'); 16 | }); 17 | 18 | editor.addButton('hr', { 19 | icon: 'hr', 20 | tooltip: 'Horizontal line', 21 | cmd: 'InsertHorizontalRule' 22 | }); 23 | 24 | editor.addMenuItem('hr', { 25 | icon: 'hr', 26 | text: 'Horizontal line', 27 | cmd: 'InsertHorizontalRule', 28 | context: 'insert' 29 | }); 30 | }); 31 | -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/hr/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("hr",function(e){e.addCommand("InsertHorizontalRule",function(){e.execCommand("mceInsertContent",!1,"
")}),e.addButton("hr",{icon:"hr",tooltip:"Horizontal line",cmd:"InsertHorizontalRule"}),e.addMenuItem("hr",{icon:"hr",text:"Horizontal line",cmd:"InsertHorizontalRule",context:"insert"})}); -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/media/moxieplayer.swf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EarthChen/imooc-security-study/69e843d89d017953ec3e91b0701651ab4942eb43/security-authorize/src/main/resources/resources/scripts/framework/plugins/media/moxieplayer.swf -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/nonbreaking/plugin.js: -------------------------------------------------------------------------------- 1 | /** 2 | * plugin.js 3 | * 4 | * Released under LGPL License. 5 | * Copyright (c) 1999-2015 Ephox Corp. All rights reserved 6 | * 7 | * License: http://www.tinymce.com/license 8 | * Contributing: http://www.tinymce.com/contributing 9 | */ 10 | 11 | /*global tinymce:true */ 12 | 13 | tinymce.PluginManager.add('nonbreaking', function(editor) { 14 | var setting = editor.getParam('nonbreaking_force_tab'); 15 | 16 | editor.addCommand('mceNonBreaking', function() { 17 | editor.insertContent( 18 | (editor.plugins.visualchars && editor.plugins.visualchars.state) ? 19 | ' ' : ' ' 20 | ); 21 | 22 | editor.dom.setAttrib(editor.dom.select('span.mce-nbsp'), 'data-mce-bogus', '1'); 23 | }); 24 | 25 | editor.addButton('nonbreaking', { 26 | title: 'Nonbreaking space', 27 | cmd: 'mceNonBreaking' 28 | }); 29 | 30 | editor.addMenuItem('nonbreaking', { 31 | text: 'Nonbreaking space', 32 | cmd: 'mceNonBreaking', 33 | context: 'insert' 34 | }); 35 | 36 | if (setting) { 37 | var spaces = +setting > 1 ? +setting : 3; // defaults to 3 spaces if setting is true (or 1) 38 | 39 | editor.on('keydown', function(e) { 40 | if (e.keyCode == 9) { 41 | 42 | if (e.shiftKey) { 43 | return; 44 | } 45 | 46 | e.preventDefault(); 47 | for (var i = 0; i < spaces; i++) { 48 | editor.execCommand('mceNonBreaking'); 49 | } 50 | } 51 | }); 52 | } 53 | }); 54 | -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/nonbreaking/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("nonbreaking",function(e){var t=e.getParam("nonbreaking_force_tab");if(e.addCommand("mceNonBreaking",function(){e.insertContent(e.plugins.visualchars&&e.plugins.visualchars.state?' ':" "),e.dom.setAttrib(e.dom.select("span.mce-nbsp"),"data-mce-bogus","1")}),e.addButton("nonbreaking",{title:"Nonbreaking space",cmd:"mceNonBreaking"}),e.addMenuItem("nonbreaking",{text:"Nonbreaking space",cmd:"mceNonBreaking",context:"insert"}),t){var n=+t>1?+t:3;e.on("keydown",function(t){if(9==t.keyCode){if(t.shiftKey)return;t.preventDefault();for(var r=0;n>r;r++)e.execCommand("mceNonBreaking")}})}}); -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/noneditable/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("noneditable",function(e){function t(e){return function(t){return-1!==(" "+t.attr("class")+" ").indexOf(e)}}function n(t){function n(t){var n=arguments,r=n[n.length-2];return r>0&&'"'==a.charAt(r-1)?t:''+e.dom.encode("string"==typeof n[1]?n[1]:n[0])+""}var r=o.length,a=t.content,s=tinymce.trim(i);if("raw"!=t.format){for(;r--;)a=a.replace(o[r],n);t.content=a}}var r,i,o,a="contenteditable";r=" "+tinymce.trim(e.getParam("noneditable_editable_class","mceEditable"))+" ",i=" "+tinymce.trim(e.getParam("noneditable_noneditable_class","mceNonEditable"))+" ";var s=t(r),l=t(i);o=e.getParam("noneditable_regexp"),o&&!o.length&&(o=[o]),e.on("PreInit",function(){o&&e.on("BeforeSetContent",n),e.parser.addAttributeFilter("class",function(e){for(var t,n=e.length;n--;)t=e[n],s(t)?t.attr(a,"true"):l(t)&&t.attr(a,"false")}),e.serializer.addAttributeFilter(a,function(e){for(var t,n=e.length;n--;)t=e[n],(s(t)||l(t))&&(o&&t.attr("data-mce-content")?(t.name="#text",t.type=3,t.raw=!0,t.value=t.attr("data-mce-content")):t.attr(a,null))})})}); -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/pagebreak/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("pagebreak",function(e){var t="mce-pagebreak",n=e.getParam("pagebreak_separator",""),r=new RegExp(n.replace(/[\?\.\*\[\]\(\)\{\}\+\^\$\:]/g,function(e){return"\\"+e}),"gi"),i='
