-boot-starter
${mybatis-plus-boot-starter.version}
+
+ org.apache.commons
+ commons-pool2
+ 2.7.0
+
diff --git a/zyjblogs-oauth/pom.xml b/zyjblogs-oauth/pom.xml
index 8d22b72..218033a 100644
--- a/zyjblogs-oauth/pom.xml
+++ b/zyjblogs-oauth/pom.xml
@@ -44,6 +44,10 @@
com.baomidou
mybatis-plus-boot-starter
+
+ org.apache.commons
+ commons-pool2
+
com.alibaba.cloud
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/OauthApplication.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/OauthApplication.java
index 94af9a4..933ce0e 100644
--- a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/OauthApplication.java
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/OauthApplication.java
@@ -1,5 +1,7 @@
package cn.zyjblogs.oauth;
+import org.mybatis.spring.annotation.MapperScan;
+import org.mybatis.spring.annotation.MapperScans;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.openfeign.EnableFeignClients;
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/RedisConfig.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/RedisConfig.java
index 3d4c2d7..e2f9967 100644
--- a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/RedisConfig.java
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/RedisConfig.java
@@ -8,11 +8,10 @@ import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
import org.springframework.data.redis.serializer.StringRedisSerializer;
/**
- * Copyright (C), 2021, 北京同创永益科技发展有限公司
*
* @author zhuyijun
* @version 3.0.0
- * @description
+ * @description redis配置
* @date 2022/8/17 17:58
*/
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/lock/RedisLockTemplate.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/lock/RedisLockTemplate.java
index 04bd87c..0810897 100644
--- a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/lock/RedisLockTemplate.java
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/redis/lock/RedisLockTemplate.java
@@ -1,7 +1,6 @@
package cn.zyjblogs.oauth.config.redis.lock;
-import cn.com.hatechframework.bridge.exception.BcmsException;
-import cn.com.hatechframework.common.entity.response.ResponseCode;
+
import com.baomidou.mybatisplus.core.toolkit.IdWorker;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
@@ -100,7 +99,7 @@ public class RedisLockTemplate {
} while (System.currentTimeMillis() - start < currentAcquireTimeout);
} catch (InterruptedException e) {
log.error("lock error", e);
- throw new BcmsException(ResponseCode.INTERNAL_SERVER_ERROR, "加锁失败");
+ throw new RuntimeException("加锁失败");
}
return null;
}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/AuthorizationServerConfiguration.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/AuthorizationServerConfiguration.java
index 67bb522..8146e80 100644
--- a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/AuthorizationServerConfiguration.java
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/AuthorizationServerConfiguration.java
@@ -1,12 +1,24 @@
package cn.zyjblogs.oauth.config.security;
+import lombok.RequiredArgsConstructor;
+import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.ClientDetailsService;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
+import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
+import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
+import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
+import org.springframework.security.oauth2.provider.token.TokenStore;
/**
* @author zhuyijun
@@ -16,10 +28,11 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Aut
*/
@Configuration
@EnableAuthorizationServer
+@RequiredArgsConstructor
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
- public AuthorizationServerConfiguration() {
-
- }
+ private final TokenStore tokenStore;
+ private final ClientDetailsService clientDetailsService;
+ private final AuthenticationManager authenticationManager;
/**
* 令牌端点的安全约束
@@ -33,8 +46,10 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
security
//允许匿名访问端点:url:/oauth/token_key
.tokenKeyAccess("permitAll()")
+ .checkTokenAccess("permitAll()")
+ //TODO 待处理令牌访问安全
//允许匿名访问端点:url:/oauth/check_token
- .checkTokenAccess("isAuthenticated()")
+// .checkTokenAccess("isAuthenticated()")
.allowFormAuthenticationForClients();
}
@@ -54,11 +69,12 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
//secret
.secret(new BCryptPasswordEncoder().encode("secret"))
//资源列表
- .resourceIds("res1")
+ .resourceIds("zyjblogs-rbac")
.authorizedGrantTypes("authorization_code",
"password", "client_credentials", "implicit", "refresh_token")
//允许授权封范围
.scopes("all")
+ //
.autoApprove(false)
//加上验证回调地址
.redirectUris("https://www.baidu.com");
@@ -73,6 +89,37 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
*/
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
- super.configure(endpoints);
+ endpoints.
