优化代码
This commit is contained in:
parent
4eafe160da
commit
2bf7beadc4
@ -98,15 +98,15 @@ public class AuthFilter implements GlobalFilter {
|
||||
*/
|
||||
private boolean isExpired(String token) {
|
||||
if (StringUtils.isEmpty(token)) {
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
if (!token.startsWith(HttpHeaderConstant.AUTHORIZATION_TYPE)) {
|
||||
return false;
|
||||
return true;
|
||||
}
|
||||
String jwt = token.replace(HttpHeaderConstant.AUTHORIZATION_TYPE + " ", "");
|
||||
OauthClaims body = (OauthClaims) Jwts.parser().setSigningKey(SIGNING_KEY).parseClaimsJws(jwt).getBody();
|
||||
BaseContextHandler.set(ContextDto.builder().token(jwt).userId(body.getUserId()).username(body.getUsername()).build());
|
||||
return true;
|
||||
// String jwt = token.replace(HttpHeaderConstant.AUTHORIZATION_TYPE + " ", "");
|
||||
// OauthClaims body = (OauthClaims) Jwts.parser().setSigningKey(SIGNING_KEY).parseClaimsJws(jwt).getBody();
|
||||
// BaseContextHandler.set(ContextDto.builder().token(jwt).userId(body.getUserId()).username(body.getUsername()).build());
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1,6 +1,7 @@
|
||||
package cn.zyjblogs.oauth.config.security;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
@ -45,6 +46,7 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
|
||||
private final PasswordEncoder passwordEncoder;
|
||||
private final DataSource dataSource;
|
||||
private final JwtTokenEnhancer jwtTokenEnhancer;
|
||||
private final OauthResponseExceptionTranslator oAuthResponseExceptionTranslator;
|
||||
/**
|
||||
* 令牌端点的安全约束
|
||||
*
|
||||
@ -93,7 +95,9 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
|
||||
.tokenServices(tokenServices())
|
||||
.accessTokenConverter(accessTokenConverter)
|
||||
//允许表单认证
|
||||
.allowedTokenEndpointRequestMethods(HttpMethod.POST);
|
||||
.allowedTokenEndpointRequestMethods(HttpMethod.POST)
|
||||
//自定义异常处理
|
||||
.exceptionTranslator(oAuthResponseExceptionTranslator);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -1,18 +1,24 @@
|
||||
package cn.zyjblogs.oauth.config.security;
|
||||
|
||||
import io.micrometer.core.instrument.util.IOUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
|
||||
import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;
|
||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* @author zhuyijun
|
||||
*/
|
||||
@Configuration
|
||||
public class JwtTokenConfig {
|
||||
private String SIGNING_KEY="zyjblogs123";
|
||||
/**
|
||||
* 令牌存储策略
|
||||
* @return
|
||||
@ -26,7 +32,18 @@ public class JwtTokenConfig {
|
||||
@Bean
|
||||
public JwtAccessTokenConverter accessTokenConverter(){
|
||||
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||
converter.setSigningKey(SIGNING_KEY);
|
||||
String privateKey = null;
|
||||
String publicKey = null;
|
||||
try {
|
||||