"+i+"
"):e.insertContent(i)}),e.addButton("pagebreak",{title:"Page break",cmd:"mcePageBreak"}),e.addMenuItem("pagebreak",{text:"Page break",icon:"pagebreak",cmd:"mcePageBreak",context:"insert"}),e.on("ResolveName",function(n){"IMG"==n.target.nodeName&&e.dom.hasClass(n.target,t)&&(n.name="pagebreak")}),e.on("click",function(n){n=n.target,"IMG"===n.nodeName&&e.dom.hasClass(n,t)&&e.selection.select(n)}),e.on("BeforeSetContent",function(e){e.content=e.content.replace(r,i)}),e.on("PreInit",function(){e.serializer.addNodeFilter("img",function(t){for(var r,i,o=t.length;o--;)if(r=t[o],i=r.attr("class"),i&&-1!==i.indexOf("mce-pagebreak")){var a=r.parent;if(e.schema.getBlockElements()[a.name]&&e.settings.pagebreak_split_block){a.type=3,a.value=n,a.raw=!0,r.remove();continue}r.type=3,r.value=n,r.raw=!0}})})}); -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/print/plugin.js: -------------------------------------------------------------------------------- 1 | /** 2 | * plugin.js 3 | * 4 | * Released under LGPL License. 5 | * Copyright (c) 1999-2015 Ephox Corp. All rights reserved 6 | * 7 | * License: http://www.tinymce.com/license 8 | * Contributing: http://www.tinymce.com/contributing 9 | */ 10 | 11 | /*global tinymce:true */ 12 | 13 | tinymce.PluginManager.add('print', function(editor) { 14 | editor.addCommand('mcePrint', function() { 15 | editor.getWin().print(); 16 | }); 17 | 18 | editor.addButton('print', { 19 | title: 'Print', 20 | cmd: 'mcePrint' 21 | }); 22 | 23 | editor.addShortcut('Meta+P', '', 'mcePrint'); 24 | 25 | editor.addMenuItem('print', { 26 | text: 'Print', 27 | cmd: 'mcePrint', 28 | icon: 'print', 29 | shortcut: 'Meta+P', 30 | context: 'file' 31 | }); 32 | }); 33 | -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/print/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("print",function(e){e.addCommand("mcePrint",function(){e.getWin().print()}),e.addButton("print",{title:"Print",cmd:"mcePrint"}),e.addShortcut("Meta+P","","mcePrint"),e.addMenuItem("print",{text:"Print",cmd:"mcePrint",icon:"print",shortcut:"Meta+P",context:"file"})}); -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/save/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("save",function(e){function t(){var t;return t=tinymce.DOM.getParent(e.id,"form"),!e.getParam("save_enablewhendirty",!0)||e.isDirty()?(tinymce.triggerSave(),e.getParam("save_onsavecallback")?(e.execCallback("save_onsavecallback",e),void e.nodeChanged()):void(t?(e.setDirty(!1),t.onsubmit&&!t.onsubmit()||("function"==typeof t.submit?t.submit():n(e.translate("Error: Form submit field collision."))),e.nodeChanged()):n(e.translate("Error: No form element found.")))):void 0}function n(t){e.notificationManager.open({text:t,type:"error"})}function r(){var t=tinymce.trim(e.startContent);return e.getParam("save_oncancelcallback")?void e.execCallback("save_oncancelcallback",e):(e.setContent(t),e.undoManager.clear(),void e.nodeChanged())}function i(){var t=this;e.on("nodeChange dirty",function(){t.disabled(e.getParam("save_enablewhendirty",!0)&&!e.isDirty())})}e.addCommand("mceSave",t),e.addCommand("mceCancel",r),e.addButton("save",{icon:"save",text:"Save",cmd:"mceSave",disabled:!0,onPostRender:i}),e.addButton("cancel",{text:"Cancel",icon:!1,cmd:"mceCancel",disabled:!0,onPostRender:i}),e.addShortcut("Meta+S","","mceSave")}); -------------------------------------------------------------------------------- /security-authorize/src/main/resources/resources/scripts/framework/plugins/tabfocus/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("tabfocus",function(e){function t(e){9!==e.keyCode||e.ctrlKey||e.altKey||e.metaKey||e.preventDefault()}function n(t){function n(n){function o(e){return"BODY"===e.nodeName||"hidden"!=e.type&&"none"!=e.style.display&&"hidden"!=e.style.visibility&&o(e.parentNode)}function l(e){return/INPUT|TEXTAREA|BUTTON/.test(e.tagName)&&tinymce.get(t.id)&&-1!=e.tabIndex&&o(e)}if(s=r.select(":input:enabled,*[tabindex]:not(iframe)"),i(s,function(t,n){return t.id==e.id?(a=n,!1):void 0}),n>0){for(c=a+1;c{{title}}
9 |'); 16 | }); 17 | 18 | editor.addButton('hr', { 19 | icon: 'hr', 20 | tooltip: 'Horizontal line', 21 | cmd: 'InsertHorizontalRule' 22 | }); 23 | 24 | editor.addMenuItem('hr', { 25 | icon: 'hr', 26 | text: 'Horizontal line', 27 | cmd: 'InsertHorizontalRule', 28 | context: 'insert' 29 | }); 30 | }); 31 | -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/hr/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("hr",function(e){e.addCommand("InsertHorizontalRule",function(){e.execCommand("mceInsertContent",!1,"
