├── README.md
├── authorization-server
    ├── pom.xml
    └── src
    │   ├── main
    │       ├── java
    │       │   └── cn
    │       │   │   └── merryyou
    │       │   │       └── security
    │       │   │           ├── SpringBoot2Oauth2Application.java
    │       │   │           ├── config
    │       │   │               └── TokenStoreConfig.java
    │       │   │           ├── handler
    │       │   │               └── AppLoginInSuccessHandler.java
    │       │   │           ├── properties
    │       │   │               ├── OAuth2ClientProperties.java
    │       │   │               ├── OAuth2CoreConfig.java
    │       │   │               └── OAuth2Properties.java
    │       │   │           ├── security
    │       │   │               ├── MyUserDetailsService.java
    │       │   │               ├── SecurityConfig.java
    │       │   │               └── jwt
    │       │   │               │   └── MerryyouJwtTokenEnhancer.java
    │       │   │           ├── server
    │       │   │               ├── MerryyouAuthorizationServerConfig.java
    │       │   │               └── MerryyouResourceServerConfig.java
    │       │   │           └── utils
    │       │   │               └── JsonUtil.java
    │       └── resources
    │       │   └── application.yml
    │   └── test
    │       └── java
    │           └── cn
    │               └── merryyou
    │                   └── security
    │                       └── SpringBoot2Oauth2Test.java
├── pom.xml
└── resource-server
    ├── pom.xml
    ├── resource-server.iml
    └── src
        └── main
            ├── java
                └── cn
                │   └── merryyou
                │       └── security
                │           ├── SpringBoot2Oauth2ResourceApplication.java
                │           └── resource
                │               └── MerryyouResourceServerConfiguration.java
            └── resources
                └── application.yml


/README.md:
--------------------------------------------------------------------------------
 1 | # springboot2.0-oauth2
 2 | [![GitHub stars](https://img.shields.io/github/stars/longfeizheng/springboot2.0-oauth2.svg?style=flat&label=Star)](https://github.com/longfeizheng/springboot2.0-oauth2/stargazers)
 3 | [![GitHub forks](https://img.shields.io/github/forks/longfeizheng/springboot2.0-oauth2.svg?style=flat&label=Fork)](https://github.com/longfeizheng/springboot2.0-oauth2/fork)
 4 | [![GitHub watchers](https://img.shields.io/github/watchers/longfeizheng/springboot2.0-oauth2.svg?style=flat&label=Watch)](https://github.com/longfeizheng/springboot2.0-oauth2/watchers)
 5 | - [springboot 2.0 整合Oauth2](https://longfeizheng.github.io/2018/04/29/Spring-Boot-2.0-%E6%95%B4%E5%90%88-Spring-Security-Oauth2/)
 6 | - [SpringBott 1.5.6.RELEASE整合Oauth2](https://github.com/longfeizheng/security-oauth2)
 7 | 
 8 | 
 9 | #### 授权码模式
10 | 
11 | [![https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif")](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif")
12 | 
13 | #### 密码模式
14 | 
15 | [![https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif")](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif")
16 | 
17 | #### 自定义登录
18 | 
19 | [![https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif")](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif")
20 | 
21 | #### 刷新token
22 | 
23 | [![https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif")](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif")
24 | 
25 | #### 测试资源服务器
26 | 
27 | [![https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth206.gif](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth206.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth206.gif")](https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth206.gif "https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth206.gif")
28 | 


--------------------------------------------------------------------------------
/authorization-server/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0"
 3 |          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4 |          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 5 |     <parent>
 6 |         <artifactId>springboot2.0-oauth2</artifactId>
 7 |         <groupId>cn.merryyou</groupId>
 8 |         <version>1.0-SNAPSHOT</version>
 9 |     </parent>
10 |     <modelVersion>4.0.0</modelVersion>
11 | 
12 |     <artifactId>authorization-server</artifactId>
13 | 
14 | 
15 |     <properties>
16 |         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
17 |         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
18 |         <java.version>1.8</java.version>
19 |     </properties>
20 | 
21 |     <dependencies>
22 |         <dependency>
23 |             <groupId>org.springframework.cloud</groupId>
24 |             <artifactId>spring-cloud-starter-oauth2</artifactId>
25 |         </dependency>
26 | 
27 |         <dependency>
28 |             <groupId>org.springframework.security</groupId>
29 |             <artifactId>spring-security-jwt</artifactId>
30 |             <!--<version>1.0.9.RELEASE</version>-->
31 |         </dependency>
32 | 
33 |         <dependency>
