package com.leimingtech.sso;
import com.zaxxer.hikari.HikariDataSource;
import org.apache.tomcat.util.http.parser.Authorization;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
import org.springframework.boot.autoconfigure.jdbc.DataSourceProperties;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.http.HttpMethod;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.approval.ApprovalStore;
import org.springframework.security.oauth2.provider.approval.JdbcApprovalStore;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
/**
* Created by yun on 2017/7/27.
*/
public class Config {
public static final String OAUTH_CLIENT_ID = "oauth_client";
public static final String OAUTH_CLIENT_SECRET = "oauth_client_secret";
public static final String RESOURCE_ID = "my_resource_id";
public static final String[] SCOPES = { "read", "write" };
// private static BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
@Bean
@ConfigurationProperties("spring.datasource")
public static HikariDataSource dataSource() {
return (HikariDataSource) DataSourceBuilder.create()
.type(HikariDataSource.class).build();
}
@Configuration
@EnableAuthorizationServer
static class OAuthAuthorizationConfig extends AuthorizationServerConfigurerAdapter {
@Resource(name = "oldPasswordEncoder")
private OldPasswordEncoder passwordEncoderOld;
@Autowired
private AuthorizationEndpoint authorizationEndpoint;
@PostConstruct
public void init() {
// authorizationEndpoint.setUserApprovalPage("forward:/oauth/my_approval_page");
// authorizationEndpoint.setErrorPage("forward:/oauth/my_error_page");
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource())
.withClient(OAUTH_CLIENT_ID)
.secret(OAUTH_CLIENT_SECRET)
.resourceIds(RESOURCE_ID)
.scopes(SCOPES)
.authorities("ROLE_USER")
.authorizedGrantTypes("authorization_code", "refresh_token")
.redirectUris("http://default-oauth-callback.com")
.accessTokenValiditySeconds(60*30) // 30min
.refreshTokenValiditySeconds(60*60*24); // 24h
}
@Bean
public ApprovalStore approvalStore() {
return new JdbcApprovalStore(dataSource());
}
@Bean
protected AuthorizationCodeServices authorizationCodeServices() {
return new JdbcAuthorizationCodeServices(dataSource());
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource());
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security)
throws Exception {
security.passwordEncoder(passwordEncoderOld)/*.tokenKeyAccess().checkTokenAccess()*/;
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.approvalStore(approvalStore()) // oauth_approvals
.authorizationCodeServices(authorizationCodeServices()) // oauth_code
.tokenStore(tokenStore())/*.userDetailsService()*/
/*.authenticationManager()*/
/*.tokenGranter()*/
/*.requestFactory()*/; // oauth_access_token & oauth_refresh_token
}
}
@Configuration
@EnableResourceServer
static class OAuthResourceConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources.resourceId(RESOURCE_ID);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.antMatcher("/oauth/**")
.authorizeRequests()
.antMatchers("/oauth/index").permitAll()
.antMatchers("/oauth/token").permitAll()
.antMatchers("/oauth/check_token").permitAll()
.antMatchers("/oauth/confirm_access").permitAll()
.antMatchers("/oauth/error").permitAll()
.antMatchers("/oauth/my_approval_page").permitAll()
.antMatchers("/oauth/my_error_page").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/oauth/index")
.loginProcessingUrl("/oauth/login");
http.authorizeRequests()
.antMatchers(HttpMethod.GET, "/api/**").access("#oauth2.hasScope('read')")
.antMatchers(HttpMethod.POST, "/api/**").access("#oauth2.hasScope('write')");
}
}
@Configuration
@EnableWebSecurity
static class SecurityConfig extends WebSecurityConfigurerAdapter {
@Resource(name = "customAuthenticationProvider")
private CustomAuthenticationProvider authenticationProvider;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(authenticationProvider);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable();
http.authorizeRequests()
.antMatchers("/oauth/authorize").authenticated()
.and()
.httpBasic().realmName("OAuth Server");
}
@Override
sso-master.zip (10个子文件) 
sso 
pom.xml 2KB src main resources application.properties 2KB java com leimingtech sso UserDetailsServiceImpl.java 461B CustomAuthenticationProvider.java 3KB Controller.java 1KB Config.java 8KB SocialApplication.java 1KB OldPasswordEncoder.java 703B doc 170727205013.sql 4KB .gitignore 723B资源评论
ltbo992018-11-13不是完整代码,没办法让初学者学习理解。
云南乐嘟信息技术有限公司2018-03-26跑不起来!
mengyouyouzi
- 粉丝: 7
最新资源
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】简洁商务建筑设计公司企业网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】简洁清爽扁平化手机APP应用官网(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】精品商务IT科技公司官网(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】景区房地产开发商企业网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】蓝色漂亮手机app应用开发官网(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】绿色大气Retina设计手机PC网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】绿色蔬菜水果农产品企业网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】绿色环保简洁网站制作公司(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】漂亮宽屏鞋子包包电子商务商城网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】漂亮全屏js交互摄影图片企业网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】漂亮的紫色魅惑夜场俱乐部网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】纹理背景简洁大气科技博客html网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】棕色斜纹个性插画复古风格CSS网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站-响应式html5-整站模板】时尚黑色透明手机商业网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站整站模板】Gosloo精品大气雪山旅游景区网站(运行html文件可看效果).zip
- 【漂亮大气-PC端英文网站整站模板】flew简洁精致css3动画响应式网站(运行html文件可看效果).zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