")}),e.addButton("hr",{icon:"hr",tooltip:"Horizontal line",cmd:"InsertHorizontalRule"}),e.addMenuItem("hr",{icon:"hr",text:"Horizontal line",cmd:"InsertHorizontalRule",context:"insert"})}); -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/media/moxieplayer.swf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/EarthChen/imooc-security-study/69e843d89d017953ec3e91b0701651ab4942eb43/security-authorize/target/classes/resources/scripts/framework/plugins/media/moxieplayer.swf -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/nonbreaking/plugin.js: -------------------------------------------------------------------------------- 1 | /** 2 | * plugin.js 3 | * 4 | * Released under LGPL License. 5 | * Copyright (c) 1999-2015 Ephox Corp. All rights reserved 6 | * 7 | * License: http://www.tinymce.com/license 8 | * Contributing: http://www.tinymce.com/contributing 9 | */ 10 | 11 | /*global tinymce:true */ 12 | 13 | tinymce.PluginManager.add('nonbreaking', function(editor) { 14 | var setting = editor.getParam('nonbreaking_force_tab'); 15 | 16 | editor.addCommand('mceNonBreaking', function() { 17 | editor.insertContent( 18 | (editor.plugins.visualchars && editor.plugins.visualchars.state) ? 19 | ' ' : ' ' 20 | ); 21 | 22 | editor.dom.setAttrib(editor.dom.select('span.mce-nbsp'), 'data-mce-bogus', '1'); 23 | }); 24 | 25 | editor.addButton('nonbreaking', { 26 | title: 'Nonbreaking space', 27 | cmd: 'mceNonBreaking' 28 | }); 29 | 30 | editor.addMenuItem('nonbreaking', { 31 | text: 'Nonbreaking space', 32 | cmd: 'mceNonBreaking', 33 | context: 'insert' 34 | }); 35 | 36 | if (setting) { 37 | var spaces = +setting > 1 ? +setting : 3; // defaults to 3 spaces if setting is true (or 1) 38 | 39 | editor.on('keydown', function(e) { 40 | if (e.keyCode == 9) { 41 | 42 | if (e.shiftKey) { 43 | return; 44 | } 45 | 46 | e.preventDefault(); 47 | for (var i = 0; i < spaces; i++) { 48 | editor.execCommand('mceNonBreaking'); 49 | } 50 | } 51 | }); 52 | } 53 | }); 54 | -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/nonbreaking/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("nonbreaking",function(e){var t=e.getParam("nonbreaking_force_tab");if(e.addCommand("mceNonBreaking",function(){e.insertContent(e.plugins.visualchars&&e.plugins.visualchars.state?' ':" "),e.dom.setAttrib(e.dom.select("span.mce-nbsp"),"data-mce-bogus","1")}),e.addButton("nonbreaking",{title:"Nonbreaking space",cmd:"mceNonBreaking"}),e.addMenuItem("nonbreaking",{text:"Nonbreaking space",cmd:"mceNonBreaking",context:"insert"}),t){var n=+t>1?+t:3;e.on("keydown",function(t){if(9==t.keyCode){if(t.shiftKey)return;t.preventDefault();for(var r=0;n>r;r++)e.execCommand("mceNonBreaking")}})}}); -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/noneditable/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("noneditable",function(e){function t(e){return function(t){return-1!==(" "+t.attr("class")+" ").indexOf(e)}}function n(t){function n(t){var n=arguments,r=n[n.length-2];return r>0&&'"'==a.charAt(r-1)?t:''+e.dom.encode("string"==typeof n[1]?n[1]:n[0])+""}var r=o.length,a=t.content,s=tinymce.trim(i);if("raw"!=t.format){for(;r--;)a=a.replace(o[r],n);t.content=a}}var r,i,o,a="contenteditable";r=" "+tinymce.trim(e.getParam("noneditable_editable_class","mceEditable"))+" ",i=" "+tinymce.trim(e.getParam("noneditable_noneditable_class","mceNonEditable"))+" ";var s=t(r),l=t(i);o=e.getParam("noneditable_regexp"),o&&!o.length&&(o=[o]),e.on("PreInit",function(){o&&e.on("BeforeSetContent",n),e.parser.addAttributeFilter("class",function(e){for(var t,n=e.length;n--;)t=e[n],s(t)?t.attr(a,"true"):l(t)&&t.attr(a,"false")}),e.serializer.addAttributeFilter(a,function(e){for(var t,n=e.length;n--;)t=e[n],(s(t)||l(t))&&(o&&t.attr("data-mce-content")?(t.name="#text",t.type=3,t.raw=!0,t.value=t.attr("data-mce-content")):t.attr(a,null))})})}); -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/pagebreak/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("pagebreak",function(e){var t="mce-pagebreak",n=e.getParam("pagebreak_separator",""),r=new RegExp(n.replace(/[\?\.\*\[\]\(\)\{\}\+\^\$\:]/g,function(e){return"\\"+e}),"gi"),i='
"+i+"