34 |             <groupId>org.springframework.boot</groupId>
35 |             <artifactId>spring-boot-starter-test</artifactId>
36 |         </dependency>
37 | 
38 |         <dependency>
39 |             <groupId>org.springframework.boot</groupId>
40 |             <artifactId>spring-boot-starter-redis</artifactId>
41 |             <version>1.4.7.RELEASE</version>
42 |         </dependency>
43 | 
44 |         <dependency>
45 |             <groupId>org.projectlombok</groupId>
46 |             <artifactId>lombok</artifactId>
47 |             <version>1.16.14</version>
48 |         </dependency>
49 | 
50 |         <dependency>
51 |             <groupId>com.google.code.gson</groupId>
52 |             <artifactId>gson</artifactId>
53 |             <version>2.8.2</version>
54 |         </dependency>
55 | 
56 |         <dependency>
57 |             <groupId>io.jsonwebtoken</groupId>
58 |             <artifactId>jjwt</artifactId>
59 |             <version>0.9.0</version>
60 |         </dependency>
61 | 
62 |         <dependency>
63 |             <groupId>commons-lang</groupId>
64 |             <artifactId>commons-lang</artifactId>
65 |             <version>2.6</version>
66 |         </dependency>
67 | 
68 |     </dependencies>
69 | 
70 |     <build>
71 |         <plugins>
72 |             <plugin>
73 |                 <groupId>org.springframework.boot</groupId>
74 |                 <artifactId>spring-boot-maven-plugin</artifactId>
75 |             </plugin>
76 |         </plugins>
77 |     </build>
78 | 
79 | </project>


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/SpringBoot2Oauth2Application.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security;
 2 | 
 3 | import cn.merryyou.security.properties.OAuth2Properties;
 4 | import cn.merryyou.security.utils.JsonUtil;
 5 | import io.jsonwebtoken.Claims;
 6 | import io.jsonwebtoken.Jwts;
 7 | import lombok.extern.slf4j.Slf4j;
 8 | import org.apache.commons.lang.StringUtils;
 9 | import org.springframework.beans.factory.annotation.Autowired;
10 | import org.springframework.boot.SpringApplication;
11 | import org.springframework.boot.autoconfigure.SpringBootApplication;
12 | import org.springframework.security.core.Authentication;
13 | import org.springframework.web.bind.annotation.GetMapping;
14 | import org.springframework.web.bind.annotation.RestController;
15 | 
16 | import javax.servlet.http.HttpServletRequest;
17 | import java.io.UnsupportedEncodingException;
18 | import java.security.Principal;
19 | 
20 | /**
21 |  * Created on 2018/4/28.
22 |  *
23 |  * @author zlf
24 |  * @since 1.0
25 |  */
26 | @RestController
27 | @SpringBootApplication
28 | @Slf4j
29 | public class SpringBoot2Oauth2Application {
30 | 
31 |     @Autowired
32 |     private OAuth2Properties oAuth2Properties;
33 | 
34 | 
35 |     public static void main(String[] args) {
36 |         SpringApplication.run(SpringBoot2Oauth2Application.class, args);
37 |     }
38 | 
39 |     @GetMapping("/userJwt")
40 |     public Object getCurrentUserJwt(Authentication authentication, HttpServletRequest request) throws UnsupportedEncodingException {
41 |         log.info("【SecurityOauth2Application】 getCurrentUserJwt authentication={}", JsonUtil.toJson(authentication));
42 | 
43 |         String header = request.getHeader("Authorization");
44 |         String token = StringUtils.substringAfter(header, "bearer ");
45 | 
46 |         Claims claims = Jwts.parser().setSigningKey(oAuth2Properties.getJwtSigningKey().getBytes("UTF-8")).parseClaimsJws(token).getBody();
47 |         String blog = (String) claims.get("blog");
48 |         log.info("【SecurityOauth2Application】 getCurrentUser1 blog={}", blog);
49 | 
50 |         return authentication;
51 |     }
52 | 
53 |     @GetMapping("/userRedis")
54 |     public Object getCurrentUserRedis(Authentication authentication) {
55 |         log.info("【SecurityOauth2Application】 getCurrentUserRedis authentication={}", JsonUtil.toJson(authentication));
56 | 
57 | 
58 |         return authentication;
59 |     }
60 | 
61 |     @GetMapping("/user/me")
62 |     public Principal user(Principal user){
63 |         return user;
64 |     }
65 | 
66 | }
67 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/config/TokenStoreConfig.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.config;
 2 | 
 3 | import cn.merryyou.security.properties.OAuth2Properties;
 4 | import cn.merryyou.security.security.jwt.MerryyouJwtTokenEnhancer;
 5 | import org.springframework.beans.factory.annotation.Autowired;
 6 | import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 7 | import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
 8 | import org.springframework.context.annotation.Bean;
 9 | import org.springframework.context.annotation.Configuration;
10 | import org.springframework.data.redis.connection.RedisConnectionFactory;
11 | import org.springframework.security.oauth2.provider.token.TokenEnhancer;
12 | import org.springframework.security.oauth2.provider.token.TokenStore;
13 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
14 | import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
15 | import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
16 | 
17 | /**
18 |  * Created on 2018/1/21 0021.