+ //密码模式
+ authenticationManager(authenticationManager)
+ //授权码模式
+ .authorizationCodeServices(authorizationCodeServices())
+ .tokenServices(tokenServices())
+ //允许表单认证
+ .allowedTokenEndpointRequestMethods(HttpMethod.POST);
+ }
+
+ /**
+ * 令牌管理服务
+ * @return
+ */
+ @Bean
+ public AuthorizationServerTokenServices tokenServices(){
+ DefaultTokenServices tokenServices = new DefaultTokenServices();
+ //客户端信息服务
+ tokenServices.setClientDetailsService(clientDetailsService);
+ //是否产生刷新令牌
+ tokenServices.setSupportRefreshToken(true);
+ //令牌储存策略
+ tokenServices.setTokenStore(tokenStore);
+ //令牌默认有效期
+ tokenServices.setAccessTokenValiditySeconds(7200);
+ //刷新令牌默认有效期3天
+ tokenServices.setRefreshTokenValiditySeconds(259200);
+ return tokenServices;
+ }
+ @Bean
+ public AuthorizationCodeServices authorizationCodeServices(){
+ return new InMemoryAuthorizationCodeServices();
}
}
\ No newline at end of file
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/TokenConfig.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/TokenConfig.java
new file mode 100644
index 0000000..c189de1
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/TokenConfig.java
@@ -0,0 +1,19 @@
+package cn.zyjblogs.oauth.config.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
+
+/**
+ * @author zhuyijun
+ */
+@Configuration
+public class TokenConfig {
+ //令牌存储策略
+ @Bean
+ public TokenStore tokenStore(){
+ //内存方式,生成普通令牌
+ return new InMemoryTokenStore();
+ }
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/WebSecurityConfiguration.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/WebSecurityConfiguration.java
index 5071e24..e3da717 100644
--- a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/WebSecurityConfiguration.java
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/config/security/WebSecurityConfiguration.java
@@ -2,34 +2,19 @@ package cn.zyjblogs.oauth.config.security;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.core.userdetails.User;
-import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.provisioning.InMemoryUserDetailsManager;
@Configuration
@EnableWebSecurity
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
- /***
- * 定义用户
- * @author zhuyijun
- * @Description
- * @date 14:51
- */
- @Override
- public UserDetailsService userDetailsServiceBean() throws Exception {
- InMemoryUserDetailsManager userDetailsManager = new InMemoryUserDetailsManager();
- userDetailsManager.createUser(User.withUsername("zhangsan").password("$2a$10$jwUQH.QkSvznnPRlte87k.Kw3CaLwBJbanUHM70Ry4to1Q.aXgKTi").authorities("p1").build());
- userDetailsManager.createUser(User.withUsername("lisi").password("123456").authorities("p2").build());
- return userDetailsManager;
- }
-
/**
* 密码编码解码
*
@@ -41,25 +26,19 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
}
-// @Bean
-// @Override
-// public AuthenticationManager authenticationManagerBean() throws Exception {
-// return super.authenticationManagerBean();
-// }
-
-
/**
- * 配置认证方式
- *
- * @param auth
- * @author tanyuanzhi
- * @date 2021/10/28 15:05
- */
-// @Override
-// protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-//
-//
-// }
+ * 认证管理器
+ * @param
+ * @author zhuyijun
+ * @date 2022/8/17 下午9:56
+ * @return org.springframework.security.authentication.AuthenticationManager
+ */
+ @Bean
+ @Override
+ public AuthenticationManager authenticationManagerBean() throws Exception {
+ return super.authenticationManagerBean();
+ }
+
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
@@ -72,12 +51,13 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
.authenticated()
.and()
//允许表单登录
- .formLogin()
- .successForwardUrl("/demo/success");
+ .formLogin();
}
+
@Override
public void configure(WebSecurity web) {
- web.ignoring().antMatchers("/user/robot-token");
+// web.ignoring().antMatchers("/user/robot-token");
}
+
}
\ No newline at end of file
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/constant/CommonConstant.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/constant/CommonConstant.java
new file mode 100644
index 0000000..72f884c
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/constant/CommonConstant.java
@@ -0,0 +1,10 @@
+package cn.zyjblogs.oauth.server.user.constant;
+
+/**
+ *
+ * @author zhuyijun
+ */
+public class CommonConstant {