"):e.insertContent(i)}),e.addButton("pagebreak",{title:"Page break",cmd:"mcePageBreak"}),e.addMenuItem("pagebreak",{text:"Page break",icon:"pagebreak",cmd:"mcePageBreak",context:"insert"}),e.on("ResolveName",function(n){"IMG"==n.target.nodeName&&e.dom.hasClass(n.target,t)&&(n.name="pagebreak")}),e.on("click",function(n){n=n.target,"IMG"===n.nodeName&&e.dom.hasClass(n,t)&&e.selection.select(n)}),e.on("BeforeSetContent",function(e){e.content=e.content.replace(r,i)}),e.on("PreInit",function(){e.serializer.addNodeFilter("img",function(t){for(var r,i,o=t.length;o--;)if(r=t[o],i=r.attr("class"),i&&-1!==i.indexOf("mce-pagebreak")){var a=r.parent;if(e.schema.getBlockElements()[a.name]&&e.settings.pagebreak_split_block){a.type=3,a.value=n,a.raw=!0,r.remove();continue}r.type=3,r.value=n,r.raw=!0}})})}); -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/print/plugin.js: -------------------------------------------------------------------------------- 1 | /** 2 | * plugin.js 3 | * 4 | * Released under LGPL License. 5 | * Copyright (c) 1999-2015 Ephox Corp. All rights reserved 6 | * 7 | * License: http://www.tinymce.com/license 8 | * Contributing: http://www.tinymce.com/contributing 9 | */ 10 | 11 | /*global tinymce:true */ 12 | 13 | tinymce.PluginManager.add('print', function(editor) { 14 | editor.addCommand('mcePrint', function() { 15 | editor.getWin().print(); 16 | }); 17 | 18 | editor.addButton('print', { 19 | title: 'Print', 20 | cmd: 'mcePrint' 21 | }); 22 | 23 | editor.addShortcut('Meta+P', '', 'mcePrint'); 24 | 25 | editor.addMenuItem('print', { 26 | text: 'Print', 27 | cmd: 'mcePrint', 28 | icon: 'print', 29 | shortcut: 'Meta+P', 30 | context: 'file' 31 | }); 32 | }); 33 | -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/print/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("print",function(e){e.addCommand("mcePrint",function(){e.getWin().print()}),e.addButton("print",{title:"Print",cmd:"mcePrint"}),e.addShortcut("Meta+P","","mcePrint"),e.addMenuItem("print",{text:"Print",cmd:"mcePrint",icon:"print",shortcut:"Meta+P",context:"file"})}); -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/save/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("save",function(e){function t(){var t;return t=tinymce.DOM.getParent(e.id,"form"),!e.getParam("save_enablewhendirty",!0)||e.isDirty()?(tinymce.triggerSave(),e.getParam("save_onsavecallback")?(e.execCallback("save_onsavecallback",e),void e.nodeChanged()):void(t?(e.setDirty(!1),t.onsubmit&&!t.onsubmit()||("function"==typeof t.submit?t.submit():n(e.translate("Error: Form submit field collision."))),e.nodeChanged()):n(e.translate("Error: No form element found.")))):void 0}function n(t){e.notificationManager.open({text:t,type:"error"})}function r(){var t=tinymce.trim(e.startContent);return e.getParam("save_oncancelcallback")?void e.execCallback("save_oncancelcallback",e):(e.setContent(t),e.undoManager.clear(),void e.nodeChanged())}function i(){var t=this;e.on("nodeChange dirty",function(){t.disabled(e.getParam("save_enablewhendirty",!0)&&!e.isDirty())})}e.addCommand("mceSave",t),e.addCommand("mceCancel",r),e.addButton("save",{icon:"save",text:"Save",cmd:"mceSave",disabled:!0,onPostRender:i}),e.addButton("cancel",{text:"Cancel",icon:!1,cmd:"mceCancel",disabled:!0,onPostRender:i}),e.addShortcut("Meta+S","","mceSave")}); -------------------------------------------------------------------------------- /security-authorize/target/classes/resources/scripts/framework/plugins/tabfocus/plugin.min.js: -------------------------------------------------------------------------------- 1 | tinymce.PluginManager.add("tabfocus",function(e){function t(e){9!==e.keyCode||e.ctrlKey||e.altKey||e.metaKey||e.preventDefault()}function n(t){function n(n){function o(e){return"BODY"===e.nodeName||"hidden"!=e.type&&"none"!=e.style.display&&"hidden"!=e.style.visibility&&o(e.parentNode)}function l(e){return/INPUT|TEXTAREA|BUTTON/.test(e.tagName)&&tinymce.get(t.id)&&-1!=e.tabIndex&&o(e)}if(s=r.select(":input:enabled,*[tabindex]:not(iframe)"),i(s,function(t,n){return t.id==e.id?(a=n,!1):void 0}),n>0){for(c=a+1;c{{title}}
9 |标准绑定页面
9 | 12 | 13 | -------------------------------------------------------------------------------- /security-browser/src/main/resources/resources/imooc-logout.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |退出成功
9 | 10 | 11 | -------------------------------------------------------------------------------- /security-browser/src/main/resources/resources/imooc-signUp.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |标准注册页面
9 |这是系统注册页面,请配置earthchen.security.browser.signUpUrl属性来设置自己的注册页
10 | 11 | -------------------------------------------------------------------------------- /security-browser/src/main/resources/resources/session/invalid.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |session失效页面
9 | 10 | -------------------------------------------------------------------------------- /security-browser/target/classes/resources/imooc-banding.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |标准绑定页面