19 |  *
20 |  * @author zlf
21 |  * @email i@merryyou.cn
22 |  * @since 1.0
23 |  */
24 | @Configuration
25 | public class TokenStoreConfig {
26 |     /**
27 |      * redis连接工厂
28 |      */
29 |     @Autowired
30 |     private RedisConnectionFactory redisConnectionFactory;
31 | 
32 | 
33 |     /**
34 |      * 用于存放token
35 |      * @return
36 |      */
37 |     @Bean
38 |     @ConditionalOnProperty(prefix = "merryyou.security.oauth2", name = "storeType", havingValue = "redis")
39 |     public TokenStore redisTokenStore() {
40 |         return new RedisTokenStore(redisConnectionFactory);
41 |     }
42 | 
43 |     /**
44 |      * jwt TOKEN配置信息
45 |      */
46 |     @Configuration
47 |     @ConditionalOnProperty(prefix = "merryyou.security.oauth2", name = "storeType", havingValue = "jwt", matchIfMissing = true)
48 |     public static class JwtTokenCofnig{
49 | 
50 |         @Autowired
51 |         private OAuth2Properties oAuth2Properties;
52 | 
53 |         /**
54 |          * 使用jwtTokenStore存储token
55 |          * @return
56 |          */
57 |         @Bean
58 |         public TokenStore jwtTokenStore(){
59 |             return new JwtTokenStore(jwtAccessTokenConverter());
60 |         }
61 | 
62 |         /**
63 |          * 用于生成jwt
64 |          * @return
65 |          */
66 |         @Bean
67 |         public JwtAccessTokenConverter jwtAccessTokenConverter(){
68 |             JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();
69 |             accessTokenConverter.setSigningKey(oAuth2Properties.getJwtSigningKey());//生成签名的key
70 |             return accessTokenConverter;
71 |         }
72 | 
73 |         /**
74 |          * 用于扩展JWT
75 |          * @return
76 |          */
77 |         @Bean
78 |         @ConditionalOnMissingBean(name = "jwtTokenEnhancer")
79 |         public TokenEnhancer jwtTokenEnhancer(){
80 |             return new MerryyouJwtTokenEnhancer();
81 |         }
82 | 
83 |     }
84 | }
85 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/handler/AppLoginInSuccessHandler.java:
--------------------------------------------------------------------------------
  1 | package cn.merryyou.security.handler;
  2 | 
  3 | import cn.merryyou.security.utils.JsonUtil;
  4 | import com.fasterxml.jackson.databind.ObjectMapper;
  5 | import lombok.extern.slf4j.Slf4j;
  6 | import org.springframework.beans.factory.annotation.Autowired;
  7 | import org.springframework.security.authentication.BadCredentialsException;
  8 | import org.springframework.security.core.Authentication;
  9 | import org.springframework.security.crypto.codec.Base64;
 10 | import org.springframework.security.crypto.password.PasswordEncoder;
 11 | import org.springframework.security.oauth2.common.OAuth2AccessToken;
 12 | import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
 13 | import org.springframework.security.oauth2.provider.*;
 14 | import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
 15 | import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 16 | import org.springframework.stereotype.Component;
 17 | 
 18 | import javax.servlet.ServletException;
 19 | import javax.servlet.http.HttpServletRequest;
 20 | import javax.servlet.http.HttpServletResponse;
 21 | import java.io.IOException;
 22 | import java.util.HashMap;
 23 | 
 24 | /**
 25 |  * APP登录成功处理器
 26 |  * Created on 2018/1/21 0021.
