Merge pull request #16 from LookBackInTheRain/dev

Dev

Author: LookBackInTheRain

src/main/java/club/yuit/oauth/boot/config/SecurityConfig.java

@@ -65,9 +65,9 @@ public void configure(AuthenticationManagerBuilder auth) throws Exception {
     protected void configure(HttpSecurity http) throws Exception {
 
         http
-                // 必须配置，不然OAuth2的http配置不生效----不明觉厉
+                // http security 要拦截的url，这里这拦截，oauth2相关和登录登录相关的url，其他的交给资源服务处理
                 .requestMatchers()
-                .antMatchers("/auth/login", properties.getLoginProcessUrl(), "/oauth/authorize")
+                .antMatchers( "/oauth/**",properties.getLoginPage(),properties.getLoginProcessUrl())
                 .and()
                 .authorizeRequests()
                 // 自定义页面或处理url是，如果不配置全局允许，浏览器会提示服务器将页面转发多次
@@ -80,7 +80,7 @@ protected void configure(HttpSecurity http) throws Exception {
         http.formLogin()
                 .failureHandler(handler)
                 // 页面
-                .loginPage("/auth/login")
+                .loginPage(properties.getLoginPage())
                 // 登录处理url
                 .loginProcessingUrl(properties.getLoginProcessUrl());
 

src/main/java/club/yuit/oauth/boot/config/auth2/OAuth2AuthorizationServerConfig.java

@@ -86,7 +86,7 @@ public void configure(AuthorizationServerSecurityConfigurer security) throws Exc
         // 自定义异常处理端口
         security.authenticationEntryPoint(authenticationEntryPoint);
 
-        // 认证之前的过滤器
+        // 客户端认证之前的过滤器
         security.addTokenEndpointAuthenticationFilter(filter);
 
         security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");

src/main/java/club/yuit/oauth/boot/support/BootSecurityProperties.java

@@ -3,6 +3,8 @@
 import club.yuit.oauth.boot.support.common.TokenStoreType;
 import club.yuit.oauth.boot.support.properities.BootLogLevelProperties;
 import club.yuit.oauth.boot.support.properities.BootSmsCodeProperties;
+import lombok.Getter;
+import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.boot.context.properties.NestedConfigurationProperty;
@@ -17,6 +19,8 @@
 @Configuration
 @EnableConfigurationProperties
 @ConfigurationProperties(prefix = "boot.oauth")
+@Getter
+@Setter
 public class BootSecurityProperties {
 
 
@@ -27,6 +31,7 @@ public class BootSecurityProperties {
     private TokenStoreType tokenStoreType = TokenStoreType.memory;
 
     private String loginProcessUrl="/auth/authorize";
+    private String loginPage="/auth/login";
 
 
     /**
@@ -43,46 +48,7 @@ public class BootSecurityProperties {
 
 
 
-    /*****--------------getter  setter----------------------******/
-    public TokenStoreType getTokenStoreType() {
-        return tokenStoreType;
-    }
 
-    public void setTokenStoreType(TokenStoreType tokenStoreType) {
-        this.tokenStoreType = tokenStoreType;
-    }
-
-    public String getLoginProcessUrl() {
-        return loginProcessUrl;
-    }
-
-    public void setLoginProcessUrl(String loginProcessUrl) {
-        this.loginProcessUrl = loginProcessUrl;
-    }
-
-    public BootLogLevelProperties getLogging() {
-        return logging;
-    }
-
-    public void setLogging(BootLogLevelProperties logging) {
-        this.logging = logging;
-    }
-
-    public BootSmsCodeProperties getSms() {
-        return sms;
-    }
-
-    public void setSms(BootSmsCodeProperties sms) {
-        this.sms = sms;
-    }
-
-    public String getTokenSigningKey() {
-        return tokenSigningKey;
-    }
-
-    public void setTokenSigningKey(String tokenSigningKey) {
-        this.tokenSigningKey = tokenSigningKey;
-    }
 
 
 }