整合基础框架

2023-08-19 20:21:30 +08:00 · 2023-08-19 20:21:30 +08:00 · 5e0259bc2a
commit 5e0259bc2a
parent 5c8439cb7f
6 changed files with 172 additions and 0 deletions
--- a/auth-service/pom.xml
+++ b/auth-service/pom.xml
@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>com.example</groupId>
+        <artifactId>SpringCloudStudy</artifactId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+
+    <groupId>org.example</groupId>
+    <artifactId>auth-service</artifactId>
+
+    <properties>
+        <maven.compiler.source>8</maven.compiler.source>
+        <maven.compiler.target>8</maven.compiler.target>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
+        <!--  OAuth2.0依赖，不再内置了，所以得我们自己指定一下版本  -->
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-oauth2</artifactId>
+            <version>2.2.5.RELEASE</version>
+        </dependency>
+    </dependencies>
+</project>
--- a/auth-service/src/main/java/com/test/AuthApplication.java
+++ b/auth-service/src/main/java/com/test/AuthApplication.java
@ -0,0 +1,18 @@
+package com.test;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * ClassName: AuthApplication
+ * Package: com.test
+ *
+ * @author yovinchen
+ * @Create 2023/8/19 20:14
+ */
+@SpringBootApplication
+public class AuthApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(AuthApplication.class,args);
+    }
+}
--- a/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
+++ b/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
@ -0,0 +1,60 @@
+package com.test.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+
+import javax.annotation.Resource;
+
+/**
+ * ClassName: OAuth2Configuration
+ * Package: com.test.config
+ *
+ * @author yovinchen
+ * @Create 2023/8/19 20:17
+ */
+@EnableAuthorizationServer   //开启验证服务器
+@Configuration
+public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {
+
+    private final BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+    @Resource
+    private AuthenticationManager manager;
+
+    /**
+     * 这个方法是对客户端进行配置，一个验证服务器可以预设很多个客户端，
+     * 之后这些指定的客户端就可以按照下面指定的方式进行验证
+     *
+     * @param clients 客户端配置工具
+     */
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients.inMemory()   //这里我们直接硬编码创建，当然也可以像Security那样自定义或是使用JDBC从数据库读取
+                .withClient("web")   //客户端名称，随便起就行
+                .secret(encoder.encode("654321"))      //只与客户端分享的secret，随便写，但是注意要加密
+                .autoApprove(false)    //自动审批，这里关闭，要的就是一会体验那种感觉
+                .scopes("book", "user", "borrow")     //授权范围，这里我们使用全部all
+                .authorizedGrantTypes("client_credentials", "password", "implicit", "authorization_code", "refresh_token");
+        //授权模式，一共支持5种，除了之前我们介绍的四种之外，还有一个刷新Token的模式
+        //这里我们直接把五种都写上，方便一会实验，当然各位也可以单独只写一种一个一个进行测试
+        //现在我们指定的客户端就支持这五种类型的授权方式了
+    }
+
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer security) {
+        security.passwordEncoder(encoder)    //编码器设定为BCryptPasswordEncoder
+                .allowFormAuthenticationForClients()  //允许客户端使用表单验证，一会我们POST请求中会携带表单信息
+                .checkTokenAccess("permitAll()");     //允许所有的Token查询请求
+    }
+
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
+        endpoints.authenticationManager(manager);
+        //由于SpringSecurity新版本的一些底层改动，这里需要配置一下authenticationManager，才能正常使用password模式
+    }
+}
--- a/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
+++ b/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
@ -0,0 +1,40 @@
+package com.test.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+/**
+ * ClassName: SecurityConfiguration
+ * Package: com.test.config
+ *
+ * @author yovinchen
+ * @Create 2023/8/19 20:14
+ */
+@Configuration
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().anyRequest().authenticated()  //
+                .and().formLogin().permitAll();    //使用表单登录
+    }
+
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+        auth.inMemoryAuthentication()   //直接创建一个用户，懒得搞数据库了
+                .passwordEncoder(encoder).withUser("test").password(encoder.encode("123456")).roles("USER");
+    }
+
+    @Bean   //这里需要将AuthenticationManager注册为Bean，在OAuth配置中使用
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+}
--- a/auth-service/src/main/resources/application.yml
+++ b/auth-service/src/main/resources/application.yml
@ -0,0 +1,7 @@
+server:
+  port: 8500
+  servlet:
+    #为了防止一会在服务之间跳转导致Cookie打架（因为所有服务地址都是localhost，都会存JSESSIONID）
+    #这里修改一下context-path，这样保存的Cookie会使用指定的路径，就不会和其他服务打架了
+    #但是注意之后的请求都得在最前面加上这个路径
+    context-path: /sso
--- a/pom.xml
+++ b/pom.xml
@ -19,6 +19,7 @@
        <module>borrow-service</module>
        <module>book-service</module>
        <module>commons</module>
+        <module>auth-service</module>
    </modules>
    <properties>
        <java.version>1.8</java.version>
@ -53,6 +54,13 @@
                <artifactId>mybatis-spring-boot-starter</artifactId>
                <version>2.2.0</version>
            </dependency>
+            <dependency>
+                <groupId>org.springframework.cloud</groupId>
+                <artifactId>spring-cloud-dependencies</artifactId>
+                <version>2021.0.8</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
        </dependencies>
    </dependencyManagement>
    <build>