 27 |  *
 28 |  * @author zlf
 29 |  * @email i@merryyou.cn
 30 |  * @since 1.0
 31 |  */
 32 | 
 33 | @Slf4j
 34 | @Component("appLoginInSuccessHandler")
 35 | public class AppLoginInSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
 36 | 
 37 |     @Autowired
 38 |     private ObjectMapper objectMapper;
 39 | 
 40 |     @Autowired
 41 |     private PasswordEncoder passwordEncoder;
 42 | 
 43 |     @Autowired
 44 |     private ClientDetailsService clientDetailsService;
 45 | 
 46 |     @Autowired
 47 |     private AuthorizationServerTokenServices authorizationServerTokenServices;
 48 | 
 49 |     @Override
 50 |     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException {
 51 | 
 52 |         log.info("【AppLoginInSuccessHandler】 onAuthenticationSuccess authentication={}", authentication);
 53 | 
 54 |         String header = request.getHeader("Authorization");
 55 | 
 56 |         if (header == null || !header.startsWith("Basic ")) {
 57 |             throw new UnapprovedClientAuthenticationException("请求头中无client信息");
 58 |         }
 59 |         String[] tokens = this.extractAndDecodeHeader(header, request);
 60 | 
 61 |         assert tokens.length == 2;
 62 | 
 63 |         String clientId = tokens[0];
 64 |         String clientSecret = tokens[1];
 65 | 
 66 |         ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
 67 | 
 68 |         if (clientDetails == null) {
 69 |             throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId);
 70 |         } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) {
 71 |             throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId);
 72 |         }
 73 | 
 74 |         TokenRequest tokenRequest = new TokenRequest(new HashMap<>(), clientId, clientDetails.getScope(), "custom");
 75 | 
 76 |         OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
 77 | 
 78 |         OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);
 79 | 
 80 |         OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication);
 81 | 
 82 |         response.setContentType("application/json;charset=UTF-8");
 83 |         response.getWriter().write(objectMapper.writeValueAsString(token));
 84 |         log.info("token={}", JsonUtil.toJson(token));
 85 | 
 86 |     }
 87 | 
 88 |     /**
 89 |      * 解码
 90 |      *
 91 |      * @param header
 92 |      * @param request
 93 |      * @return
 94 |      * @throws IOException
 95 |      */
 96 |     private String[] extractAndDecodeHeader(String header, HttpServletRequest request) throws IOException {
 97 |         byte[] base64Token = header.substring(6).getBytes("UTF-8");
 98 | 
 99 |         byte[] decoded;
100 |         try {
101 |             decoded = Base64.decode(base64Token);
102 |         } catch (IllegalArgumentException var7) {
103 |             throw new BadCredentialsException("Failed to decode basic authentication token");
104 |         }
105 | 
106 |         String token = new String(decoded, "UTF-8");
107 |         int delim = token.indexOf(":");
108 |         if (delim == -1) {
109 |             throw new BadCredentialsException("Invalid basic authentication token");
110 |         } else {
111 |             return new String[]{token.substring(0, delim), token.substring(delim + 1)};
112 |         }
113 |     }
114 | }
115 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/properties/OAuth2ClientProperties.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.properties;
 2 | 
 3 | import lombok.Data;
 4 | 
 5 | /**
 6 |  * Created on 2018/1/24 0024.
 7 |  *
 8 |  * @author zlf
 9 |  * @email i@merryyou.cn
10 |  * @since 1.0
11 |  */
12 | @Data
13 | public class OAuth2ClientProperties {
14 | 
15 |     private String clientId;
16 | 
17 |     private String clientSecret;
18 | 
19 |     private Integer accessTokenValiditySeconds = 7200;
20 | }
21 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/properties/OAuth2CoreConfig.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.properties;
 2 | 
 3 | import org.springframework.boot.context.properties.EnableConfigurationProperties;
 4 | import org.springframework.context.annotation.Configuration;
 5 | 
 6 | /**
 7 |  * Created on 2018/1/24 0024.
 8 |  *
 9 |  * @author zlf
10 |  * @email i@merryyou.cn
11 |  * @since 1.0
12 |  */
13 | @Configuration
14 | @EnableConfigurationProperties(OAuth2Properties.class)
15 | public class OAuth2CoreConfig {
16 | }
17 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/properties/OAuth2Properties.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.properties;
 2 | 
 3 | import lombok.Data;
 4 | import org.springframework.boot.context.properties.ConfigurationProperties;
 5 | 
 6 | /**
 7 |  * Created on 2018/1/24 0024.
 8 |  *
 9 |  * @author zlf
10 |  * @email i@merryyou.cn
11 |  * @since 1.0
12 |  */
13 | @Data
14 | @ConfigurationProperties(prefix = "merryyou.security.oauth2")
15 | public class OAuth2Properties {
16 | 
17 |     private String jwtSigningKey = "merryyou";
18 | 
19 |     private OAuth2ClientProperties[] clients = {};
20 | }
21 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/security/MyUserDetailsService.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.security;
 2 | 
 3 | import org.springframework.beans.factory.annotation.Autowired;
 4 | import org.springframework.security.core.authority.AuthorityUtils;
 5 | import org.springframework.security.core.userdetails.User;
 6 | import org.springframework.security.core.userdetails.UserDetails;
 7 | import org.springframework.security.core.userdetails.UserDetailsService;
 8 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
 9 | import org.springframework.security.crypto.password.PasswordEncoder;
10 | import org.springframework.stereotype.Component;
11 | 
12 | /**
13 |  * Created on 2018/1/17.
