minbox-projects
diff --git a/‎README.md‎
Lines changed: 1 addition & 1 deletion b/‎README.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-boot-project/api-boot-autoconfigure/pom.xml‎
Lines changed: 20 additions & 1 deletion b/‎api-boot-project/api-boot-autoconfigure/pom.xml‎
Lines changed: 20 additions & 1 deletion
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/converter/HttpMessageConverterAutoConfiguration.java‎
Lines changed: 6 additions & 5 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/converter/HttpMessageConverterAutoConfiguration.java‎
Lines changed: 6 additions & 5 deletions
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerAutoConfiguration.java‎
Lines changed: 58 additions & 0 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerAutoConfiguration.java‎
Lines changed: 58 additions & 0 deletions
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerJdbcAutoConfiguration.java‎
Lines changed: 60 additions & 0 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerJdbcAutoConfiguration.java‎
Lines changed: 60 additions & 0 deletions
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerMemoryAutoConfiguration.java‎
Lines changed: 54 additions & 0 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerMemoryAutoConfiguration.java‎
Lines changed: 54 additions & 0 deletions
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootOauthProperties.java‎ renamed to ‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootOauthProperties.java‎
Lines changed: 5 additions & 3 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootOauthProperties.java‎ renamed to ‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootOauthProperties.java‎
Lines changed: 5 additions & 3 deletions
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/resource/ApiBootResourceServerAutoConfiguration.java‎ renamed to ‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootResourceServerAutoConfiguration.java‎
Lines changed: 1 addition & 1 deletion b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/resource/ApiBootResourceServerAutoConfiguration.java‎ renamed to ‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootResourceServerAutoConfiguration.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootSecurityProperties.java‎
Lines changed: 1 addition & 0 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootSecurityProperties.java‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityAutoConfiguration.java‎
Lines changed: 63 additions & 0 deletions b/‎api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityAutoConfiguration.java‎
Lines changed: 63 additions & 0 deletions
@@ -47,7 +47,7 @@
     <dependency>
       <groupId>org.minbox.framework</groupId>
       <artifactId>api-boot-dependencies</artifactId>
-      <version>2.0.1.RELEASE</version>
+      <version>1.0.1.RELEASE</version>
       <type>pom</type>
       <scope>import</scope>
     </dependency>
 
@@ -5,7 +5,7 @@
     <parent>
         <artifactId>api-boot-parent</artifactId>
         <groupId>org.minbox.framework</groupId>
-        <version>2.0.1.RELEASE</version>
+        <version>1.0.1.RELEASE</version>
         <relativePath>../api-boot-parent</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
@@ -35,6 +35,11 @@
             <artifactId>fastjson</artifactId>
             <optional>true</optional>
         </dependency>
+        <dependency>
+            <groupId>org.reflections</groupId>
+            <artifactId>reflections</artifactId>
+            <optional>true</optional>
+        </dependency>
 
         <!--Swagger-->
         <dependency>
@@ -92,5 +97,19 @@
             <optional>true</optional>
         </dependency>
 
+        <!--ApiBoot Security Plugin-->
+        <dependency>
+            <groupId>org.minbox.framework</groupId>
+            <artifactId>api-boot-plugin-security</artifactId>
+            <optional>true</optional>
+        </dependency>
+        <!--ApiBoot Oauth2 Plugin-->
+        <dependency>
+            <groupId>org.minbox.framework</groupId>
+            <artifactId>api-boot-plugin-oauth</artifactId>
+            <optional>true</optional>
+        </dependency>
+
+
     </dependencies>
 </project>
@@ -21,6 +21,7 @@
 import com.alibaba.fastjson.support.config.FastJsonConfig;
 import com.alibaba.fastjson.support.spring.FastJsonHttpMessageConverter;
 import org.minbox.framework.api.boot.common.tools.ClassTools;
+import org.reflections.util.ConfigurationBuilder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.BeanFactory;
@@ -30,10 +31,10 @@
 import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
-import org.springframework.boot.autoconfigure.http.HttpMessageConverters;
-import org.springframework.boot.autoconfigure.http.HttpMessageConvertersAutoConfiguration;
+import org.springframework.boot.autoconfigure.web.HttpMessageConvertersAutoConfiguration;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.util.ObjectUtils;
 
 import java.util.*;
@@ -51,7 +52,7 @@
  * GitHub：https://github.com/hengboy
  */
 @Configuration
-@ConditionalOnClass(FastJsonHttpMessageConverter.class)
+@ConditionalOnClass({FastJsonHttpMessageConverter.class, ConfigurationBuilder.class})
 @AutoConfigureBefore(HttpMessageConvertersAutoConfiguration.class)
 @ConditionalOnProperty(
         prefix = "spring.http.converters",
@@ -79,7 +80,7 @@ public class HttpMessageConverterAutoConfiguration {
      */
     @Bean
     @ConditionalOnMissingBean
-    HttpMessageConverters fastJsonHttpMessageConverters() {
+    HttpMessageConverter fastJsonHttpMessageConverters() {
         FastJsonHttpMessageConverter fastConverter = new FastJsonHttpMessageConverter();
         //创建fastJson配置实体类
         FastJsonConfig fastJsonConfig = new FastJsonConfig();
@@ -95,7 +96,7 @@ HttpMessageConverters fastJsonHttpMessageConverters() {
         // 设置自定义的valueFilter
         fastJsonConfig.setSerializeFilters(getDefineFilters());
         fastConverter.setFastJsonConfig(fastJsonConfig);
-        return new HttpMessageConverters(fastConverter);
+        return fastConverter;
     }
 