publicKey = IOUtils.toString(new ClassPathResource("public.txt").getInputStream());
|
||||
privateKey = IOUtils.toString(new ClassPathResource("private.txt").getInputStream());
|
||||
} catch (final IOException e) {
|
||||
throw new RuntimeException("获取不到公私密钥");
|
||||
}
|
||||
// 私钥签名
|
||||
converter.setSigningKey(privateKey);
|
||||
// 公钥验签
|
||||
converter.setVerifierKey(publicKey);
|
||||
return converter;
|
||||
}
|
||||
}
|
||||
|
@ -1,9 +1,11 @@
|
||||
package cn.zyjblogs.oauth.config.security;
|
||||
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
@ -17,10 +19,10 @@ import org.springframework.stereotype.Component;
|
||||
@Component("oauthAuthenticationProvider")
|
||||
public class OauthAuthenticationProvider extends DaoAuthenticationProvider {
|
||||
|
||||
public OauthAuthenticationProvider(UserDetailsService userDetailsService){
|
||||
|
||||
public OauthAuthenticationProvider(UserDetailsService userDetailsService,PasswordEncoder passwordEncoder){
|
||||
this.setPasswordEncoder(passwordEncoder);
|
||||
setUserDetailsService(userDetailsService);
|
||||
this.setPasswordEncoder(new BCryptPasswordEncoder());
|
||||
setForcePrincipalAsString(false);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -0,0 +1,41 @@
|
||||
package cn.zyjblogs.oauth.config.security;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
|
||||
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* Copyright (C), 2019, 北京同创永益科技发展有限公司
|
||||
*
|
||||
* @author YeMeng
|
||||
* @version 1.0
|
||||
* <Author> <Time> <Version> <Description>
|
||||
* YeMeng 2019/12/25 17:54 1.0 自定义oauth server异常返回
|
||||
* @program hatech-framework
|
||||
* 自定义oauth server异常返回
|
||||
* @create 2019/12/25 17:54
|
||||
*/
|
||||
@Slf4j
|
||||
@Component
|
||||
public class OauthResponseExceptionTranslator implements WebResponseExceptionTranslator<OAuth2Exception> {
|
||||
|
||||
|
||||
/**
|
||||
* 异常信息转换
|
||||
*
|
||||
* @param e 异常
|
||||
* @return org.springframework.http.ResponseEntity<org.springframework.security.oauth2.common.exceptions.OAuth2Exception>
|
||||
* @author YeMeng
|
||||
* @date 2019/12/25 19:15
|
||||
*/
|
||||
@Override
|
||||
public ResponseEntity<OAuth2Exception> translate(Exception e) throws Exception {
|
||||
log.error("oauth认证失败 {}", e.getMessage());
|
||||
OAuth2Exception exception = new OAuth2Exception(e.getMessage());
|
||||
return new ResponseEntity<>(exception, HttpStatus.valueOf(500));
|
||||
|
||||
}
|
||||
}
|
27
zyjblogs-oauth/src/main/resources/private.txt
Normal file
27
zyjblogs-oauth/src/main/resources/private.txt
Normal file
@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEA4jXKxEFsDsjng2nHppqCGTR1NQLfHJlGzc5hWalP/YgbJWIq
|
||||
dGXDy704Q2DuuoOe/t6KQcYI6/C7Ua9yumYpMoKZOA5b7gmh/k0SUfsCErKwzE93
|
||||
DIAnLbRoT/hkGJD1Dn7V7yTzYf2BjaFoY5ittZJ/UXM18TAqW7S1q0qCuv25Fb9N
|
||||
AEMh63EaX3N+DMW8rg51GBfRvtVfACbIyFo98PW2/wOQhppGWkxdzgJdJUwPhZ+F