14 |  *
15 |  * @author zlf
16 |  * @since 1.0
17 |  */
18 | @Component
19 | public class MyUserDetailsService implements UserDetailsService {
20 | 
21 |     @Autowired
22 |     private PasswordEncoder passwordEncoder;
23 | 
24 |     @Override
25 |     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
26 |         return new User(username, passwordEncoder.encode("123456"), AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
27 |     }
28 | }
29 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/security/SecurityConfig.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.security;//package cn.merryyou.security.security;
 2 | 
 3 | 
 4 | import org.springframework.context.annotation.Bean;
 5 | import org.springframework.context.annotation.Configuration;
 6 | import org.springframework.security.authentication.AuthenticationManager;
 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 8 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 9 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
10 | import org.springframework.security.crypto.password.PasswordEncoder;
11 | 
12 | /**
13 |  * Created on 2018/1/19.
14 |  *
15 |  * @author zlf
16 |  * @since 1.0
17 |  */
18 | @Configuration
19 | public class SecurityConfig extends WebSecurityConfigurerAdapter {
20 | 
21 |     @Bean
22 |     @Override
23 |     public AuthenticationManager authenticationManagerBean() throws Exception {
24 |         AuthenticationManager manager = super.authenticationManagerBean();
25 |         return manager;
26 |     }
27 | 
28 |     @Bean
29 |     public PasswordEncoder passwordEncoder() {
30 |         return new BCryptPasswordEncoder();
31 |     }
32 | 
33 |     @Override
34 |     protected void configure(HttpSecurity http) throws Exception {
35 |         http
36 | //                .formLogin().and()
37 |                 .httpBasic().and()
38 |                 .csrf().disable();
39 |     }
40 | }
41 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/security/jwt/MerryyouJwtTokenEnhancer.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.security.jwt;
 2 | 
 3 | import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 4 | import org.springframework.security.oauth2.common.OAuth2AccessToken;
 5 | import org.springframework.security.oauth2.provider.OAuth2Authentication;
 6 | import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 7 | 
 8 | import java.util.HashMap;
 9 | import java.util.Map;
10 | 
11 | /**
12 |  * Created on 2018/1/21 0021.
13 |  *
14 |  * @author zlf
15 |  * @email i@merryyou.cn
16 |  * @since 1.0
17 |  */
18 | public class MerryyouJwtTokenEnhancer implements TokenEnhancer {
19 |     @Override
20 |     public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
21 |         Map<String, Object> info = new HashMap<>();
22 |         info.put("blog", "https://longfeizheng.github.io/");
23 |         ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(info);
24 |         return accessToken;
25 |     }
26 | }
27 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/server/MerryyouAuthorizationServerConfig.java:
--------------------------------------------------------------------------------
  1 | package cn.merryyou.security.server;
  2 | 
  3 | import cn.merryyou.security.properties.OAuth2ClientProperties;
  4 | import cn.merryyou.security.properties.OAuth2Properties;
  5 | import org.apache.commons.lang.ArrayUtils;
  6 | import org.springframework.beans.factory.annotation.Autowired;
  7 | import org.springframework.context.annotation.Configuration;
  8 | import org.springframework.security.authentication.AuthenticationManager;
  9 | import org.springframework.security.core.userdetails.UserDetailsService;
 10 | import org.springframework.security.crypto.password.PasswordEncoder;
 11 | import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
 12 | import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 13 | import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 14 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 15 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 16 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 17 | import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 18 | import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
 19 | import org.springframework.security.oauth2.provider.token.TokenStore;
 20 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 21 | 
 22 | import java.util.ArrayList;
 23 | import java.util.List;
 24 | 
 25 | /**
 26 |  * Created on 2018/1/15 0015.
