refactor:oauth2功能重构

85bb9a23 · haoxr · ab9fdf9a · ab9fdf9a · 85bb9a23 · 85bb9a23
5 changed file
--- a/youlai-auth/src/main/java/com/youlai/auth/component/JwtTokenEnhancer.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/component/JwtTokenEnhancer.java
-package com.youlai.auth.component;
-
-import com.youlai.auth.domain.User;
-import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
-import org.springframework.security.oauth2.common.OAuth2AccessToken;
-import org.springframework.security.oauth2.provider.OAuth2Authentication;
-import org.springframework.security.oauth2.provider.token.TokenEnhancer;
-import org.springframework.stereotype.Component;
-
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * JWT内容增强器
- */
-@Component
-public class JwtTokenEnhancer implements TokenEnhancer {
-    @Override
-    public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
-        User user =(User)authentication.getPrincipal();
-        Map<String,Object> map=new HashMap<>();
-        map.put("id", user.getId());
-        map.put("client_id", user.getClientId());
-        ((DefaultOAuth2AccessToken)accessToken).setAdditionalInformation(map);
-        return accessToken;
-    }
-}
--- a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
 package com.youlai.auth.config;

-import com.youlai.auth.component.JwtTokenEnhancer;
+import com.youlai.auth.domain.User;
 import com.youlai.auth.service.JdbcClientDetailsServiceImpl;
+import com.youlai.auth.service.UserDetailsServiceImpl;
 import com.youlai.common.core.constant.AuthConstants;
 import lombok.SneakyThrows;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -10,7 +11,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -26,7 +27,9 @@ import org.springframework.security.oauth2.provider.token.store.redis.RedisToken
 import javax.sql.DataSource;
 import java.security.KeyPair;
 import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.List;
+import java.util.Map;

 /**
 * 认证服务器
@@ -35,53 +38,38 @@ import java.util.List;
 @EnableAuthorizationServer
 public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

+
    @Autowired
-    private PasswordEncoder passwordEncoder;
+    private DataSource dataSource;
+
    @Autowired
    private AuthenticationManager authenticationManager;
    @Autowired
-    private JwtTokenEnhancer jwtTokenEnhancer;
-    @Autowired
-    private RedisConnectionFactory redisConnectionFactory;
+    private UserDetailsServiceImpl userDetailsService;

    @Autowired
-    private  DataSource dataSource;
-
+    private RedisConnectionFactory redisConnectionFactory;

    /**
     * 配置客户端详情
-     *
-     * @param clients
-     * @throws Exception
     */
    @Override
    @SneakyThrows
-    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
-        /*clients.inMemory()
-                .withClient("client")
-                .secret(passwordEncoder.encode("123456"))
-                .scopes("all")
-                .authorizedGrantTypes("password", "refresh_token")
-                .accessTokenValiditySeconds(3600)
-                .refreshTokenValiditySeconds(86400);*/
-
-        JdbcClientDetailsServiceImpl jdbcClientDetailsService=new JdbcClientDetailsServiceImpl(dataSource);
-        jdbcClientDetailsService.setFindClientDetailsSql(AuthConstants.CLIENT_DETAILS_FIND_SQL);
-        jdbcClientDetailsService.setSelectClientDetailsSql(AuthConstants.CLIENT_DETAILS_SELECT_SQL);
+    public void configure(ClientDetailsServiceConfigurer clients) {
+        JdbcClientDetailsServiceImpl jdbcClientDetailsService = new JdbcClientDetailsServiceImpl(dataSource);
+        jdbcClientDetailsService.setFindClientDetailsSql(AuthConstants.FIND_CLIENT_DETAILS_SQL);
+        jdbcClientDetailsService.setSelectClientDetailsSql(AuthConstants.SELECT_CLIENT_DETAILS_SQL);
        clients.withClientDetails(jdbcClientDetailsService);
-
    }

-
    /**
     * 配置令牌端点的安全约束
     */
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
-        // 配置JWT的内容增强器
        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
        List<TokenEnhancer> tokenEnhancers = new ArrayList<>();
-        tokenEnhancers.add(jwtTokenEnhancer);
+        tokenEnhancers.add(tokenEnhancer());
        tokenEnhancers.add(jwtAccessTokenConverter());
        tokenEnhancerChain.setTokenEnhancers(tokenEnhancers);

@@ -89,17 +77,10 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
                .accessTokenConverter(jwtAccessTokenConverter())
                .tokenEnhancer(tokenEnhancerChain)
                .tokenStore(tokenStore())
-        ;
+                .userDetailsService(userDetailsService);
    }


-    @Bean
-    public TokenStore tokenStore() {
-        RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
-        tokenStore.setPrefix(AuthConstants.OAUTH2_TOKEN_PREFIX);
-        return tokenStore;
-    }
-

    /**
     * 允许表单认证
@@ -129,4 +110,29 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
        KeyPair keyPair = factory.getKeyPair("youlai", "123456".toCharArray());
        return keyPair;
    }
+
+
+    @Bean
+    public TokenStore tokenStore() {
+        RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
+        tokenStore.setPrefix(AuthConstants.OAUTH2_TOKEN_PREFIX);
+        return tokenStore;
+    }
+
+    /**
+     * JWT内容增强
+     */
+    @Bean
+    public TokenEnhancer tokenEnhancer() {
+        return (accessToken, authentication) -> {
+            Map<String, Object> map = new HashMap<>(2);
+            User user = (User) authentication.getUserAuthentication().getPrincipal();
+            map.put(AuthConstants.JWT_USER_ID_KEY, user.getId());
+            map.put(AuthConstants.JWT_CLIENT_ID_KEY, user.getClientId());
+            ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(map);
+            return accessToken;
+        };
+    }
+
+
 }
--- a/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/config/WebSecurityConfig.java
 package com.youlai.auth.config;

-import com.youlai.auth.service.UserDetailsServiceImpl;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.actuate.autoconfigure.security.servlet.EndpointRequest;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;

@@ -19,9 +14,6 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 @EnableWebSecurity
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

-    @Autowired
-    private UserDetailsServiceImpl userDetailsService;
-
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
@@ -31,27 +23,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                .anyRequest().permitAll();
    }

-    @Bean
-    public PasswordEncoder passwordEncoder()  {
-        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
-    }
-
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

-    @Override
-    protected void configure(AuthenticationManagerBuilder auth){
-        auth.authenticationProvider(daoAuthenticationProvider());
-    }
-
    @Bean
-    public DaoAuthenticationProvider daoAuthenticationProvider() {
-        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
-        provider.setUserDetailsService(userDetailsService);
-        provider.setPasswordEncoder(passwordEncoder());
-        provider.setHideUserNotFoundExceptions(false);
-        return provider;
+    public PasswordEncoder passwordEncoder()  {
+        return PasswordEncoderFactories.createDelegatingPasswordEncoder();
    }
 }
--- a/youlai-auth/src/main/java/com/youlai/auth/controller/KeyPairController.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/controller/KeyPairController.java
@@ -14,7 +14,7 @@ import java.util.Map;
 */
 @RestController
 @AllArgsConstructor
-public class KeyPairController {
+public class PublicKeyController {

    private KeyPair keyPair;


--- a/youlai-auth/src/main/resources/youlai.jks
+++ b/youlai-auth/src/main/resources/youlai.jks