     /**
 
@@ -0,0 +1,58 @@
+package org.minbox.framework.api.boot.autoconfigure.oauth;
+
+import org.minbox.framework.api.boot.plugin.oauth2.ApiBootAuthorizationServerConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+
+import static org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
+
+/**
+ * ApiBoot OAuth2 自动化配置
+ *
+ * @author：恒宇少年 - 于起宇
+ * <p>
+ * DateTime：2019-03-25 11:49
+ * Blog：http://blog.yuqiyu.com
+ * WebSite：http://www.jianshu.com/u/092df3f77bca
+ * Gitee：https://gitee.com/hengboy
+ * GitHub：https://github.com/hengyuboy
+ */
+public class ApiBootAuthorizationServerAutoConfiguration extends ApiBootAuthorizationServerConfiguration {
+    /**
+     * 注入属性配置
+     */
+    protected ApiBootOauthProperties apiBootOauthProperties;
+
+    public ApiBootAuthorizationServerAutoConfiguration(ApiBootOauthProperties apiBootOauthProperties) {
+        this.apiBootOauthProperties = apiBootOauthProperties;
+    }
+
+    /**
+     * 配置jwt生成token的转换
+     * 使用自定义Sign Key 进行加密
+     *
+     * @return Jwt Access Token转换实例
+     */
+    @Bean
+    @ConditionalOnProperty(prefix = API_BOOT_OAUTH_PREFIX, name = "jwt.enable", havingValue = "true")
+    public AccessTokenConverter jwtAccessTokenConverter() {
+        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+        converter.setSigningKey(apiBootOauthProperties.getJwt().getSignKey());
+        return converter;
+    }
+
+    /**
+     * 默认token转换
+     * 不配置jwt转换时
+     *
+     * @return AccessTokenConverter
+     */
+    @Bean
+    @ConditionalOnProperty(prefix = API_BOOT_OAUTH_PREFIX, name = "jwt.enable", havingValue = "false", matchIfMissing = true)
+    public AccessTokenConverter defaultAccessTokenConverter() {
+        return new DefaultAccessTokenConverter();
+    }
+}
@@ -0,0 +1,60 @@
+package org.minbox.framework.api.boot.autoconfigure.oauth;
+
+import org.minbox.framework.api.boot.plugin.oauth2.ApiBootAuthorizationServerConfiguration;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
+
+import javax.sql.DataSource;
+
+import static org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
+
+/**
+ * @author：恒宇少年 - 于起宇
+ * <p>
+ * DateTime：2019-03-25 15:29
+ * Blog：http://blog.yuqiyu.com
+ * WebSite：http://www.jianshu.com/u/092df3f77bca
+ * Gitee：https://gitee.com/hengboy
+ * GitHub：https://github.com/hengyuboy
+ */
+@Configuration
+@EnableConfigurationProperties(ApiBootOauthProperties.class)
+@EnableAuthorizationServer
+@ConditionalOnClass(ApiBootAuthorizationServerConfiguration.class)
+@ConditionalOnProperty(prefix = API_BOOT_OAUTH_PREFIX, name = "away", havingValue = "jdbc")
+@AutoConfigureAfter(DataSourceAutoConfiguration.class)
+public class ApiBootAuthorizationServerJdbcAutoConfiguration extends ApiBootAuthorizationServerAutoConfiguration {
+
+    private DataSource dataSource;
+
+    public ApiBootAuthorizationServerJdbcAutoConfiguration(ApiBootOauthProperties apiBootOauthProperties, DataSource dataSource) {
+        super(apiBootOauthProperties);
+        this.dataSource = dataSource;
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients.jdbc(dataSource);
+    }
+
+    /**
+     * 配置内存方式令牌存储
+     *
+     * @return TokenStore
+     */
+    @Bean
+    public TokenStore jdbcTokenStore() {
+        return new JdbcTokenStore(dataSource);
+    }
+
+
+}
@@ -0,0 +1,54 @@
+package org.minbox.framework.api.boot.autoconfigure.oauth;
+
+import org.minbox.framework.api.boot.plugin.oauth2.ApiBootAuthorizationServerConfiguration;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
+
+import static org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
+
+/**
+ * @author：恒宇少年 - 于起宇
+ * <p>
+ * DateTime：2019-03-25 15:26
+ * Blog：http://blog.yuqiyu.com
+ * WebSite：http://www.jianshu.com/u/092df3f77bca
+ * Gitee：https://gitee.com/hengboy
+ * GitHub：https://github.com/hengyuboy
+ */
+@Configuration
+@ConditionalOnClass(ApiBootAuthorizationServerConfiguration.class)
+@EnableConfigurationProperties(ApiBootOauthProperties.class)
+@EnableAuthorizationServer
+@ConditionalOnProperty(prefix = API_BOOT_OAUTH_PREFIX, name = "away", havingValue = "memory", matchIfMissing = true)
+public class ApiBootAuthorizationServerMemoryAutoConfiguration extends ApiBootAuthorizationServerAutoConfiguration {
+
+    public ApiBootAuthorizationServerMemoryAutoConfiguration(ApiBootOauthProperties apiBootOauthProperties) {
+        super(apiBootOauthProperties);
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients.inMemory()
+                .withClient(apiBootOauthProperties.getClientId())
+                .authorizedGrantTypes(apiBootOauthProperties.getGrantTypes())
+                .secret(passwordEncoder().encode(apiBootOauthProperties.getClientSecret()))
+                .scopes(apiBootOauthProperties.getScopes());
+    }
+
+    /**
+     * 配置内存方式令牌存储
+     *
+     * @return TokenStore
+     */
+    @Bean
+    public TokenStore memoryTokenStore() {
+        return new InMemoryTokenStore();
+    }
+}
@@ -14,16 +14,18 @@
  *    limitations under the License.
  */
 