 27 |  *
 28 |  * @author zlf
 29 |  * @email i@merryyou.cn
 30 |  * @since 1.0
 31 |  */
 32 | @Configuration
 33 | @EnableAuthorizationServer
 34 | public class MerryyouAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
 35 | 
 36 |     @Autowired
 37 |     private OAuth2Properties oAuth2Properties;
 38 | 
 39 |     @Autowired
 40 |     private AuthenticationManager authenticationManager;
 41 | 
 42 |     @Autowired
 43 |     private UserDetailsService userDetailsService;
 44 | 
 45 |     @Autowired
 46 |     private TokenStore tokenStore;
 47 | 
 48 |     @Autowired(required = false)
 49 |     private JwtAccessTokenConverter jwtAccessTokenConverter;
 50 | 
 51 |     @Autowired(required = false)
 52 |     private TokenEnhancer jwtTokenEnhancer;
 53 | 
 54 |     @Autowired
 55 |     private PasswordEncoder passwordEncoder;
 56 | 
 57 |     @Override
 58 |     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
 59 |         endpoints.tokenStore(tokenStore)
 60 |                 .authenticationManager(authenticationManager)
 61 |                 .userDetailsService(userDetailsService);
 62 |         //扩展token返回结果
 63 |         if (jwtAccessTokenConverter != null && jwtTokenEnhancer != null) {
 64 |             TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
 65 |             List<TokenEnhancer> enhancerList = new ArrayList();
 66 |             enhancerList.add(jwtTokenEnhancer);
 67 |             enhancerList.add(jwtAccessTokenConverter);
 68 |             tokenEnhancerChain.setTokenEnhancers(enhancerList);
 69 |             //jwt
 70 |             endpoints.tokenEnhancer(tokenEnhancerChain)
 71 |                     .accessTokenConverter(jwtAccessTokenConverter);
 72 |         }
 73 |     }
 74 | 
 75 |     /**
 76 |      * 配置客户端一些信息
 77 |      *
 78 |      * @param clients
 79 |      * @throws Exception
 80 |      */
 81 |     @Override
 82 |     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
 83 |         InMemoryClientDetailsServiceBuilder build = clients.inMemory();
 84 |         if (ArrayUtils.isNotEmpty(oAuth2Properties.getClients())) {
 85 |             for (OAuth2ClientProperties config : oAuth2Properties.getClients()) {
 86 |                 build.withClient(config.getClientId())
 87 |                         .secret(passwordEncoder.encode(config.getClientSecret()))
 88 |                         .accessTokenValiditySeconds(config.getAccessTokenValiditySeconds())
 89 |                         .refreshTokenValiditySeconds(60 * 60 * 24 * 15)
 90 |                         .authorizedGrantTypes("refresh_token", "password", "authorization_code")//OAuth2支持的验证模式
 91 |                         .redirectUris("http://www.merryyou.cn")
 92 |                         .scopes("all");
 93 |             }
 94 |         }
 95 |     }
 96 | 
 97 | //    @Override
 98 | //    public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
 99 | //        //允许表单认证
100 | //        oauthServer.allowFormAuthenticationForClients();
101 | //        oauthServer.passwordEncoder(passwordEncoder);
102 | //    }
103 | 
104 |     /**
105 |      * springSecurity 授权表达式，
106 |      * @param security
107 |      * @throws Exception
108 |      */
109 |     @Override
110 |     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
111 |         security.tokenKeyAccess("permitAll()");
112 |         security.checkTokenAccess("isAuthenticated()");
113 |     }
114 | }
115 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/server/MerryyouResourceServerConfig.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.server;
 2 | 
 3 | import org.springframework.beans.factory.annotation.Autowired;
 4 | import org.springframework.context.annotation.Configuration;
 5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 6 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 7 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 8 | import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 9 | 
10 | /**
11 |  * Created on 2018/1/17.
12 |  *
13 |  * @author zlf
14 |  * @since 1.0
15 |  */
16 | @Configuration
17 | @EnableResourceServer
18 | public class MerryyouResourceServerConfig extends ResourceServerConfigurerAdapter {
19 | 
20 |     /**
21 |      * 自定义登录成功处理器
22 |      */
23 |     @Autowired
24 |     private AuthenticationSuccessHandler appLoginInSuccessHandler;
25 | 
26 |     @Override
27 |     public void configure(HttpSecurity http) throws Exception {
28 |         http.formLogin()
29 |                 .successHandler(appLoginInSuccessHandler)//登录成功处理器
30 |                 .and()
31 |                 .authorizeRequests().anyRequest().authenticated().and()
32 |                 .csrf().disable();
33 |     }
34 | 
35 | }
36 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/java/cn/merryyou/security/utils/JsonUtil.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.utils;
 2 | 
 3 | import com.google.gson.Gson;
 4 | import com.google.gson.GsonBuilder;
 5 | 
 6 | /**
 7 |  * Created on 2018/1/17.
