整合基础框架

2023-08-19 20:21:30 +08:00 · 2023-08-19 20:21:30 +08:00 · 5e0259bc2a
parent 5c8439cb7f
commit 5e0259bc2a
6 changed files with 172 additions and 0 deletions
--- a/auth-service/pom.xml
+++ b/auth-service/pom.xml
@ -0,0 +1,39 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>com.example</groupId>
        <artifactId>SpringCloudStudy</artifactId>
        <version>0.0.1-SNAPSHOT</version>
    </parent>
    <groupId>org.example</groupId>
    <artifactId>auth-service</artifactId>
    <properties>
        <maven.compiler.source>8</maven.compiler.source>
        <maven.compiler.target>8</maven.compiler.target>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>
        <!--  OAuth2.0依赖，不再内置了，所以得我们自己指定一下版本  -->
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-oauth2</artifactId>
            <version>2.2.5.RELEASE</version>
        </dependency>
    </dependencies>
 </project>
--- a/auth-service/src/main/java/com/test/AuthApplication.java
+++ b/auth-service/src/main/java/com/test/AuthApplication.java
@ -0,0 +1,18 @@
 package com.test;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 /**
 * ClassName: AuthApplication
 * Package: com.test
 *
 * @author yovinchen
 * @Create 2023/8/19 20:14
 */
@SpringBootApplication
 public class AuthApplication {
    public static void main(String[] args) {
        SpringApplication.run(AuthApplication.class,args);
    }
 }
--- a/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
+++ b/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
@ -0,0 +1,60 @@
 package com.test.config;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import javax.annotation.Resource;
 /**
 * ClassName: OAuth2Configuration
 * Package: com.test.config
 *
 * @author yovinchen
 * @Create 2023/8/19 20:17
 */
@EnableAuthorizationServer   //开启验证服务器
@Configuration
 public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {
    private final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
    @Resource
    private AuthenticationManager manager;
    /**
     * 这个方法是对客户端进行配置，一个验证服务器可以预设很多个客户端，
     * 之后这些指定的客户端就可以按照下面指定的方式进行验证
     *
     * @param clients 客户端配置工具
     */
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()   //这里我们直接硬编码创建，当然也可以像Security那样自定义或是使用JDBC从数据库读取
                .withClient("web")   //客户端名称，随便起就行
                .secret(encoder.encode("654321"))      //只与客户端分享的secret，随便写，但是注意要加密
                .autoApprove(false)    //自动审批，这里关闭，要的就是一会体验那种感觉
                .scopes("book", "user", "borrow")     //授权范围，这里我们使用全部all
                .authorizedGrantTypes("client_credentials", "password", "implicit", "authorization_code", "refresh_token");
        //授权模式，一共支持5种，除了之前我们介绍的四种之外，还有一个刷新Token的模式
        //这里我们直接把五种都写上，方便一会实验，当然各位也可以单独只写一种一个一个进行测试
        //现在我们指定的客户端就支持这五种类型的授权方式了
    }
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) {
        security.passwordEncoder(encoder)    //编码器设定为BCryptPasswordEncoder
                .allowFormAuthenticationForClients()  //允许客户端使用表单验证，一会我们POST请求中会携带表单信息
                .checkTokenAccess("permitAll()");     //允许所有的Token查询请求
    }
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
        endpoints.authenticationManager(manager);
        //由于SpringSecurity新版本的一些底层改动，这里需要配置一下authenticationManager，才能正常使用password模式
    }
 }
--- a/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
+++ b/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
@ -0,0 +1,40 @@
 package com.test.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 /**
 * ClassName: SecurityConfiguration
 * Package: com.test.config
 *
 * @author yovinchen
 * @Create 2023/8/19 20:14
 */
@Configuration
 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()  //
                .and().formLogin().permitAll();    //使用表单登录
    }
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
        auth.inMemoryAuthentication()   //直接创建一个用户，懒得搞数据库了
                .passwordEncoder(encoder).withUser("test").password(encoder.encode("123456")).roles("USER");
    }
    @Bean   //这里需要将AuthenticationManager注册为Bean，在OAuth配置中使用
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
 }
--- a/auth-service/src/main/resources/application.yml
+++ b/auth-service/src/main/resources/application.yml
@ -0,0 +1,7 @@
 server:
  port: 8500
  servlet:
    #为了防止一会在服务之间跳转导致Cookie打架（因为所有服务地址都是localhost，都会存JSESSIONID）
    #这里修改一下context-path，这样保存的Cookie会使用指定的路径，就不会和其他服务打架了
    #但是注意之后的请求都得在最前面加上这个路径
    context-path: /sso
--- a/pom.xml
+++ b/pom.xml
@ -19,6 +19,7 @@
        <module>borrow-service</module>
        <module>book-service</module>
        <module>commons</module>
        <module>auth-service</module>
    </modules>
    <properties>
        <java.version>1.8</java.version>
@ -53,6 +54,13 @@
                <artifactId>mybatis-spring-boot-starter</artifactId>
                <version>2.2.0</version>
            </dependency>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>2021.0.8</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>
    <build>