增加 OAuth2 简化模式

YunaiV · YunaiV · commit a166f8246fd5 · 2020-06-26T01:18:35.000+08:00
diff --git a/lab-68/lab-68-demo01-implicit/pom.xml b/lab-68/lab-68-demo01-implicit/pom.xml
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>lab-68</artifactId>
+        <groupId>cn.iocoder.springboot.labs</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>lab-68-demo01-implicit</artifactId>
+
+    <properties>
+        <!-- 依赖相关配置 -->
+        <spring.boot.version>2.2.4.RELEASE</spring.boot.version>
+        <!-- 插件相关配置 -->
+        <maven.compiler.target>1.8</maven.compiler.target>
+        <maven.compiler.source>1.8</maven.compiler.source>
+    </properties>
+
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-starter-parent</artifactId>
+                <version>${spring.boot.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
+    <dependencies>
+        <!-- 实现对 Spring MVC 的自动配置 -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <!-- 实现对 Spring Security 的自动配置 -->
+<!--        <dependency>-->
+<!--            <groupId>org.springframework.boot</groupId>-->
+<!--            <artifactId>spring-boot-starter-security</artifactId>-->
+<!--        </dependency>-->
+
+        <!-- 实现对 Spring Security OAuth2 的自动配置 -->
+        <dependency>
+            <groupId>org.springframework.security.oauth.boot</groupId>
+            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
+            <version>${spring.boot.version}</version>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/ResourceServerApplication.java b/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/ResourceServerApplication.java
@@ -0,0 +1,13 @@
+package cn.iocoder.springboot.lab68.resourceserverdemo;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class ResourceServerApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(ResourceServerApplication.class, args);
+    }
+
+}
diff --git a/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/config/OAuth2AuthorizationServerConfig.java b/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/config/OAuth2AuthorizationServerConfig.java
@@ -0,0 +1,38 @@
+package cn.iocoder.springboot.lab68.resourceserverdemo.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+
+/**
+ * 授权服务器配置
+ */
+@Configuration
+@EnableAuthorizationServer
+public class OAuth2AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
+
+    // 用户认证
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+        endpoints.authenticationManager(authenticationManager);
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients.inMemory()
+                .withClient("clientapp").secret("112233") // Client 账号、密码。
+                .authorizedGrantTypes("implicit") // 授权码模式
+                .redirectUris("http://127.0.0.1:9090/callback02") // 配置回调地址，选填。
+                .scopes("read_userinfo", "read_contacts") // 可授权的 Scope
+//                .and().withClient() // 可以继续配置新的 Client
+                ;
+    }
+
+}
diff --git a/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/config/OAuth2ResourceServerConfig.java b/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/config/OAuth2ResourceServerConfig.java
@@ -0,0 +1,26 @@
+package cn.iocoder.springboot.lab68.resourceserverdemo.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
+/**
+ * 资源服务器配置
+ */
+@Configuration
+@EnableResourceServer
+public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .anyRequest().authenticated()
+                // 设置 /api/ 开头的 URL 需要保护
+                .and().requestMatchers().antMatchers("/api/**");
+    }
+
+}
+
+// 实际，OAuth2ResourceServer 不是和 OAuth2AuthorizationServer 一起。
+// 主要考虑，简化 demo ，所以改成这样。
diff --git a/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/config/SecurityConfig.java b/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/config/SecurityConfig.java
@@ -0,0 +1,56 @@
+package cn.iocoder.springboot.lab68.resourceserverdemo.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.BeanIds;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Override
+    @Bean(name = BeanIds.AUTHENTICATION_MANAGER)
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Bean
+    public static NoOpPasswordEncoder passwordEncoder() {
+        return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.
+                // 使用内存中的 InMemoryUserDetailsManager
+                inMemoryAuthentication()
+                // 不使用 PasswordEncoder 密码编码器
+                .passwordEncoder(passwordEncoder())
+                // 配置 yunai 用户
+                .withUser("yunai").password("1024").roles("USER");
+    }
+
+//    @Override
+//    protected void configure(HttpSecurity http) throws Exception {
+//        http.authorizeRequests()
+//                // 对所有 URL 都进行认证
+//                .anyRequest()
+//                .authenticated();
+//    }
+
+//    @Override
+//    public void configure(HttpSecurity http) throws Exception {
+//        http.csrf()
+//                .disable()
+//                .authorizeRequests()
+//                .antMatchers("/oauth/**", "/login/**", "/logout/**").permitAll()
+//                .anyRequest().authenticated()
+//                .and().formLogin().permitAll();
+//    }
+
+}
diff --git a/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/controller/ExampleController.java b/lab-68/lab-68-demo01-implicit/src/main/java/cn/iocoder/springboot/lab68/resourceserverdemo/controller/ExampleController.java
@@ -0,0 +1,18 @@
+package cn.iocoder.springboot.lab68.resourceserverdemo.controller;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * 示例模块 Controller
+ */
+@RestController
+@RequestMapping("/api/example")
+public class ExampleController {
+
+    @RequestMapping("/hello")
+    public String hello() {
+        return "world";
+    }
+
+}
diff --git a/lab-68/pom.xml b/lab-68/pom.xml
@@ -14,6 +14,7 @@
     <modules>
         <module>lab-68-demo01-resource-owner-password-credentials-server</module>
         <module>lab-68-demo01-authorization-code</module>
+        <module>lab-68-demo01-implicit</module>
 
         <module>lab-68-demo02-resource-server</module>
         <module>lab-68-demo02-authorization-server-with-resource-owner-password-credentials</module>