|
||||
o9DZ18044hapYPNuZ31ordIGptYL6pB/0VKhkbDLk4oOnkhhWW0DmsTSFyhOiaQq
|
||||
tuxdrjPV7sqR1NokreZAtbUctVNezNBlYWoJTwIDAQABAoIBAEzioadw4QxpZp74
|
||||
3h4XV+6/MLMy5ahvxGwBIH98F68BitB6/BkR2amvB6eHE70bLXhNJUrTx4aCDPjn
|
||||
nCQUwx3i27b80mwmpAOuKHLq0LqQN51JyRnbmPVk4yuDLmpXIqOpoock1QBSTK1Z
|
||||
1gQ8CZa0U0fY09XFXDBNTI4KxkJNhPxAOGWhQoeXQ6qgAnhiOwEGhely2XRVCvUo
|
||||
tVhN04uMl+W5Vw3+X/2D41eA5eeDYi/kgi7n2cuZK/l8bV/arwpEm7ryxqwAV1RI
|
||||
M4cPwBTNoVf/h1tAGgmBCPGZ9RkSlNF+Rob7SaCvyKwqnwHH16041a2sEY8NZMsh
|
||||
e0REpgECgYEA8KqDEjkmlhpMPe6H5ykZgDTxFcqD9pHI+XmFROF39gNFE/auwqiK
|
||||
oVTMfvAlU58PKTc8P20gIdVdwN1CFcO21dXYD+I1kg/Tt6oYmnqzb4YUi/BFao01
|
||||
hAvPDr/K99VANluynnvPX+kzz+HD+Bi+XgHi3BCOMtsQAfKl5lBCJwECgYEA8J99
|
||||
gC8XBx+406OShRUm/zDpWHQmWtLHbO+2aih4ht6k+mV9B/txacoSdi/E6MnVrPRV
|
||||
nry3xGqd/wcRHDx6nKBcT4x/t28bNP76EH2OUpMom3f/4y/qMzFVKBIwJcaSEqOd
|
||||
xAZo6qVeEHa+abDQGlObAYyYUiLRLzhbZ50AAE8CgYEAiczIMeYBXw79urRaopRY
|
||||
4pztsdF8T/FXhuj60t7axkVHB1BG7nR8tDWOxdwRM1ku4CWdXJ/KNzUpcmX+EeI3
|
||||
TScdiLK4g8KGMnK1lbZOCbxXBW11AbaK/umYDFTrDY7QLo/ArZgsvDkWDqCxidv5
|
||||
HHCuCd183keqWcMrFL29swECgYEAhvpAsVY5CbL+wCHCwEqkTISIcSj+lvYkDnTN
|
||||
k/FN4wIj855Yq9CdxyUmhAu53ofSCCormVbtkw3nwTaan4dBlHjUL3916VU3Itxh
|
||||
NDzqSGHqZoPDFBM9wifLSCYjwh0ItdH4Xwzlb7MB+CRUHf+kTRBXJGBU1cZYJ6/q
|
||||
fk3wwTsCgYEA5rs2T67JO1R9vfmIQilB8SUn0bGlVo3Mrx3b3MqX4bDjjnsCyi8L
|
||||
VMOwzwA2aOJ4FJ50sDZVr1Yv4sygrQ0k8Qo4tKY4Z0qWDbiTxp/dFnH3WGjlR3uD
|
||||
HEhVf0kJ1LI9diDu5l6dyUL7Vzaj5R9icvVa+M3lNNiRjgZi9VVgeRw=
|
||||
-----END RSA PRIVATE KEY-----
|
9
zyjblogs-oauth/src/main/resources/public.txt
Normal file
9
zyjblogs-oauth/src/main/resources/public.txt
Normal file
@ -0,0 +1,9 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jXKxEFsDsjng2nHppqC
|
||||
GTR1NQLfHJlGzc5hWalP/YgbJWIqdGXDy704Q2DuuoOe/t6KQcYI6/C7Ua9yumYp
|
||||
MoKZOA5b7gmh/k0SUfsCErKwzE93DIAnLbRoT/hkGJD1Dn7V7yTzYf2BjaFoY5it
|
||||
tZJ/UXM18TAqW7S1q0qCuv25Fb9NAEMh63EaX3N+DMW8rg51GBfRvtVfACbIyFo9
|
||||
8PW2/wOQhppGWkxdzgJdJUwPhZ+Fo9DZ18044hapYPNuZ31ordIGptYL6pB/0VKh
|
||||
kbDLk4oOnkhhWW0DmsTSFyhOiaQqtuxdrjPV7sqR1NokreZAtbUctVNezNBlYWoJ
|
||||
TwIDAQAB
|
||||
-----END PUBLIC KEY-----
|
@ -1,11 +1,15 @@
|
||||
package cn.zyjblogs.rbac.config.security;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* @author zhuyijun
|
||||
*/
|
||||
@ -25,7 +29,18 @@ public class TokenConfig {
|
||||
@Bean
|
||||
public JwtAccessTokenConverter accessTokenConverter(){
|
||||
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||
converter.setSigningKey(SIGNING_KEY);
|
||||
String privateKey = null;
|
||||
String publicKey = null;
|
||||
try {
|
||||
publicKey = IOUtils.toString(new ClassPathResource("public.txt").getInputStream());
|
||||
privateKey = IOUtils.toString(new ClassPathResource("private.txt").getInputStream());
|
||||
} catch (final IOException e) {
|
||||
