开发环境:
Windows10
Intellij Idea2018.2
jdk1.8
redis3.2.9
Spring Boot 2.0.2 Release
Spring Cloud Finchley.RC2
Spring 5.0.6
项目目录
eshop —— 父级工程,管理 jar 包版本
eshop-server —— Eureka 服务注册中心
eshop-gateway —— Zuul 网关
eshop-auth —— 授权服务
eshop-member —— 会员服务
eshop-email —— 邮件服务(暂未使用)
eshop-common —— 通用类
授权服务
首先构建 eshop-auth 服务,引入相关依赖
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/m
aven-4.0.0.xsd">
<parent>
<artifactId>eshop-parent</artifactId>
<groupId>com.curise.eshop</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>eshop-auth</artifactId>
<packaging>war</packaging>
<description>授权模块</description>
<dependencies>
<dependency>
<groupId>com.curise.eshop</groupId>
<artifactId>eshop-common</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
接下来,配置 Mybatis、redis、eureka,贴一下配置文件
server:
port: 1203
spring:
application:
name: eshop-auth
redis:
database: 0
host: 192.168.0.117
port: 6379
password:
jedis:
pool:
max-active: 8
max-idle: 8
min-idle: 0
datasource:
driver-class-name: com.mysql.jdbc.Driver
url: jdbc:mysql://localhost:3306/eshop_member?useUnicode=true&characterEncoding=utf-8
&useSSL=false&allowMultiQueries=true
username: root
password: root
druid:
initialSize: 5 #初始化连接大小
minIdle: 5 #最小连接池数量
maxActive: 20 #最大连接池数量
maxWait: 60000 #获取连接时最大等待时间,单位毫秒
timeBetweenEvictionRunsMillis: 60000 #配置间隔多久才进行一次检测,检测需要关闭的空
闲连接,单位是毫秒
minEvictableIdleTimeMillis: 300000 #配置一个连接在池中最小生存的时间,单位是毫秒
validationQuery: SELECT 1 from DUAL #测试连接
testWhileIdle: true #申请连接的时候检测,建议配置为 true,不影响性能,并且
保证安全性
testOnBorrow: false #获取连接时执行检测,建议关闭,影响性能
testOnReturn: false #归还连接时执行检测,建议关闭,影响性能
poolPreparedStatements: false #是否开启 PSCache,PSCache 对支持游标的数据库性能
提升巨大,oracle 建议开启,mysql 下建议关闭
maxPoolPreparedStatementPerConnectionSize: 20 #开启 poolPreparedStatements 后生效
filters: stat,wall,log4j #配置扩展插件,常用的插件有=>stat:监控统计 log4j:日志 wall:防御
sql 注入
connectionProperties: 'druid.stat.mergeSql=true;druid.stat.slowSqlMillis=5000' # 通 过
connectProperties 属性来打开 mergeSql 功能;慢 SQL 记录
eureka:
instance:
prefer-ip-address: true
instance-id: ${spring.cloud.client.ip-address}:${server.port}
client:
service-url:
defaultZone: http://localhost:1111/eureka/
mybatis:
type-aliases-package: com.curise.eshop.common.entity
configuration:
map-underscore-to-camel-case: true #开启驼峰命名,l_name -> lName
jdbc-type-for-null: NULL
lazy-loading-enabled: true
aggressive-lazy-loading: true
cache-enabled: true #开启二级缓存
call-setters-on-nulls: true #map 空列不显示问题
mapper-locations:
- classpath:mybatis/*.xml
AuthApplication 添加@EnableDiscoveryClient 和@MapperScan 注解。
接 下 来 配 置 认 证 服 务 器 AuthorizationServerConfig , 并 添 加 @Configuration 和
@EnableAuthorizationServer 注解,其中 ClientDetailsServiceConfigurer 配置在内存中,当然也
可以从数据库读取,以后慢慢完善。
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private DataSource dataSource;
@Autowired
private RedisConnectionFactory redisConnectionFactory;
@Autowired
private MyUserDetailService userDetailService;
@Bean
public TokenStore tokenStore() {
return new RedisTokenStore(redisConnectionFactory);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security
.allowFormAuthenticationForClients()
.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// clients.withClientDetails(clientDetails());
clients.inMemory()
.withClient("android")
.scopes("read")
.secret("android")
.authorizedGrantTypes("password", "authorization_code", "refresh_token")
.and()
.withClient("webapp")
.scopes("read")
.authorizedGrantTypes("implicit")
.and()
