├── README.md
├── ncee-api
├── README.md
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── com
│ │ │ └── cloume
│ │ │ └── ncee
│ │ │ └── api
│ │ │ └── SimpleApiApplication.java
│ └── resources
│ │ ├── application.yml
│ │ └── bootstrap.yml
│ └── test
│ └── java
│ └── com
│ └── cloume
│ └── ncee
│ └── api
│ └── SimpleApiApplicationTests.java
├── ncee-oauth
├── README.md
├── pom.xml
└── src
│ ├── main
│ ├── java
│ │ └── com
│ │ │ └── cloume
│ │ │ └── ncee
│ │ │ ├── NceeAuthServerApplication.java
│ │ │ └── OAuthConfiguration.java
│ └── resources
│ │ ├── application.yml
│ │ └── bootstrap.yml
│ └── test
│ └── java
│ └── com
│ └── cloume
│ └── ncee
│ └── NceeAuthServerApplicationTests.java
└── ncee-ui
├── README.md
├── pom.xml
└── src
├── main
├── java
│ └── com
│ │ └── cloume
│ │ └── ncee
│ │ └── UIServerApplication.java
└── resources
│ ├── application.yml
│ ├── bootstrap.yml
│ └── templates
│ └── hello.html
└── test
└── java
└── com
└── cloume
└── ncee
└── UIServerApplicationTests.java
/README.md:
--------------------------------------------------------------------------------
1 | # Spring boot OAuth2 Example
2 |
3 | a simple example, use *Spring boot*, *Spting cloud oauth2*, *Spring security*, *Netflex zuul*, demo how to config **OAuth2 Server**, **UI Server** and **Resource Server**. use JWT as token, not user-info uri to get the authorized user's info.
4 |
5 | ## OAuth2 Server
6 |
7 | oauth2 authentication provider
8 |
9 | * context-path: /uaa
10 | * serve port: 8804
11 | * client details: in class ``com.cloume.ncee.OAuthConfiguration``
12 |
13 | ## Resource Server
14 |
15 | provide an api ``/test`` saying ``HELLO, WORKS``
16 |
17 | ## UI-Server(*Also Zuul Gateway*)
18 |
19 | * proxy access to ui-server and resource-server
20 | ``
21 | /api/** -> http(s)://{resource-server-hostname}
22 | / -> http(s)://{ui-server-hostname}
23 | ``
24 | * homepage: /hello
25 | * users: added in ``ncee-oauth`` project, class ``com.cloume.ncee.NceeAuthServerApplication``
26 | * ui-server(as oauth2 client) may have own user-system
27 |
28 | ## IMPORTANT
29 |
30 | * missing ``com.cloume.common`` packages can be found in repo ``https://github.com/HQIT/maven-repo`` (Issue #2)
31 |
32 | * if ui-server and oauth2-server launched on the same host (even not on the same port), should set one of servers' context-path to anything but ``/``, cuz ``Set-Cookie`` will override each other, make login fail (error log say some CSRF exception, not that). actually JSESSIONID change make the OAuthClientContext re-generated is the real reason
33 |
34 | * JWT, symmetric key (123) used in example, un-symmetric one should be better! embedded **.jks** in project, tutorials available on google (or bing.com) and other SE.
35 |
36 | good luck!
