com.soento.core.config.OauthConfig Maven / Gradle / Ivy
package com.soento.core.config;
import lombok.Getter;
import lombok.Setter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
/**
* @author soento
*/
@Getter
@Setter
@Configuration
public class OauthConfig {
/**
* actuator需要访问的url
*/
public static final String[] ANON = {
"/pub/**",
"/actuator/health",
"/actuator/env",
"/actuator/metrics/**",
"/actuator/trace",
"/actuator/dump",
"/actuator/jolokia",
"/actuator/info",
"/actuator/logfile",
"/actuator/refresh",
"/actuator/flyway",
"/actuator/liquibase",
"/actuator/heapdump",
"/actuator/loggers",
"/actuator/auditevents",
"/actuator/env/PID",
"/actuator/jolokia/**",
"/v2/api-docs/**",
"/swagger-ui.html",
"/swagger-resources/**",
"/webjars/**"
};
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String CLIENT_ID = "client_id";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String STATE = "state";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String SCOPE = "scope";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String REDIRECT_URI = "redirect_uri";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String RESPONSE_TYPE = "response_type";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String USER_OAUTH_APPROVAL = "user_oauth_approval";
/**
* Constant to use as a prefix for scope approval
*/
public static final String SCOPE_PREFIX = "scope.";
/**
* Constant to use while parsing and formatting parameter maps for OAuth2 requests
*/
public static final String GRANT_TYPE = "grant_type";
public static String BEARER_TYPE = "Bearer";
public static String OAUTH2_TYPE = "OAuth2";
/**
* The access token issued by the authorization server. This value is REQUIRED.
*/
public static String ACCESS_TOKEN = "access_token";
/**
* The type of the token issued as described in Section 7.1. Value is case insensitive.
* This value is REQUIRED.
*/
public static String TOKEN_TYPE = "token_type";
/**
* The lifetime in seconds of the access token. For example, the value "3600" denotes that the access token will
* expire in one hour from the time the response was generated. This value is OPTIONAL.
*/
public static String EXPIRES_IN = "expires_in";
/**
* The refresh token which can be used to obtain new access tokens using the same authorization grant as described
* in Section 6. This value is OPTIONAL.
*/
public static String REFRESH_TOKEN = "refresh_token";
@Value("${oauth.header:Authorization}")
private String header;
/**
* 使用jwt或者redis
* 默认redis
*/
@Value("${oauth.access_token.store-jwt:false}")
private Boolean storeWithJwt;
/**
* 登陆后返回的json数据是否追加当前用户信息
* 默认false
*/
@Value("${oauth.access_token.add-user-info:false}")
private Boolean addUserInfo;
/**
* jwt签名key,可随意指定
* 如配置文件里不设置的话,冒号后面的是默认值
*/
@Value("${oauth.access_token.jwt-signing-key:www.soento.com}")
private String signingKey;
/**
* 存储code到redis,并设置过期时间,30分钟
* 单位分钟
*/
@Value("${oauth.code.redis.expiration-time:30}")
private Integer codeExpirationTime;
/**
* 登录被拒尝试次数
*/
@Value("${oauth.login.unauthorized.retry-count:5}")
private Integer unauthorizedRetryCount;
/**
* 需要放开权限的uri
*
* @param uris 自定义的uri
* @return 自定义的url和监控中心需要访问的url集合
*/
public static String[] permit(String... uris) {
if (uris == null || uris.length == 0) {
return ANON;
}
Set set = new HashSet<>();
Collections.addAll(set, ANON);
Collections.addAll(set, uris);
return set.toArray(new String[set.size()]);
}
}