-package org.minbox.framework.api.boot.autoconfigure.security;
+package org.minbox.framework.api.boot.autoconfigure.oauth;
 
 import lombok.Data;
+import org.minbox.framework.api.boot.autoconfigure.security.SecurityAway;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
-import static org.minbox.framework.api.boot.autoconfigure.security.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
+import static org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
 
 /**
  * 整合Oauth2 相关属性配置
+ *
  * @author：恒宇少年 - 于起宇
  * <p>
  * DateTime：2019-03-14 16:52
@@ -57,7 +59,7 @@ public class ApiBootOauthProperties {
     /**
      * 客户端授权类型集合
      */
-    private String[] grantTypes = new String[]{"password"};
+    private String[] grantTypes = new String[]{"password", "refresh_token"};
     /**
      * 客户端作用域集合
      */
 
@@ -14,7 +14,7 @@
  *    limitations under the License.
  */
 
-package org.minbox.framework.api.boot.autoconfigure.security.resource;
+package org.minbox.framework.api.boot.autoconfigure.oauth;
 
 import org.minbox.framework.api.boot.autoconfigure.security.ApiBootSecurityProperties;
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -17,6 +17,7 @@
 package org.minbox.framework.api.boot.autoconfigure.security;
 
 import lombok.Data;
+import org.minbox.framework.api.boot.plugin.security.SecurityUser;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
 
@@ -0,0 +1,63 @@
+/*
+ * Copyright [2019] [恒宇少年 - 于起宇]
+ *
+ *    Licensed under the Apache License, Version 2.0 (the "License");
+ *    you may not use this file except in compliance with the License.
+ *    You may obtain a copy of the License at
+ *
+ *        http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS,
+ *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *    See the License for the specific language governing permissions and
+ *    limitations under the License.
+ */
+
+package org.minbox.framework.api.boot.autoconfigure.security;
+
+import org.minbox.framework.api.boot.plugin.security.ApiBootWebSecurityConfiguration;
+import org.springframework.util.ObjectUtils;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+/**
+ * ApiBoot SpringSecurity自动化封装配置
+ *
+ * @author：恒宇少年 - 于起宇
+ * <p>
+ * DateTime：2019-03-14 15:24
+ * Blog：http://blog.yuqiyu.com
+ * WebSite：http://www.jianshu.com/u/092df3f77bca
+ * Gitee：https://gitee.com/hengboy
+ * GitHub：https://github.com/hengboy
+ */
+public class ApiBootWebSecurityAutoConfiguration extends ApiBootWebSecurityConfiguration {
+    /**
+     * 注入ApiBoot安全属性
+     */
+    protected ApiBootSecurityProperties apiBootSecurityProperties;
+
+    public ApiBootWebSecurityAutoConfiguration(ApiBootSecurityProperties apiBootSecurityProperties) {
+        this.apiBootSecurityProperties = apiBootSecurityProperties;
+    }
+
+    /**
+     * 配置排除的路径列表
+     *
+     * @return 将要排除的路径
+     */
+    @Override
+    protected List<String> configureIgnoreUrls() {
+        List<String> ignoringUrls = new ArrayList<>();
+        // 默认排除路径
+        ignoringUrls.addAll(Arrays.asList(ApiBootSecurityProperties.DEFAULT_IGNORE_URLS));
+        // 自定义排除的路径
+        if (!ObjectUtils.isEmpty(apiBootSecurityProperties.getIgnoringUrls())) {
+            ignoringUrls.addAll(Arrays.asList(apiBootSecurityProperties.getIgnoringUrls()));
+        }
+        return ignoringUrls;
+    }
+}