37 |
--------------------------------------------------------------------------------
/ncee-api/README.md:
--------------------------------------------------------------------------------
1 | ## simple-api
--------------------------------------------------------------------------------
/ncee-api/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | com.cloume.ncee
7 | simple-api
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | simple-api
12 |
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.4.2.RELEASE
18 |
19 |
20 |
21 |
22 | UTF-8
23 | UTF-8
24 | 1.8
25 |
26 |
27 |
28 |
29 | org.springframework.boot
30 | spring-boot-starter-web
31 |
32 |
33 |
34 | org.springframework.cloud
35 | spring-cloud-starter-security
36 |
37 |
38 |
39 | org.springframework.cloud
40 | spring-cloud-starter-oauth2
41 |
42 |
43 |
44 | org.springframework.boot
45 | spring-boot-devtools
46 | true
47 |
48 |
49 |
50 | org.springframework.boot
51 | spring-boot-starter-test
52 | test
53 |
54 |
55 |
56 | com.cloume.common
57 | common-rest-response
58 | 0.0.2-SNAPSHOT
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 | org.springframework.cloud
67 | spring-cloud-dependencies
68 | Camden.SR5
69 | pom
70 | import
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 | org.springframework.boot
79 | spring-boot-maven-plugin
80 |
81 |
82 |
83 |
84 |
85 |
86 |
--------------------------------------------------------------------------------
/ncee-api/src/main/java/com/cloume/ncee/api/SimpleApiApplication.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee.api;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.context.annotation.Bean;
6 | import org.springframework.http.HttpMethod;
7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
8 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
9 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
10 | import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
11 | import org.springframework.security.oauth2.provider.token.TokenStore;
12 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
13 | import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
14 | import org.springframework.web.bind.annotation.RequestMapping;
15 | import org.springframework.web.bind.annotation.RestController;
16 |
17 | import com.cloume.common.rest.response.RestResponse;
18 |
19 | @SpringBootApplication
20 | @EnableResourceServer
21 | @RestController
22 | public class SimpleApiApplication extends ResourceServerConfigurerAdapter {
23 |
24 | public static void main(String[] args) {
25 | SpringApplication.run(SimpleApiApplication.class, args);
26 | }
27 |
28 | @RequestMapping("/test")
29 | public RestResponse test() {
30 | return RestResponse.good("hey u");
31 | }
32 |
33 | @Override
34 | public void configure(HttpSecurity http) throws Exception {
35 | http.csrf().disable().authorizeRequests().antMatchers("/**").authenticated().antMatchers(HttpMethod.GET, "/test")
36 | // 拦截用户,必须具有所列权限
37 | .hasAuthority("FOO_READ");
38 | }
39 |
40 | @Override
41 | public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
42 | resources.resourceId("foo").tokenStore(tokenStore());
43 | }
44 |
45 | @Bean
46 | protected JwtAccessTokenConverter jwtTokenEnhancer() {
47 | JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
48 | converter.setSigningKey("123");
49 | return converter;
50 | }
51 |
52 | @Bean
53 | public TokenStore tokenStore() {
54 | return new JwtTokenStore(jwtTokenEnhancer());
55 | }
56 | }
57 |
--------------------------------------------------------------------------------
/ncee-api/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | logging:
2 | level:
3 | org:
4 | springframework:
5 | security: DEBUG
6 | server:
7 | port: 8806
--------------------------------------------------------------------------------
/ncee-api/src/main/resources/bootstrap.yml:
--------------------------------------------------------------------------------
1 | spring:
2 | application:
3 | name: ncee-api
--------------------------------------------------------------------------------
/ncee-api/src/test/java/com/cloume/ncee/api/SimpleApiApplicationTests.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee.api;
2 |
3 | import org.junit.runner.RunWith;
4 | import org.springframework.boot.test.context.SpringBootTest;
5 | import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
6 | import org.springframework.test.context.ActiveProfiles;
7 | import org.springframework.test.context.junit4.SpringRunner;
8 |
9 | @RunWith(SpringRunner.class)
10 | @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
11 | @ActiveProfiles("test")
12 | public class SimpleApiApplicationTests {
13 | }
14 |
--------------------------------------------------------------------------------
/ncee-oauth/README.md:
