package com.sso.server.controller;
import com.sso.server.view.SsoSpelView;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.web.csrf.CsrfToken;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.SessionAttributes;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.View;
import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
import org.springframework.web.util.HtmlUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Iterator;
import java.util.Map;
/**
* @author liaohong
* @since 2018/11/7 11:15
*/
@RestController
@SessionAttributes("authorizationRequest")
public class SsoApprovalEndpointController {
@RequestMapping({"/oauth/confirm_access"})
public ModelAndView getAccessConfirmation(Map<String, Object> model, HttpServletRequest request) throws Exception {
String template = this.createTemplate(model, request);
if (request.getAttribute("_csrf") != null) {
model.put("_csrf", request.getAttribute("_csrf"));
}
return new ModelAndView(new SsoSpelView(template), model);
}
protected String createTemplate(Map<String, Object> model, HttpServletRequest request) {
String template = TEMPLATE;
if (!model.containsKey("scopes") && request.getAttribute("scopes") == null) {
template = template.replace("%scopes%", "").replace("%denial%", DENIAL);
} else {
template = template.replace("%scopes%", this.createScopes(model, request)).replace("%denial%", "");
}
if (!model.containsKey("_csrf") && request.getAttribute("_csrf") == null) {
template = template.replace("%csrf%", "");
} else {
template = template.replace("%csrf%", CSRF);
}
return template;
}
private CharSequence createScopes(Map<String, Object> model, HttpServletRequest request) {
StringBuilder builder = new StringBuilder("<ul>");
Map<String, String> scopes = (Map)((Map)(model.containsKey("scopes") ? model.get("scopes") : request.getAttribute("scopes")));
Iterator var5 = scopes.keySet().iterator();
while(var5.hasNext()) {
String scope = (String)var5.next();
String approved = "true".equals(scopes.get(scope)) ? " checked" : "";
String denied = !"true".equals(scopes.get(scope)) ? " checked" : "";
String value = SCOPE.replace("%scope%", scope).replace("%key%", scope).replace("%approved%", approved).replace("%denied%", denied);
builder.append(value);
}
builder.append("</ul>");
return builder.toString();
}
private static String CSRF = "<input type='hidden' name='${_csrf.parameterName}' value='${_csrf.token}' />";
private static String DENIAL = "<form id='denialForm' name='denialForm' action='${path}/oauth/authorize' method='post'><input name='user_oauth_approval' value='false' type='hidden'/>%csrf%<label><input name='deny' value='Deny' type='submit'/></label></form>";
private static String TEMPLATE = "<html>" +
"<body>" +
"<div style='display:none;'>"+
"<h1>OAuth Approval</h1>" +
"<p>Do you authorize '${authorizationRequest.clientId}' to access your protected resources?</p>" +
" <form id='confirmationForm' name='confirmationForm' action='${path}/oauth/authorize' method='post'>" +
"<input name='user_oauth_approval' value='true' type='hidden'/>%csrf%%scopes%" +
"<label>" + "<input name='authorize' value='Authorize' type='submit'/></label>" +
"</form>" +
"%denial%" +
"</div>"+
"<script>document.getElementById('confirmationForm').submit()</script>"+
"</body>" +
"</html>";
private static String SCOPE = "<li><div class='form-group'>%scope%: <input type='radio' name='%key%' value='true'%approved%>Approve</input> <input type='radio' name='%key%' value='false'%denied%>Deny</input></div></li>";
}
没有合适的资源?快使用搜索试试~ 我知道了~
spring security oauth2 实现jwt sso
共120个文件
xml:61个
java:14个
class:11个
需积分: 48 52 下载量 141 浏览量
2018-11-14
09:43:21
上传
评论 1
收藏 245KB RAR 举报
温馨提示
该资源实现了一个sso单点登陆的功能,类似于在淘宝网登陆之后可以不需要登陆天猫即可访问天猫网;使用了spring security oauth2以及jwt。
资源推荐
资源详情
资源评论
收起资源包目录
spring security oauth2 实现jwt sso (120个子文件)
SsoApprovalEndpointController.class 5KB
SsoAuthorizationServerConfig.class 5KB
SsoSpelView.class 4KB
SsoSecurityConfig.class 4KB
SsoSpelView$1.class 2KB