throw new RuntimeException("获取不到公私密钥");
|
||||
}
|
||||
// 私钥签名
|
||||
converter.setSigningKey(privateKey);
|
||||
// 公钥验签
|
||||
converter.setVerifierKey(publicKey);
|
||||
return converter;
|
||||
}
|
||||
}
|
||||
|
27
zyjblogs-rbac/src/main/resources/private.txt
Normal file
27
zyjblogs-rbac/src/main/resources/private.txt
Normal file
@ -0,0 +1,27 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEA4jXKxEFsDsjng2nHppqCGTR1NQLfHJlGzc5hWalP/YgbJWIq
|
||||
dGXDy704Q2DuuoOe/t6KQcYI6/C7Ua9yumYpMoKZOA5b7gmh/k0SUfsCErKwzE93
|
||||
DIAnLbRoT/hkGJD1Dn7V7yTzYf2BjaFoY5ittZJ/UXM18TAqW7S1q0qCuv25Fb9N
|
||||
AEMh63EaX3N+DMW8rg51GBfRvtVfACbIyFo98PW2/wOQhppGWkxdzgJdJUwPhZ+F
|
||||
o9DZ18044hapYPNuZ31ordIGptYL6pB/0VKhkbDLk4oOnkhhWW0DmsTSFyhOiaQq
|
||||
tuxdrjPV7sqR1NokreZAtbUctVNezNBlYWoJTwIDAQABAoIBAEzioadw4QxpZp74
|
||||
3h4XV+6/MLMy5ahvxGwBIH98F68BitB6/BkR2amvB6eHE70bLXhNJUrTx4aCDPjn
|
||||
nCQUwx3i27b80mwmpAOuKHLq0LqQN51JyRnbmPVk4yuDLmpXIqOpoock1QBSTK1Z
|
||||
1gQ8CZa0U0fY09XFXDBNTI4KxkJNhPxAOGWhQoeXQ6qgAnhiOwEGhely2XRVCvUo
|
||||
tVhN04uMl+W5Vw3+X/2D41eA5eeDYi/kgi7n2cuZK/l8bV/arwpEm7ryxqwAV1RI
|
||||
M4cPwBTNoVf/h1tAGgmBCPGZ9RkSlNF+Rob7SaCvyKwqnwHH16041a2sEY8NZMsh
|
||||
e0REpgECgYEA8KqDEjkmlhpMPe6H5ykZgDTxFcqD9pHI+XmFROF39gNFE/auwqiK
|
||||
oVTMfvAlU58PKTc8P20gIdVdwN1CFcO21dXYD+I1kg/Tt6oYmnqzb4YUi/BFao01
|
||||
hAvPDr/K99VANluynnvPX+kzz+HD+Bi+XgHi3BCOMtsQAfKl5lBCJwECgYEA8J99
|
||||
gC8XBx+406OShRUm/zDpWHQmWtLHbO+2aih4ht6k+mV9B/txacoSdi/E6MnVrPRV
|
||||
nry3xGqd/wcRHDx6nKBcT4x/t28bNP76EH2OUpMom3f/4y/qMzFVKBIwJcaSEqOd
|
||||
xAZo6qVeEHa+abDQGlObAYyYUiLRLzhbZ50AAE8CgYEAiczIMeYBXw79urRaopRY
|
||||
4pztsdF8T/FXhuj60t7axkVHB1BG7nR8tDWOxdwRM1ku4CWdXJ/KNzUpcmX+EeI3
|
||||
TScdiLK4g8KGMnK1lbZOCbxXBW11AbaK/umYDFTrDY7QLo/ArZgsvDkWDqCxidv5
|
||||
HHCuCd183keqWcMrFL29swECgYEAhvpAsVY5CbL+wCHCwEqkTISIcSj+lvYkDnTN
|
||||
k/FN4wIj855Yq9CdxyUmhAu53ofSCCormVbtkw3nwTaan4dBlHjUL3916VU3Itxh
|
||||
NDzqSGHqZoPDFBM9wifLSCYjwh0ItdH4Xwzlb7MB+CRUHf+kTRBXJGBU1cZYJ6/q
|
||||
fk3wwTsCgYEA5rs2T67JO1R9vfmIQilB8SUn0bGlVo3Mrx3b3MqX4bDjjnsCyi8L
|
||||
VMOwzwA2aOJ4FJ50sDZVr1Yv4sygrQ0k8Qo4tKY4Z0qWDbiTxp/dFnH3WGjlR3uD
|
||||
HEhVf0kJ1LI9diDu5l6dyUL7Vzaj5R9icvVa+M3lNNiRjgZi9VVgeRw=
|
||||
-----END RSA PRIVATE KEY-----
|
9
zyjblogs-rbac/src/main/resources/public.txt
Normal file
9
zyjblogs-rbac/src/main/resources/public.txt
Normal file
@ -0,0 +1,9 @@
|
||||
-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jXKxEFsDsjng2nHppqC
|
||||
GTR1NQLfHJlGzc5hWalP/YgbJWIqdGXDy704Q2DuuoOe/t6KQcYI6/C7Ua9yumYp
|
||||
MoKZOA5b7gmh/k0SUfsCErKwzE93DIAnLbRoT/hkGJD1Dn7V7yTzYf2BjaFoY5it
|
||||
tZJ/UXM18TAqW7S1q0qCuv25Fb9NAEMh63EaX3N+DMW8rg51GBfRvtVfACbIyFo9
|
||||
8PW2/wOQhppGWkxdzgJdJUwPhZ+Fo9DZ18044hapYPNuZ31ordIGptYL6pB/0VKh
|
||||
kbDLk4oOnkhhWW0DmsTSFyhOiaQqtuxdrjPV7sqR1NokreZAtbUctVNezNBlYWoJ
|
||||
TwIDAQAB
|
||||
-----END PUBLIC KEY-----
|
Loading…
Reference in New Issue
Block a user