--------------------------------------------------------------------------------
1 | # ncee-oauth
2 |
3 |
4 |
--------------------------------------------------------------------------------
/ncee-oauth/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | com.cloume.ncee
7 | ncee-oauth
8 | 0.0.3-SNAPSHOT
9 | jar
10 |
11 | ncee-oauth
12 |
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.4.2.RELEASE
18 |
19 |
20 |
21 |
22 | UTF-8
23 | UTF-8
24 | 1.8
25 | 1.5.0
26 |
27 |
28 |
29 |
30 | org.springframework.boot
31 | spring-boot-starter-thymeleaf
32 |
33 |
34 | org.springframework.boot
35 | spring-boot-devtools
36 | true
37 |
38 |
39 |
40 | org.springframework.boot
41 | spring-boot-starter-web
42 |
43 |
44 | org.springframework.cloud
45 | spring-cloud-starter-oauth2
46 |
47 |
48 |
49 | org.springframework.boot
50 | spring-boot-starter-test
51 | test
52 |
53 |
54 |
55 | com.cloume.common
56 | common-utils
57 | 0.0.1-SNAPSHOT
58 |
59 |
60 |
61 |
62 |
63 |
64 |
65 |
66 | org.springframework.cloud
67 | spring-cloud-dependencies
68 | Camden.SR5
69 | pom
70 | import
71 |
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 | org.springframework.boot
80 | spring-boot-maven-plugin
81 |
82 |
83 |
84 |
85 |
86 |
87 |
--------------------------------------------------------------------------------
/ncee-oauth/src/main/java/com/cloume/ncee/NceeAuthServerApplication.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
6 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
7 |
8 | @SpringBootApplication
9 | public class NceeAuthServerApplication extends WebSecurityConfigurerAdapter {
10 |
11 | public static void main(String[] args) {
12 | SpringApplication.run(NceeAuthServerApplication.class, args);
13 | }
14 |
15 | @Override
16 | protected void configure(AuthenticationManagerBuilder auth) throws Exception {
17 | auth.inMemoryAuthentication().withUser("reader").password("reader").authorities("FOO_READ").and()
18 | .withUser("writer").password("writer").authorities("FOO_READ", "FOO_WRITE");
19 | }
20 | }
21 |
--------------------------------------------------------------------------------
/ncee-oauth/src/main/java/com/cloume/ncee/OAuthConfiguration.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee;
2 |
3 | import org.springframework.beans.factory.annotation.Autowired;
4 | import org.springframework.context.annotation.Bean;
5 | import org.springframework.context.annotation.Configuration;
6 | import org.springframework.security.authentication.AuthenticationManager;
7 | import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
8 | import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
9 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
10 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
11 | import org.springframework.security.oauth2.provider.token.TokenStore;
12 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
13 | import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
14 |
15 | @Configuration
16 | @EnableAuthorizationServer
17 | public class OAuthConfiguration extends AuthorizationServerConfigurerAdapter {
18 |
19 | @Override
20 | public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
21 | clients.inMemory().withClient("web_app")
22 | .secret("secret")
23 | .scopes("FOO", "read").autoApprove(true)
24 | .authorities("FOO_READ", "FOO_WRITE")
25 | .authorizedGrantTypes("implicit", "refresh_token", "password", "authorization_code");
26 | }
27 |
28 | @Override
29 | public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
30 | endpoints.tokenStore(tokenStore()).tokenEnhancer(jwtTokenEnhancer())
31 | .authenticationManager(authenticationManager);
32 | }
33 |
34 | @Autowired
35 | private AuthenticationManager authenticationManager;
36 |
37 | @Bean
38 | public TokenStore tokenStore() {
39 | return new JwtTokenStore(jwtTokenEnhancer());
40 | }
41 |
42 | @Bean
43 | protected JwtAccessTokenConverter jwtTokenEnhancer() {
44 | JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
45 | converter.setSigningKey("123");
46 | return converter;
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/ncee-oauth/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | logging:
2 | level:
3 | org:
4 | springframework:
5 | security: DEBUG
6 | spring:
7 | thymeleaf:
8 | cache: false
9 |
10 | server:
11 | context-path: /uaa
--------------------------------------------------------------------------------
/ncee-oauth/src/main/resources/bootstrap.yml:
--------------------------------------------------------------------------------
1 | spring:
2 | application:
3 | name: ncee-oauth
4 |
5 | server:
6 | port: 8804
--------------------------------------------------------------------------------
/ncee-oauth/src/test/java/com/cloume/ncee/NceeAuthServerApplicationTests.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.boot.test.context.SpringBootTest;
