diff --git a/auth-service/pom.xml b/auth-service/pom.xml
new file mode 100644
index 0000000..3dbe106
--- /dev/null
+++ b/auth-service/pom.xml
@@ -0,0 +1,39 @@
+
+
+ 4.0.0
+
+ com.example
+ SpringCloudStudy
+ 0.0.1-SNAPSHOT
+
+
+ org.example
+ auth-service
+
+
+ 8
+ 8
+ UTF-8
+
+
+
+
+ org.springframework.boot
+ spring-boot-starter-web
+
+
+
+ org.springframework.boot
+ spring-boot-starter-security
+
+
+
+
+ org.springframework.cloud
+ spring-cloud-starter-oauth2
+ 2.2.5.RELEASE
+
+
+
diff --git a/auth-service/src/main/java/com/test/AuthApplication.java b/auth-service/src/main/java/com/test/AuthApplication.java
new file mode 100644
index 0000000..cb24d7f
--- /dev/null
+++ b/auth-service/src/main/java/com/test/AuthApplication.java
@@ -0,0 +1,18 @@
+package com.test;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * ClassName: AuthApplication
+ * Package: com.test
+ *
+ * @author yovinchen
+ * @Create 2023/8/19 20:14
+ */
+@SpringBootApplication
+public class AuthApplication {
+ public static void main(String[] args) {
+ SpringApplication.run(AuthApplication.class,args);
+ }
+}
diff --git a/auth-service/src/main/java/com/test/config/OAuth2Configuration.java b/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
new file mode 100644
index 0000000..1181f5c
--- /dev/null
+++ b/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
@@ -0,0 +1,60 @@
+package com.test.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+
+import javax.annotation.Resource;
+
+/**
+ * ClassName: OAuth2Configuration
+ * Package: com.test.config
+ *
+ * @author yovinchen
+ * @Create 2023/8/19 20:17
+ */
+@EnableAuthorizationServer //开启验证服务器
+@Configuration
+public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {
+
+ private final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+ @Resource
+ private AuthenticationManager manager;
+
+ /**
+ * 这个方法是对客户端进行配置,一个验证服务器可以预设很多个客户端,
+ * 之后这些指定的客户端就可以按照下面指定的方式进行验证
+ *
+ * @param clients 客户端配置工具
+ */
+ @Override
+ public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+ clients.inMemory() //这里我们直接硬编码创建,当然也可以像Security那样自定义或是使用JDBC从数据库读取
+ .withClient("web") //客户端名称,随便起就行
+ .secret(encoder.encode("654321")) //只与客户端分享的secret,随便写,但是注意要加密
+ .autoApprove(false) //自动审批,这里关闭,要的就是一会体验那种感觉
+ .scopes("book", "user", "borrow") //授权范围,这里我们使用全部all
+ .authorizedGrantTypes("client_credentials", "password", "implicit", "authorization_code", "refresh_token");
+ //授权模式,一共支持5种,除了之前我们介绍的四种之外,还有一个刷新Token的模式
+ //这里我们直接把五种都写上,方便一会实验,当然各位也可以单独只写一种一个一个进行测试
+ //现在我们指定的客户端就支持这五种类型的授权方式了
+ }
+
+ @Override
+ public void configure(AuthorizationServerSecurityConfigurer security) {
+ security.passwordEncoder(encoder) //编码器设定为BCryptPasswordEncoder
+ .allowFormAuthenticationForClients() //允许客户端使用表单验证,一会我们POST请求中会携带表单信息
+ .checkTokenAccess("permitAll()"); //允许所有的Token查询请求
+ }
+
+ @Override
+ public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
+ endpoints.authenticationManager(manager);
+ //由于SpringSecurity新版本的一些底层改动,这里需要配置一下authenticationManager,才能正常使用password模式
+ }
+}
diff --git a/auth-service/src/main/java/com/test/config/SecurityConfiguration.java b/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
new file mode 100644
index 0000000..b246bea
--- /dev/null
+++ b/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
@@ -0,0 +1,40 @@
+package com.test.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+/**
+ * ClassName: SecurityConfiguration
+ * Package: com.test.config
+ *
+ * @author yovinchen
+ * @Create 2023/8/19 20:14
+ */
+@Configuration
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+ @Override
+ protected void configure(HttpSecurity http) throws Exception {
+ http.authorizeRequests().anyRequest().authenticated() //
+ .and().formLogin().permitAll(); //使用表单登录
+ }
+
+
+ @Override
+ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+ BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+ auth.inMemoryAuthentication() //直接创建一个用户,懒得搞数据库了
+ .passwordEncoder(encoder).withUser("test").password(encoder.encode("123456")).roles("USER");
+ }
+
+ @Bean //这里需要将AuthenticationManager注册为Bean,在OAuth配置中使用
+ @Override
+ public AuthenticationManager authenticationManagerBean() throws Exception {
+ return super.authenticationManagerBean();
+ }
+}
diff --git a/auth-service/src/main/resources/application.yml b/auth-service/src/main/resources/application.yml
new file mode 100644
index 0000000..d4860ca
--- /dev/null
+++ b/auth-service/src/main/resources/application.yml
@@ -0,0 +1,7 @@
+server:
+ port: 8500
+ servlet:
+ #为了防止一会在服务之间跳转导致Cookie打架(因为所有服务地址都是localhost,都会存JSESSIONID)
+ #这里修改一下context-path,这样保存的Cookie会使用指定的路径,就不会和其他服务打架了
+ #但是注意之后的请求都得在最前面加上这个路径
+ context-path: /sso
diff --git a/pom.xml b/pom.xml
index fed1bfb..7e322a9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -19,6 +19,7 @@
borrow-service
book-service
commons
+ auth-service
1.8
@@ -53,6 +54,13 @@
mybatis-spring-boot-starter
2.2.0
+
+ org.springframework.cloud
+ spring-cloud-dependencies
+ 2021.0.8
+ pom
+ import
+