+ public static final Integer NO_DELETED = 0;
+ public static final Integer IS_DELETED = 1;
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/constant/UserEnum.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/constant/UserEnum.java
new file mode 100644
index 0000000..1403a2c
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/constant/UserEnum.java
@@ -0,0 +1,20 @@
+package cn.zyjblogs.oauth.server.user.constant;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+
+/**
+ * @author zhuyijun
+ */
+
+@AllArgsConstructor
+@Getter
+public enum UserEnum {
+ /**
+ * 用户枚举
+ */
+ NORMAL(0,"正常"),
+ DISABLE(1,"禁用");
+ private Integer code;
+ private String name;
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/mapper/UserMapper.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/mapper/UserMapper.java
new file mode 100644
index 0000000..0458739
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/mapper/UserMapper.java
@@ -0,0 +1,10 @@
+package cn.zyjblogs.oauth.server.user.mapper;
+
+import cn.zyjblogs.oauth.server.user.po.UserPo;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+
+@Mapper
+public interface UserMapper extends BaseMapper {
+ UserPo findUserByname(String userName);
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/OauthClientDetail.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/OauthClientDetail.java
new file mode 100644
index 0000000..208519f
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/OauthClientDetail.java
@@ -0,0 +1,78 @@
+package cn.zyjblogs.oauth.server.user.po;
+
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.oauth2.provider.ClientDetails;
+
+import java.util.Collection;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * @author zhuyijun
+ */
+public class OauthClientDetail implements ClientDetails {
+ @Override
+ public String getClientId() {
+ return null;
+ }
+
+ @Override
+ public Set getResourceIds() {
+ return null;
+ }
+
+ @Override
+ public boolean isSecretRequired() {
+ return false;
+ }
+
+ @Override
+ public String getClientSecret() {
+ return null;
+ }
+
+ @Override
+ public boolean isScoped() {
+ return false;
+ }
+
+ @Override
+ public Set getScope() {
+ return null;
+ }
+
+ @Override
+ public Set getAuthorizedGrantTypes() {
+ return null;
+ }
+
+ @Override
+ public Set getRegisteredRedirectUri() {
+ return null;
+ }
+
+ @Override
+ public Collection getAuthorities() {
+ return null;
+ }
+
+ @Override
+ public Integer getAccessTokenValiditySeconds() {
+ return null;
+ }
+
+ @Override
+ public Integer getRefreshTokenValiditySeconds() {
+ return null;
+ }
+
+ @Override
+ public boolean isAutoApprove(String s) {
+ return false;
+ }
+
+ @Override
+ public Map getAdditionalInformation() {
+ return null;
+ }
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/OauthUserDetails.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/OauthUserDetails.java
new file mode 100644
index 0000000..57028e9
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/OauthUserDetails.java
@@ -0,0 +1,81 @@
+package cn.zyjblogs.oauth.server.user.po;
+
+
+import cn.zyjblogs.oauth.server.user.constant.CommonConstant;
+import cn.zyjblogs.oauth.server.user.constant.UserEnum;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.Set;
+
+/**
+ * @author zhuyijun
+ */
+@Setter
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+public class OauthUserDetails implements UserDetails {
+ private String id;
+
+ private String username;
+
+ private String name;
+
+ private String password;
+
+ private Integer phone;
+
+ private String email;
+
+ private String inviteUserId;
+
+ private Integer status;
+
+ private Integer deleted;
+ private Collection authorities;
+ private boolean accountNonExpired = true;
+ private boolean accountNonLocked = true;
+ private boolean credentialsNonExpired = true;
+ private boolean enabled = true;
+ @Override
+ public Collection getAuthorities() {
+ return authorities;
+ }
+
+ @Override
+ public String getPassword() {
+ return password;
+ }
+
+ @Override
+ public String getUsername() {
+ return username;
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return accountNonExpired;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return CommonConstant.NO_DELETED.equals(deleted) && UserEnum.NORMAL.getCode().equals(status);