9 | 12 | 13 | -------------------------------------------------------------------------------- /security-browser/target/classes/resources/imooc-logout.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |退出成功
9 | 10 | 11 | -------------------------------------------------------------------------------- /security-browser/target/classes/resources/imooc-signUp.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |标准注册页面
9 |这是系统注册页面,请配置earthchen.security.browser.signUpUrl属性来设置自己的注册页
10 | 11 | -------------------------------------------------------------------------------- /security-browser/target/classes/resources/session/invalid.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 |session失效页面
9 | 10 | -------------------------------------------------------------------------------- /security-browser/target/maven-archiver/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven 2 | #Fri Dec 15 11:34:01 CST 2017 3 | version=1.0-SNAPSHOT 4 | groupId=com.earthchen 5 | artifactId=security-browser 6 | -------------------------------------------------------------------------------- /security-core/src/main/java/com/earthchen/security/core/SecurityCoreConfig.java: -------------------------------------------------------------------------------- 1 | package com.earthchen.security.core; 2 | 3 | 4 | import com.earthchen.security.core.properties.SecurityProperties; 5 | import org.springframework.boot.context.properties.EnableConfigurationProperties; 6 | import org.springframework.context.annotation.Bean; 7 | import org.springframework.context.annotation.Configuration; 8 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 9 | import org.springframework.security.crypto.password.PasswordEncoder; 10 | 11 | @Configuration 12 | @EnableConfigurationProperties(SecurityProperties.class) 13 | public class SecurityCoreConfig { 14 | 15 | // /** 16 | // * 设置加密解密算法 17 | // * 18 | // * @return 19 | // */ 20 | // @Bean 21 | // public PasswordEncoder passwordEncoder() { 22 | // return new BCryptPasswordEncoder(); 23 | // } 24 | } 25 | -------------------------------------------------------------------------------- /security-core/src/main/java/com/earthchen/security/core/authentication/DefaultSocialUserDetailsService.java: -------------------------------------------------------------------------------- 1 | package com.earthchen.security.core.authentication; 2 | 3 | import org.slf4j.Logger; 4 | import org.slf4j.LoggerFactory; 5 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 6 | import org.springframework.social.security.SocialUserDetails; 7 | import org.springframework.social.security.SocialUserDetailsService; 8 | 9 | /** 10 | * 默认的SocialUserDetailsService实现 11 | * 12 | * 不做任何处理,只在控制台打印一句日志,然后抛出异常,提醒业务系统自己配置SocialUserDetailsService。 13 | * 14 | * 15 | */ 16 | public class DefaultSocialUserDetailsService implements SocialUserDetailsService { 17 | 18 | private Logger logger = LoggerFactory.getLogger(getClass()); 19 | 20 | @Override 21 | public SocialUserDetails loadUserByUserId(String userId) throws UsernameNotFoundException { 22 | logger.warn("请配置 SocialUserDetailsService 接口的实现."); 23 | throw new UsernameNotFoundException(userId); 24 | } 25 | 26 | } -------------------------------------------------------------------------------- /security-core/src/main/java/com/earthchen/security/core/authentication/DefaultUserDetailsService.java: -------------------------------------------------------------------------------- 1 | package com.earthchen.security.core.authentication; 2 | 3 | import org.slf4j.Logger; 4 | import org.slf4j.LoggerFactory; 5 | import org.springframework.security.core.userdetails.UserDetails; 6 | import org.springframework.security.core.userdetails.UserDetailsService; 7 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 8 | 9 | /** 10 | * 11 | * 默认的 UserDetailsService 实现 12 | * 13 | * 不做任何处理,只在控制台打印一句日志,然后抛出异常,提醒业务系统自己配置 UserDetailsService。 14 | * 15 | * 16 | */ 17 | public class DefaultUserDetailsService implements UserDetailsService { 18 | 19 | private Logger logger = LoggerFactory.getLogger(getClass()); 20 | 21 | /* 22 | * (non-Javadoc) 23 | * 24 | * @see org.springframework.security.core.userdetails.UserDetailsService# 25 | * loadUserByUsername(java.lang.String) 26 | */ 27 | @Override 28 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { 29 | logger.warn("请配置 UserDetailsService 接口的实现."); 30 | throw new UsernameNotFoundException(username); 31 | } 32 | 33 | } -------------------------------------------------------------------------------- /security-core/src/main/java/com/earthchen/security/core/authentication/FormAuthenticationConfig.java: -------------------------------------------------------------------------------- 1 | package