• Home
• com.cjoop
• platform-security
• 0.0.1.RELEASE
• source code
• Oauth2AutoConfiguration.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.cjoop.security.config.Oauth2AutoConfiguration Maven / Gradle / Ivy

package com.cjoop.security.config;

import java.util.HashSet;
import java.util.Set;

import javax.sql.DataSource;

import org.springframework.beans.BeansException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

/**
 * Oauth2授权服务器配置
 * 
 * @author 陈均
 *
 */
@Profile("oauth2")
@Configuration("oauth2AutoConfiguration")
@EnableConfigurationProperties(JwtProperties.class)
public class Oauth2AutoConfiguration{

	@Bean("jdbcClientDetailsService")
	public JdbcClientDetailsService jdbcClientDetailsService(DataSource dataSource) {
		return new JdbcClientDetailsService(dataSource);
	}

	/**
	 * 资源服务
	 *
	 */
	@Profile("oauth2")
	@Configuration
	@EnableResourceServer
	protected static class ResourceServer extends ResourceServerConfigurerAdapter implements BeanPostProcessor {
		
		private Set antPatterns = new HashSet<>();
		
		@Override
		public void configure(HttpSecurity http) throws Exception {
			http.cors()
			.and()
			.requestMatchers().antMatchers(
					antPatterns.toArray(new String[antPatterns.size()])
			).and()
			.authorizeRequests()
			.anyRequest().authenticated();
		}
		
		@Override
		public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
			resources.tokenExtractor(new CookieTokenExtractor());
		}
		
		@Override
		public Object postProcessBeforeInitialization(Object bean, String beanName) throws BeansException {
			if(bean instanceof InitializingOAuth2Resouce) {
				InitializingOAuth2Resouce initializingOAuth2Resouce = (InitializingOAuth2Resouce)bean;
				antPatterns.addAll(initializingOAuth2Resouce.loadResouceSets());
			}
			return bean;
		}

		@Override
		public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
			return bean;
		}
		
	}
	
	/**
	 * 授权服务
	 *
	 */
	@Profile("oauth2")
	@Configuration
	@EnableAuthorizationServer
	protected static class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
		@Autowired
		private AuthenticationManager authenticationManager;
		@Autowired
		private DataSource dataSource;
		@Autowired
		private JwtProperties jwtProperties;
		
		@Bean
		public JwtAccessTokenConverter accessTokenConverter() {
			JwtAccessTokenConverter jwtAccessTokenConverter = new JwtAccessTokenConverter();
			jwtAccessTokenConverter.setSigningKey(jwtProperties.getSigningKey());
			return jwtAccessTokenConverter;
		}

		@Override
		public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
			oauthServer.tokenKeyAccess("isAnonymous() || hasAuthority('ROLE_TRUSTED_CLIENT')").checkTokenAccess(
					"hasAuthority('ROLE_TRUSTED_CLIENT')");
			oauthServer.allowFormAuthenticationForClients();
		}

		@Override
		public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
			endpoints.authenticationManager(authenticationManager).accessTokenConverter(accessTokenConverter());
		}

		@Override
		public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
			clients.jdbc(dataSource);
		}

	}
	
}