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return credentialsNonExpired;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return UserEnum.NORMAL.getCode().equals(status);
+ }
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/UserPo.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/UserPo.java
new file mode 100644
index 0000000..eebe7f1
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/po/UserPo.java
@@ -0,0 +1,82 @@
+package cn.zyjblogs.oauth.server.user.po;
+
+import com.alibaba.fastjson.annotation.JSONField;
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+/**
+ * @author zhuyijun
+ */
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+@TableName("user")
+public class UserPo implements Serializable {
+
+ @TableId(value = "id", type = IdType.ASSIGN_UUID)
+ private String id;
+
+ @TableField("username")
+ private String username;
+
+ @TableField("name")
+ private String name;
+
+ @TableField("age")
+ private Integer age;
+
+ @TableField("avatar")
+ private String avatar;
+
+ @TableField("password")
+ private String password;
+
+ @TableField("phone")
+ private Integer phone;
+
+ @TableField("email")
+ private String email;
+
+ @TableField("invite_user_id")
+ private String inviteUserId;
+
+ @TableField("status")
+ private Integer status;
+
+ @TableField("follow_num")
+ private Integer followNum;
+
+ @TableField("fans_num")
+ private Integer fansNum;
+
+ @TableField("deleted")
+ private Integer deleted;
+
+ @TableField("description")
+ private String description;
+
+ @TableField("create_user_id")
+ private String createUserId;
+
+ @JSONField(format = "yyyy-MM-dd HH:mm:ss")
+ @TableField("create_time")
+ private LocalDateTime createTime;
+
+ @TableField("update_user_id")
+ private String updateUserId;
+
+
+ @JSONField(format = "yyyy-MM-dd HH:mm:ss")
+ @TableField("update_time")
+ private LocalDateTime updateTime;
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/UserService.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/UserService.java
new file mode 100644
index 0000000..d7ec32f
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/UserService.java
@@ -0,0 +1,9 @@
+package cn.zyjblogs.oauth.server.user.service;
+
+import cn.zyjblogs.oauth.server.user.po.UserPo;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+
+public interface UserService extends IService {
+
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/impl/OauthUserDetailsServiceImpl.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/impl/OauthUserDetailsServiceImpl.java
new file mode 100644
index 0000000..c7a3a09
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/impl/OauthUserDetailsServiceImpl.java
@@ -0,0 +1,31 @@
+package cn.zyjblogs.oauth.server.user.service.impl;
+
+import cn.zyjblogs.oauth.server.user.po.OauthUserDetails;
+import cn.zyjblogs.oauth.server.user.po.UserPo;
+import cn.zyjblogs.oauth.server.user.service.UserService;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import lombok.RequiredArgsConstructor;
+import org.springframework.beans.BeanUtils;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+import java.util.List;
+
+@Service
+@RequiredArgsConstructor
+public class OauthUserDetailsServiceImpl implements UserDetailsService {
+ private final UserService userService;
+ @Override
+ public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
+ LambdaQueryWrapper queryWrapper = Wrappers.lambdaQuery();
+ queryWrapper.eq(UserPo::getUsername,s);
+ UserPo userPo = userService.getBaseMapper().selectOne(queryWrapper);
+ OauthUserDetails oauthUserDetails = new OauthUserDetails();
+ BeanUtils.copyProperties(userPo, oauthUserDetails);
+ return oauthUserDetails;
+ }
+}
diff --git a/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/impl/UserServiceImpl.java b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/impl/UserServiceImpl.java
new file mode 100644
index 0000000..f0664ad
--- /dev/null
+++ b/zyjblogs-oauth/src/main/java/cn/zyjblogs/oauth/server/user/service/impl/UserServiceImpl.java
@@ -0,0 +1,15 @@
+package cn.zyjblogs.oauth.server.user.service.impl;
+
+import cn.zyjblogs.oauth.server.user.mapper.UserMapper;
+import cn.zyjblogs.oauth.server.user.po.UserPo;
+import cn.zyjblogs.oauth.server.user.service.UserService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+