com.earthchen.security.core.authentication; 2 | 3 | import com.earthchen.security.core.properties.SecurityConstants; 4 | import org.springframework.beans.factory.annotation.Autowired; 5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 6 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 7 | import org.springframework.security.web.authentication.AuthenticationFailureHandler; 8 | import org.springframework.security.web.authentication.AuthenticationSuccessHandler; 9 | import org.springframework.stereotype.Component; 10 | 11 | /** 12 | * 表单登录配置 13 | */ 14 | @Component 15 | public class FormAuthenticationConfig { 16 | 17 | @Autowired 18 | protected AuthenticationSuccessHandler imoocAuthenticationSuccessHandler; 19 | 20 | @Autowired 21 | protected AuthenticationFailureHandler imoocAuthenticationFailureHandler; 22 | 23 | public void configure(HttpSecurity http) throws Exception { 24 | http.formLogin() 25 | .loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL) 26 | .loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM) 27 | .successHandler(imoocAuthenticationSuccessHandler) 28 | .failureHandler(imoocAuthenticationFailureHandler); 29 | } 30 | 31 | } 32 | 33 | -------------------------------------------------------------------------------- /security-core/src/main/java/com/earthchen/security/core/authorize/AuthorizeConfigManager.java: -------------------------------------------------------------------------------- 1 | package com.earthchen.security.core.authorize; 2 | 3 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 4 | import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; 5 | 6 | 7 | /** 8 | * 授权信息管理器 9 | * 10 | * 用于收集系统中所有 AuthorizeConfigProvider 并加载其配置 11 | */ 12 | public interface AuthorizeConfigManager { 13 | 14 | /** 15 | * @param config 16 | */ 17 | void config(ExpressionUrlAuthorizationConfigurer
6 | * 图形验证码和短信验证码
7 | */
8 | public class ValidateCodeProperties {
9 |
10 | /**
11 | * 图片验证码选项
12 | */
13 | private ImageCodeProperties imageCode = new ImageCodeProperties();
14 |
15 | /**
16 | * 短信验证码
17 | */
18 | private SmsCodeProperties smsCode = new SmsCodeProperties();
19 |
20 |
21 | public SmsCodeProperties getSmsCode() {
22 | return smsCode;
23 | }
24 |
25 | public void setSmsCode(SmsCodeProperties smsCode) {
26 | this.smsCode = smsCode;
27 | }
28 |
29 | public ImageCodeProperties getImageCode() {
30 | return imageCode;
31 | }
32 |
33 | public void setImageCode(ImageCodeProperties imageCode) {
34 | this.imageCode = imageCode;
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/properties/WeixinProperties.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.properties;
2 |
3 | import org.springframework.boot.autoconfigure.social.SocialProperties;
4 |
5 |
6 | /**
7 | * 微信登录配置项
8 | */
9 | public class WeixinProperties extends SocialProperties {
10 |
11 | /**
12 | * 第三方id,用来决定发起第三方登录的url,默认是 weixin。
13 | */
14 | private String providerId = "weixin";
15 |
16 | /**
17 | * @return the providerId
18 | */
19 | public String getProviderId() {
20 | return providerId;
21 | }
22 |
23 | /**
24 | * @param providerId the providerId to set
25 | */
26 | public void setProviderId(String providerId) {
27 | this.providerId = providerId;
28 | }
29 |
30 |
31 | }
32 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/social/qq/api/QQ.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.social.qq.api;
2 |
3 |
4 |
5 | /**
6 | * qq的api
7 | */
8 | public interface QQ {
9 |
10 | /**
11 | * 获取qq的用户信息
12 | * @return
13 | */
14 | QQUserInfo getUserInfo() ;
15 |
16 | }
17 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/social/qq/config/QQAutoConfig.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.social.qq.config;
2 |
3 | import com.earthchen.security.core.properties.QQProperties;
4 | import com.earthchen.security.core.properties.SecurityProperties;
5 | import com.earthchen.security.core.social.qq.connet.QQConnectionFactory;
6 | import org.springframework.beans.factory.annotation.Autowired;
7 | import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
8 | import org.springframework.boot.autoconfigure.social.SocialAutoConfigurerAdapter;
9 | import org.springframework.context.annotation.Configuration;
10 | import org.springframework.social.connect.ConnectionFactory;
11 |
12 | @Configuration
13 | @ConditionalOnProperty(prefix = "earthchen.security.social.qq", name = "app-id")
14 | public class QQAutoConfig extends SocialAutoConfigurerAdapter {
15 |
16 | @Autowired
17 | private SecurityProperties securityProperties;
18 |
19 | /**
20 | * qq连接工厂
21 | * @return
22 | */
23 | @Override
24 | protected ConnectionFactory createConnectionFactory() {