 8 |  *
 9 |  * @author zlf
10 |  * @since 1.0
11 |  */
12 | public class JsonUtil {
13 |     public static String toJson(Object object){
14 |         GsonBuilder gsonBuilder = new GsonBuilder();
15 |         gsonBuilder.setPrettyPrinting();
16 |         Gson gson = gsonBuilder.create();
17 |         return gson.toJson(object);
18 |     }
19 | }
20 | 


--------------------------------------------------------------------------------
/authorization-server/src/main/resources/application.yml:
--------------------------------------------------------------------------------
 1 | server:
 2 |   port: 8888
 3 | spring:
 4 |   redis:
 5 |     host: localhost
 6 |     port: 6379
 7 |     jedis:
 8 |       pool:
 9 |         max-active: 8
10 |         max-wait: -1s
11 |         min-idle: 0
12 |         max-idle: 8
13 | logging:
14 |   level:
15 |     org.springframework: debug
16 | merryyou:
17 |   security:
18 |     oauth2:
19 |       storeType: jwt #或者jwt
20 |       jwtSigningKey: merryyou
21 |       clients[0]:
22 |         clientId: merryyou
23 |         clientSecret: merryyou
24 |       clients[1]:
25 |               clientId: merryyou1
26 |               clientSecret: merryyou1
27 | 


--------------------------------------------------------------------------------
/authorization-server/src/test/java/cn/merryyou/security/SpringBoot2Oauth2Test.java:
--------------------------------------------------------------------------------
  1 | package cn.merryyou.security;
  2 | 
  3 | import cn.merryyou.security.utils.JsonUtil;
  4 | import lombok.extern.slf4j.Slf4j;
  5 | import org.apache.commons.codec.binary.Base64;
  6 | import org.junit.Test;
  7 | import org.junit.runner.RunWith;
  8 | import org.springframework.boot.test.context.SpringBootTest;
  9 | import org.springframework.http.*;
 10 | import org.springframework.security.oauth2.common.OAuth2AccessToken;
 11 | import org.springframework.test.context.junit4.SpringRunner;
 12 | import org.springframework.util.LinkedMultiValueMap;
 13 | import org.springframework.util.MultiValueMap;
 14 | import org.springframework.web.client.RestTemplate;
 15 | 
 16 | /**
 17 |  * Created on 2018/4/28.
 18 |  *
 19 |  * @author zlf
 20 |  * @since 1.0
 21 |  */
 22 | @RunWith(SpringRunner.class)
 23 | @SpringBootTest
 24 | @Slf4j
 25 | public class SpringBoot2Oauth2Test {
 26 |     //端口
 27 |     final static long PORT = 8888;
 28 |     //clientId
 29 |     final static String CLIENT_ID = "merryyou";
 30 |     //clientSecret
 31 |     final static String CLIENT_SECRET = "merryyou";
 32 |     //用户名
 33 |     final static String USERNAME = "admin";
 34 |     //密码
 35 |     final static String PASSWORD = "123456";
 36 |     //获取accessToken得URI
 37 |     final static String TOKEN_REQUEST_URI = "http://127.0.0.1:" + PORT + "/oauth/token?grant_type=password&username=" + USERNAME + "&password=" + PASSWORD + "&scope=all";
 38 |     //获取用户信息得URL
 39 |     final static String USER_INFO_URI = "http://127.0.0.1:" + PORT + "/userRedis";
 40 |     //登录地址
 41 |     final static String SIGN_IN_URI = "http://127.0.0.1:" + PORT + "/login";
 42 | 
 43 |     @Test
 44 |     public void getUserInfo() throws Exception {
 45 |         RestTemplate rest = new RestTemplate();
 46 |         HttpHeaders headers = new HttpHeaders();
 47 |         headers.add("authorization", "bearer " + getAccessToken());
 48 |         HttpEntity<String> entity = new HttpEntity<String>(null, headers);
 49 |         // pay attention, if using get with headers, should use exchange instead of getForEntity / getForObject
 50 |         ResponseEntity<String> result = rest.exchange(USER_INFO_URI, HttpMethod.GET, entity, String.class, new Object[]{null});
 51 |         log.info("用户信息返回的结果={}", JsonUtil.toJson(result));
 52 |     }
 53 | 
 54 |     /**
 55 |      * 用户名密码登录
 56 |      * @throws Exception
 57 |      */
 58 |     @Test
 59 |     public void signInTest() throws Exception {
 60 |         RestTemplate rest = new RestTemplate();
 61 |         HttpHeaders headers = new HttpHeaders();
 62 |         headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 63 |         headers.add("authorization", getBasicAuthHeader());
 64 | 
 65 |         MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
 66 |         params.add("username", "admin");
 67 |         params.add("password", "123456");
 68 | 
 69 |         HttpEntity<?> entity = new HttpEntity(params, headers);
 70 |         // pay attention, if using get with headers, should use exchange instead of getForEntity / getForObject
 71 |         ResponseEntity<String> result = rest.exchange(SIGN_IN_URI, HttpMethod.POST, entity, String.class, new Object[]{null});