+
+@Service
+@RequiredArgsConstructor
+public class UserServiceImpl extends ServiceImpl implements UserService {
+
+}
diff --git a/zyjblogs-oauth/src/main/resources/bootstrap-test.yml b/zyjblogs-oauth/src/main/resources/bootstrap-test.yml
index cda0f47..66f7101 100644
--- a/zyjblogs-oauth/src/main/resources/bootstrap-test.yml
+++ b/zyjblogs-oauth/src/main/resources/bootstrap-test.yml
@@ -1,7 +1,7 @@
hatech:
config:
nacos:
- host: ${HATECH_CONFIG_NACOS_HOST:192.168.137.1}
+ host: ${HATECH_CONFIG_NACOS_HOST:127.0.0.1}
port: ${HATECH_CONFIG_NACOS_PORT:8848}
username: ${HATECH_CONFIG_NACOS_USERNAME:nacos}
password: ${HATECH_CONFIG_NACOS_PASSWORD:nacos}
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/RbacApplication.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/RbacApplication.java
index 7137767..36b180b 100644
--- a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/RbacApplication.java
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/RbacApplication.java
@@ -4,6 +4,7 @@ import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.openfeign.EnableFeignClients;
import org.springframework.scheduling.annotation.EnableAsync;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
/**
* Copyright (C), 2021, 北京同创永益科技发展有限公司
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/config/resource/ResourceServerConfig.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/config/resource/ResourceServerConfig.java
new file mode 100644
index 0000000..2fc48a8
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/config/resource/ResourceServerConfig.java
@@ -0,0 +1,53 @@
+package cn.zyjblogs.rbac.config.resource;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
+import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
+
+/**
+ * 资源服务
+ * @author zhuyijun
+ */
+@Configuration
+@EnableResourceServer
+public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+ private static final String RESOURCE_ID="zyjblogs-rbac";
+ public ResourceServerConfig() {
+ super();
+ }
+
+ @Override
+ public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
+ resources.resourceId(RESOURCE_ID)
+ // 验证令牌的服务
+ .tokenServices(tokenServices())
+ .stateless(true);
+ }
+
+ @Override
+ public void configure(HttpSecurity http) throws Exception {
+ http.authorizeRequests()
+ .antMatchers("/**")
+ .access("#oauth2.hasAnyScope('all')")
+ .and()
+ .csrf().disable()
+ .sessionManagement()
+ .sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+ }
+
+ @Bean
+ public ResourceServerTokenServices tokenServices(){
+ RemoteTokenServices services = new RemoteTokenServices() ;
+ services.setCheckTokenEndpointUrl("http://127.0.0.1:9029/oauth/check_token");
+ services.setClientId(RESOURCE_ID);
+ services.setClientSecret("secret");
+ return services;
+ }
+}
+
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/config/security/WebSecurityConfiguration.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/config/security/WebSecurityConfiguration.java
new file mode 100644
index 0000000..777cc6b
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/config/security/WebSecurityConfiguration.java
@@ -0,0 +1,24 @@
+package cn.zyjblogs.rbac.config.security;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.csrf().disable();
+ //使HttpSecurity接收以"/login/","/oauth/"开头请求, 配置HttpSecurity不阻止swagger页面
+ http.authorizeRequests()
+ .antMatchers("/webjars/**", "/swagger-ui.html/**", "/swagger-resources/**", "/v2/api-docs/**")
+ .permitAll()
+ //以下请求必须认证通过
+ .antMatchers("/demo/**", "/oauth/**", "/login")
+ .authenticated()
+ .anyRequest().permitAll();
+ }
+}
\ No newline at end of file
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/controller/UserController.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/controller/UserController.java
new file mode 100644
index 0000000..5ca97ac
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/controller/UserController.java
@@ -0,0 +1,25 @@
+package cn.zyjblogs.rbac.server.user.controller;
+
+import cn.zyjblogs.rbac.server.user.po.UserPo;
+import cn.zyjblogs.rbac.server.user.service.UserService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * @author zhuyijun
+ */
+@RestController
+@RequestMapping("/user")
+@RequiredArgsConstructor
+@ResponseBody
+public class UserController {