25 | QQProperties qqProperties = securityProperties.getSocial().getQq();
26 | return new QQConnectionFactory(
27 | qqProperties.getProviderId(),
28 | qqProperties.getAppId(),
29 | qqProperties.getAppSecret());
30 | }
31 | }
32 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/social/qq/connet/QQConnectionFactory.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.social.qq.connet;
2 |
3 | import com.earthchen.security.core.social.qq.api.QQ;
4 | import org.springframework.social.connect.support.OAuth2ConnectionFactory;
5 |
6 | /**
7 | * qq连接工厂
8 | */
9 | public class QQConnectionFactory extends OAuth2ConnectionFactory
8 | * 继承身份验证异常的基类
9 | */
10 | public class ValidateCodeException extends AuthenticationException {
11 |
12 | private static final long serialVersionUID = 1L;
13 |
14 | /**
15 | * 实现一个父类的构造方法
16 | *
17 | * @param msg
18 | */
19 | public ValidateCodeException(String msg) {
20 | super(msg);
21 | }
22 | }
23 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/validate/code/ValidateCodeGenerator.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.validate.code;
2 |
3 | import org.springframework.web.context.request.ServletWebRequest;
4 |
5 | /**
6 | * 验证码接口
7 | */
8 | public interface ValidateCodeGenerator {
9 | /**
10 | * 图形验证码实现方法接口
11 | * @param request
12 | * @return
13 | */
14 | ValidateCode generate(ServletWebRequest request);
15 |
16 | }
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/validate/code/ValidateCodeProcessor.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.validate.code;
2 |
3 |
4 | import org.springframework.web.context.request.ServletWebRequest;
5 |
6 | /**
7 | * 验证码处理器,封装不同的验证码处理逻辑
8 | */
9 | public interface ValidateCodeProcessor {
10 |
11 | /**
12 | * 验证码放入session时的前缀
13 | */
14 | String SESSION_KEY_PREFIX = "SESSION_KEY_FOR_CODE_";
15 |
16 |
17 | /**
18 | * 创建校验码
19 | *
20 | * @param servletWebRequest
21 | * @throws Exception
22 | */
23 | void create(ServletWebRequest servletWebRequest) throws Exception;
24 |
25 | /**
26 | * 校验验证码
27 | *
28 | * @param servletWebRequest
29 | * @throws Exception
30 | */
31 | void validate(ServletWebRequest servletWebRequest);
32 | }
33 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/validate/code/ValidateCodeProcessorHolder.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.validate.code;
2 |
3 | import java.util.Map;
4 |
5 | import org.springframework.beans.factory.annotation.Autowired;
6 | import org.springframework.stereotype.Component;
7 |
8 | /**
9 | * @author zhailiang
10 | *
11 | */
12 | @Component
13 | public class ValidateCodeProcessorHolder {
14 |
15 | @Autowired
16 | private Map解绑成功
");
30 | } else {
31 | response.getWriter().write("绑定成功
");
32 | }
33 |
34 | }
35 |
36 | }
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/social/weixin/api/Weixin.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.social.weixin.api;
2 |
3 | public interface Weixin {
4 |
5 | WeixinUserInfo getUserInfo(String openId);
6 | }
7 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/social/weixin/connet/WeixinAccessGrant.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.social.weixin.connet;
2 |
3 |
4 | import org.springframework.social.oauth2.AccessGrant;
5 |
6 | /**
7 | * 微信的access_token信息。与标准OAuth2协议不同,微信在获取access_token时会同时返回openId,并没有单独的通过accessToke换取openId的服务
8 | *
9 | * 所以在这里继承了标准AccessGrant,添加了openId字段,作为对微信access_token信息的封装。
10 | *
11 | *
12 | */
13 | public class WeixinAccessGrant extends AccessGrant {
14 |
15 | /**
16 | *
17 | */
18 | private static final long serialVersionUID = -7243374526633186782L;
19 |
20 | private String openId;
21 |
22 | public WeixinAccessGrant() {
23 | super("");
24 | }
25 |
26 | public WeixinAccessGrant(String accessToken, String scope, String refreshToken, Long expiresIn) {
27 | super(accessToken, scope, refreshToken, expiresIn);
28 | }
29 |
30 | /**
31 | * @return the openId
32 | */
33 | public String getOpenId() {
34 | return openId;
35 | }
36 |
37 | /**
38 | * @param openId the openId to set
39 | */
40 | public void setOpenId(String openId) {
41 | this.openId = openId;
42 | }
43 |
44 | }
45 |
46 |
--------------------------------------------------------------------------------
/security-core/src/main/java/com/earthchen/security/core/social/weixin/connet/WeixinServiceProvider.java:
--------------------------------------------------------------------------------
1 | package com.earthchen.security.core.social.weixin.connet;
2 |
3 | import com.earthchen.security.core.social.weixin.api.Weixin;
4 | import com.earthchen.security.core.social.weixin.api.WeixinImpl;
5 | import org.springframework.social.oauth2.AbstractOAuth2ServiceProvider;