6 | import org.springframework.test.context.junit4.SpringRunner;
7 |
8 | @RunWith(SpringRunner.class)
9 | @SpringBootTest
10 | public class NceeAuthServerApplicationTests {
11 |
12 | @Test
13 | public void contextLoads() {
14 | }
15 |
16 | }
17 |
--------------------------------------------------------------------------------
/ncee-ui/README.md:
--------------------------------------------------------------------------------
1 | ## ui-server
2 |
3 |
4 |
5 |
--------------------------------------------------------------------------------
/ncee-ui/pom.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 | 4.0.0
5 |
6 | com.cloume.ncee
7 | ui-server
8 | 0.0.1-SNAPSHOT
9 | jar
10 |
11 | ui-server
12 |
13 |
14 |
15 | org.springframework.boot
16 | spring-boot-starter-parent
17 | 1.4.2.RELEASE
18 |
19 |
20 |
21 |
22 | UTF-8
23 | UTF-8
24 | 1.8
25 |
26 |
27 |
28 |
29 | org.springframework.cloud
30 | spring-cloud-starter-zuul
31 |
32 |
33 |
34 | org.springframework.boot
35 | spring-boot-devtools
36 | true
37 |
38 |
39 | org.springframework.cloud
40 | spring-cloud-starter-security
41 |
42 |
43 | org.springframework.boot
44 | spring-boot-starter-test
45 | test
46 |
47 |
48 | org.springframework.cloud
49 | spring-cloud-starter-oauth2
50 |
51 |
52 | org.springframework.boot
53 | spring-boot-starter-thymeleaf
54 |
55 |
56 |
57 |
58 |
59 |
60 | org.springframework.cloud
61 | spring-cloud-dependencies
62 | Camden.SR5
63 | pom
64 | import
65 |
66 |
67 |
68 |
69 |
70 |
71 |
72 | org.springframework.boot
73 | spring-boot-maven-plugin
74 |
75 |
76 |
77 |
78 |
79 |
80 |
--------------------------------------------------------------------------------
/ncee-ui/src/main/java/com/cloume/ncee/UIServerApplication.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee;
2 |
3 | import org.springframework.boot.SpringApplication;
4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
5 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
6 | import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
8 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
9 | import org.springframework.stereotype.Controller;
10 | import org.springframework.web.bind.annotation.RequestMapping;
11 |
12 | @SpringBootApplication
13 | @EnableOAuth2Sso
14 | @EnableZuulProxy
15 | @Controller
16 | public class UIServerApplication extends WebSecurityConfigurerAdapter
17 | {
18 | public static void main(String[] args) {
19 | SpringApplication.run(UIServerApplication.class, args);
20 | }
21 |
22 | @Override
23 | protected void configure(HttpSecurity http) throws Exception {
24 | http.authorizeRequests()
25 | .antMatchers("/login", "/api/**").permitAll()
26 | .anyRequest().authenticated()
27 | .and().csrf().disable();
28 | }
29 |
30 | @RequestMapping("/hello")
31 | public String hello() {
32 | return "hello";
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/ncee-ui/src/main/resources/application.yml:
--------------------------------------------------------------------------------
1 | logging:
2 | level:
3 | org:
4 | springframework:
5 | security: DEBUG
6 | # hibernate: DEBUG
7 | zuul:
8 | routes:
9 | apis:
10 | path: /api/**
11 | url: http://localhost:8806
12 | auth:
13 | path: /
14 | url: http://localhost:8802
15 |
16 | security:
17 | basic:
18 | enabled: false
19 | oauth2:
20 | client:
21 | access-token-uri: http://localhost:8804/uaa/oauth/token
22 | user-authorization-uri: http://localhost:8804/uaa/oauth/authorize
23 | client-id: web_app
24 | client-secret: secret
25 | resource:
26 | jwt:
27 | key-value: 123
--------------------------------------------------------------------------------
/ncee-ui/src/main/resources/bootstrap.yml:
--------------------------------------------------------------------------------
1 | spring:
2 | application:
3 | name: radar-gateway
4 |
5 | server:
6 | port: 8802
--------------------------------------------------------------------------------
/ncee-ui/src/main/resources/templates/hello.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Insert title here
6 |
7 |
8 | HELLO, WORKS
9 |
10 |
31 |
32 |
--------------------------------------------------------------------------------
/ncee-ui/src/test/java/com/cloume/ncee/UIServerApplicationTests.java:
--------------------------------------------------------------------------------
1 | package com.cloume.ncee;
2 |
3 | import org.junit.Test;
4 | import org.junit.runner.RunWith;
5 | import org.springframework.boot.test.context.SpringBootTest;
6 | import org.springframework.test.context.junit4.SpringRunner;
7 |
8 | @RunWith(SpringRunner.class)
9 | @SpringBootTest
10 | public class UIServerApplicationTests {
11 |
12 | @Test
13 | public void contextLoads() {
14 | }
15 |
16 | }
17 |
--------------------------------------------------------------------------------