+ private final UserService userService;
+ @GetMapping("/id")
+ public UserPo findById(String id){
+ return userService.getById(id);
+ }
+
+}
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/mapper/UserMapper.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/mapper/UserMapper.java
new file mode 100644
index 0000000..94a6471
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/mapper/UserMapper.java
@@ -0,0 +1,10 @@
+package cn.zyjblogs.rbac.server.user.mapper;
+
+import cn.zyjblogs.rbac.server.user.po.UserPo;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Mapper;
+
+@Mapper
+public interface UserMapper extends BaseMapper {
+ UserPo findUserByname(String userName);
+}
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/po/UserPo.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/po/UserPo.java
new file mode 100644
index 0000000..3bf57a4
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/po/UserPo.java
@@ -0,0 +1,82 @@
+package cn.zyjblogs.rbac.server.user.po;
+
+import com.alibaba.fastjson.annotation.JSONField;
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableField;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+import java.time.LocalDateTime;
+
+/**
+ * @author zhuyijun
+ */
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+@TableName("user")
+public class UserPo implements Serializable {
+
+ @TableId(value = "id", type = IdType.ASSIGN_UUID)
+ private String id;
+
+ @TableField("username")
+ private String username;
+
+ @TableField("name")
+ private String name;
+
+ @TableField("age")
+ private Integer age;
+
+ @TableField("avatar")
+ private String avatar;
+
+ @TableField("password")
+ private String password;
+
+ @TableField("phone")
+ private Integer phone;
+
+ @TableField("email")
+ private String email;
+
+ @TableField("invite_user_id")
+ private String inviteUserId;
+
+ @TableField("status")
+ private Integer status;
+
+ @TableField("follow_num")
+ private Integer followNum;
+
+ @TableField("fans_num")
+ private Integer fansNum;
+
+ @TableField("deleted")
+ private Integer deleted;
+
+ @TableField("description")
+ private String description;
+
+ @TableField("create_user_id")
+ private String createUserId;
+
+ @JSONField(format = "yyyy-MM-dd HH:mm:ss")
+ @TableField("create_time")
+ private LocalDateTime createTime;
+
+ @TableField("update_user_id")
+ private String updateUserId;
+
+
+ @JSONField(format = "yyyy-MM-dd HH:mm:ss")
+ @TableField("update_time")
+ private LocalDateTime updateTime;
+}
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/service/UserService.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/service/UserService.java
new file mode 100644
index 0000000..f174800
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/service/UserService.java
@@ -0,0 +1,9 @@
+package cn.zyjblogs.rbac.server.user.service;
+
+import cn.zyjblogs.rbac.server.user.po.UserPo;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+
+public interface UserService extends IService {
+
+}
diff --git a/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/service/impl/UserServiceImpl.java b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/service/impl/UserServiceImpl.java
new file mode 100644
index 0000000..bc45a54
--- /dev/null
+++ b/zyjblogs-rbac/src/main/java/cn/zyjblogs/rbac/server/user/service/impl/UserServiceImpl.java
@@ -0,0 +1,16 @@
+package cn.zyjblogs.rbac.server.user.service.impl;
+
+
+import cn.zyjblogs.rbac.server.user.mapper.UserMapper;
+import cn.zyjblogs.rbac.server.user.po.UserPo;
+import cn.zyjblogs.rbac.server.user.service.UserService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+
+
+@Service
+@RequiredArgsConstructor
+public class UserServiceImpl extends ServiceImpl implements UserService {
+
+}
diff --git a/zyjblogs-rbac/src/main/resources/bootstrap-test.yml b/zyjblogs-rbac/src/main/resources/bootstrap-test.yml
index cda0f47..66f7101 100644
--- a/zyjblogs-rbac/src/main/resources/bootstrap-test.yml
+++ b/zyjblogs-rbac/src/main/resources/bootstrap-test.yml
@@ -1,7 +1,7 @@
hatech:
config:
nacos:
- host: ${HATECH_CONFIG_NACOS_HOST:192.168.137.1}
+ host: ${HATECH_CONFIG_NACOS_HOST:127.0.0.1}
port: ${HATECH_CONFIG_NACOS_PORT:8848}
username: ${HATECH_CONFIG_NACOS_USERNAME:nacos}
password: ${HATECH_CONFIG_NACOS_PASSWORD:nacos}