6 |
7 | /**
8 | * 微信的OAuth2流程处理器的提供器,供spring social的connect体系调用
9 | */
10 | public class WeixinServiceProvider extends AbstractOAuth2ServiceProviderDemo登录页
9 |
10 |
--------------------------------------------------------------------------------
/security-demo/src/main/resources/resources/demo-signUp.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Demo注册页
9 |
10 |
28 |
29 |
--------------------------------------------------------------------------------
/security-demo/src/main/resources/resources/demo.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Demo登录页
9 |
10 |
--------------------------------------------------------------------------------
/security-demo/target/classes/resources/demo-signUp.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Demo注册页
9 |
10 |
28 |
29 |
--------------------------------------------------------------------------------
/security-demo/target/classes/resources/demo.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | SSO Demo Client1
9 | 访问Client2
10 |
11 |
--------------------------------------------------------------------------------
/sso-client1/target/classes/application.yml:
--------------------------------------------------------------------------------
1 | security:
2 | oauth2:
3 | client:
4 | clientId: earthchen1
5 | clientSecret: earthchensecret1
6 | user-authorization-uri: http://127.0.0.1:9999/server/oauth/authorize
7 | access-token-uri: http://127.0.0.1:9999/server/oauth/token
8 | resource:
9 | jwt:
10 | key-uri: http://127.0.0.1:9999/server/oauth/token_key
11 | server:
12 | port: 8080
13 | context-path: /client1
14 |
15 |
16 |
--------------------------------------------------------------------------------
/sso-client1/target/classes/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | SSO Demo Client1
9 | 访问Client2
10 |
11 |
--------------------------------------------------------------------------------
/sso-client2/pom.xml:
--------------------------------------------------------------------------------
1 |
2 | SSO Demo Client1
9 | 访问Client1
10 |
11 |
--------------------------------------------------------------------------------
/sso-client2/target/classes/application.yml:
--------------------------------------------------------------------------------
1 | security:
2 | oauth2:
3 | client:
4 | client-id: earthchen2
5 | client-secret: earthchensecret2
6 | user-authorization-uri: http://127.0.0.1:9999/server/oauth/authorize
7 | access-token-uri: http://127.0.0.1:9999/server/oauth/token
8 | resource:
9 | jwt:
10 | key-uri: http://127.0.0.1:9999/server/oauth/token_key
11 | server:
12 | port: 8060
13 | context-path: /client2
--------------------------------------------------------------------------------
/sso-client2/target/classes/static/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | SSO Demo Client1
9 | 访问Client1
10 |
11 |
--------------------------------------------------------------------------------
/sso-demo/sso-demo.iml:
--------------------------------------------------------------------------------
1 |
2 | Demo注册页
9 |
10 |
28 |
29 |
--------------------------------------------------------------------------------
/test/target/classes/application.yml:
--------------------------------------------------------------------------------
1 | spring:
2 | datasource:
3 | driver-class-name: com.mysql.jdbc.Driver
4 | password: 123456
5 | username: root
6 | url: jdbc:mysql://127.0.0.1:3306/security-demo?useUnicode=yes&characterEncoding=UTF-8&useSSL=false
7 | dbcp2:
8 | min-evictable-idle-time-millis: 180000
9 | test-on-borrow: true
10 | test-on-return: true
11 | test-while-idle: true
12 | validation-query: select 1
13 | tomcat:
14 | max-active: 100
15 | min-idle: 10
16 | jpa:
17 | generate-ddl: true
18 | show-sql: true
19 |
20 | session:
21 | store-type: none
22 | server:
23 | session:
24 | timeout: 600
25 |
26 | earthchen:
27 | security:
28 | browser:
29 | loginType: REDIRECT
30 | singInSuccessUrl: /manage.html
31 | registerPage: /signUp.html
32 |
33 | social:
34 | qq:
35 | app-id: 100550231
36 | app-secret: 4444444444444
37 | # 设置providerId
38 | providerId: callback.do
39 | # 将社交登录social前缀的/auth改为以下内容
40 | weixin:
41 | app-id: wxd99431bbff8305a0
42 | app-secret: 60f78681d063590a469f1b297feff3c4
43 |
44 | # 最终url为/social-auth/callback.do
45 | filterProcessesUrl: /qqLogin
46 |
47 |
48 |
49 |
50 |
--------------------------------------------------------------------------------
/test/target/classes/resources/index.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Demo注册页
9 |
10 |
28 |
29 |
--------------------------------------------------------------------------------