SsoUserDetailService.class 1KB
Client2Application.class 797B
Client1Application.class 797B
Client2Controller.class 753B
Client1Controller.class 753B
ServerApplication.class 706B
mvnw.cmd 6KB
mvnw.cmd 6KB
mvnw.cmd 6KB
mvnw.cmd 6KB
.gitignore 268B
.gitignore 268B
.gitignore 268B
.gitignore 268B
sso-client1.iml 7KB
client2.iml 7KB
sso-server.iml 6KB
jwt-sso.iml 1KB
maven-wrapper.jar 47KB
maven-wrapper.jar 47KB
maven-wrapper.jar 47KB
maven-wrapper.jar 47KB
SsoApprovalEndpointController.java 4KB
SsoAuthorizationServerConfig.java 3KB
SsoSpelView.java 3KB
SsoSecurityConfig.java 2KB
SsoUserDetailService.java 1KB
Client2Controller.java 447B
Client1Controller.java 447B
Client2Application.java 424B
Client1Application.java 423B
Client2ApplicationTests.java 374B
Client1ApplicationTests.java 370B
ServerApplicationTests.java 368B
JwtSsoApplicationTests.java 365B
ServerApplication.java 318B
index.jsp 416B
index.jsp 416B
mvnw 9KB
mvnw 9KB
mvnw 9KB
mvnw 9KB
maven-wrapper.properties 116B
maven-wrapper.properties 116B
maven-wrapper.properties 116B
maven-wrapper.properties 116B
application.properties 0B
application.properties 0B
workspace.xml 60KB
uiDesigner.xml 9KB
pom.xml 2KB
pom.xml 2KB
pom.xml 2KB
pom.xml 2KB
compiler.xml 843B
Maven__org_springframework_security_oauth_spring_security_oauth2_2_0_14_RELEASE.xml 760B
Maven__org_springframework_boot_spring_boot_starter_security_1_5_6_RELEASE.xml 755B
Maven__org_springframework_boot_spring_boot_starter_logging_1_5_6_RELEASE.xml 748B
Maven__org_springframework_boot_spring_boot_starter_tomcat_1_5_6_RELEASE.xml 741B
Maven__org_springframework_boot_spring_boot_autoconfigure_1_5_6_RELEASE.xml 734B
Maven__org_springframework_security_spring_security_config_4_2_3_RELEASE.xml 729B
Maven__org_springframework_boot_spring_boot_starter_web_1_5_6_RELEASE.xml 720B
Maven__org_springframework_security_spring_security_core_4_2_3_RELEASE.xml 715B
Maven__org_springframework_security_spring_security_web_4_2_3_RELEASE.xml 708B
Maven__org_springframework_security_spring_security_jwt_1_0_8_RELEASE.xml 708B
Maven__org_springframework_boot_spring_boot_starter_1_5_6_RELEASE.xml 692B
Maven__org_springframework_spring_expression_4_3_10_RELEASE.xml 665B
Maven__org_apache_tomcat_embed_tomcat_embed_websocket_8_5_16.xml 660B
Maven__org_springframework_spring_context_4_3_10_RELEASE.xml 644B
Maven__com_fasterxml_jackson_core_jackson_annotations_2_8_0.xml 644B
Maven__org_apache_tomcat_embed_tomcat_embed_jasper_8_5_16.xml 639B
Maven__org_springframework_spring_webmvc_4_3_10_RELEASE.xml 637B
Maven__org_springframework_boot_spring_boot_1_5_6_RELEASE.xml 636B
Maven__org_hibernate_hibernate_validator_5_3_5_Final.xml 634B
Maven__org_springframework_spring_beans_4_3_10_RELEASE.xml 630B
modules.xml 629B
Maven__org_apache_tomcat_embed_tomcat_embed_core_8_5_16.xml 625B
Maven__com_fasterxml_jackson_core_jackson_databind_2_8_9.xml 623B
Maven__org_springframework_spring_core_4_3_10_RELEASE.xml 623B
misc.xml 621B
Maven__org_codehaus_jackson_jackson_mapper_asl_1_9_13.xml 620B
Maven__org_springframework_spring_web_4_3_10_RELEASE.xml 616B
Maven__org_springframework_spring_aop_4_3_10_RELEASE.xml 616B
Maven__org_apache_tomcat_embed_tomcat_embed_el_8_5_16.xml 611B
Maven__javax_validation_validation_api_1_1_0_Final.xml 611B
Maven__org_apache_tomcat_tomcat_servlet_api_8_5_16.xml 608B
Maven__org_jboss_logging_jboss_logging_3_3_1_Final.xml 608B
Maven__org_codehaus_jackson_jackson_core_asl_1_9_13.xml 606B
Maven__com_fasterxml_jackson_core_jackson_core_2_8_9.xml 595B
Maven__org_apache_tomcat_tomcat_jsp_api_8_5_16.xml 580B
Maven__javax_servlet_javax_servlet_api_3_1_0.xml 578B
Maven__ch_qos_logback_logback_classic_1_1_11.xml 575B
Maven__org_apache_tomcat_tomcat_el_api_8_5_16.xml 573B
Maven__org_bouncycastle_bcprov_jdk15on_1_56.xml 562B
Maven__org_bouncycastle_bcpkix_jdk15on_1_56.xml 562B
共 120 条
- 1
- 2
资源评论
ProgramerHai
- 粉丝: 73
- 资源: 10
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功