 72 |         log.info("登录信息返回的结果={}", JsonUtil.toJson(result));
 73 |     }
 74 | 
 75 |     /**
 76 |      * 获取accessToken
 77 |      *
 78 |      * @return
 79 |      */
 80 |     private String getAccessToken() {
 81 |         RestTemplate rest = new RestTemplate();
 82 |         HttpHeaders headers = new HttpHeaders();
 83 |         headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 84 |         headers.add("authorization", getBasicAuthHeader());
 85 |         HttpEntity<String> entity = new HttpEntity<String>(null, headers);
 86 |         ResponseEntity<OAuth2AccessToken> resp = rest.postForEntity(TOKEN_REQUEST_URI, entity, OAuth2AccessToken.class);
 87 |         if (!resp.getStatusCode().equals(HttpStatus.OK)) {
 88 |             throw new RuntimeException(resp.toString());
 89 |         }
 90 |         OAuth2AccessToken t = resp.getBody();
 91 |         log.info("accessToken={}", JsonUtil.toJson(t));
 92 |         log.info("the response, access_token: " + t.getValue() + "; token_type: " + t.getTokenType() + "; "
 93 |                 + "refresh_token: " + t.getRefreshToken() + "; expiration: " + t.getExpiresIn() + ", expired when:" + t.getExpiration());
 94 |         return t.getValue();
 95 | 
 96 |     }
 97 | 
 98 |     /**
 99 |      * 构建header
100 |      *
101 |      * @return
102 |      */
103 |     private String getBasicAuthHeader() {
104 |         String auth = CLIENT_ID + ":" + CLIENT_SECRET;
105 |         byte[] encodedAuth = Base64.encodeBase64(auth.getBytes());
106 |         String authHeader = "Basic " + new String(encodedAuth);
107 |         return authHeader;
108 |     }
109 | }
110 | 


--------------------------------------------------------------------------------
/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0"
 3 |          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4 |          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 5 |     <modelVersion>4.0.0</modelVersion>
 6 | 
 7 |     <groupId>cn.merryyou</groupId>
 8 |     <artifactId>springboot2.0-oauth2</artifactId>
 9 |     <packaging>pom</packaging>
10 |     <version>1.0-SNAPSHOT</version>
11 |     <modules>
12 |         <module>authorization-server</module>
13 |         <module>resource-server</module>
14 |     </modules>
15 | 
16 |     <dependencyManagement>
17 |         <dependencies>
18 |             <dependency>
19 |                 <groupId>io.spring.platform</groupId>
20 |                 <artifactId>platform-bom</artifactId>
21 |                 <version>Cairo-RELEASE</version>
22 |                 <type>pom</type>
23 |                 <scope>import</scope>
24 |             </dependency>
25 |             <dependency>
26 |                 <groupId>org.springframework.cloud</groupId>
27 |                 <artifactId>spring-cloud-dependencies</artifactId>
28 |                 <version>Finchley.RC1</version>
29 |                 <type>pom</type>
30 |                 <scope>import</scope>
31 |             </dependency>
32 |         </dependencies>
33 |     </dependencyManagement>
34 | 
35 |     <build>
36 |         <plugins>
37 |             <plugin>
38 |                 <groupId>org.apache.maven.plugins</groupId>
39 |                 <artifactId>maven-compiler-plugin</artifactId>
40 |                 <version>2.3.2</version>
41 |                 <configuration>
42 |                     <source>1.8</source>
43 |                     <target>1.8</target>
44 |                     <encoding>UTF-8</encoding>
45 |                 </configuration>
46 |             </plugin>
47 |             <!--打包-->
48 |             <plugin>
49 |                 <groupId>org.springframework.boot</groupId>
50 |                 <artifactId>spring-boot-maven-plugin</artifactId>
51 |                 <executions>
52 |                     <execution>
53 |                         <goals>
54 |                             <goal>repackage</goal><!--把依赖的包都打包到生成的Jar包中-->
55 |                         </goals>
56 |                     </execution>
57 |                 </executions>
58 |             </plugin>
59 |         </plugins>
60 |     </build>
61 | 
62 |     <repositories>
63 |         <repository>
64 |             <id>spring-snapshots</id>
65 |             <name>Spring Snapshots</name>
66 |             <url>https://repo.spring.io/snapshot</url>
67 |             <snapshots>
68 |                 <enabled>true</enabled>
69 |             </snapshots>
70 |         </repository>
71 |         <repository>
72 |             <id>spring-milestones</id>
73 |             <name>Spring Milestones</name>
74 |             <url>https://repo.spring.io/milestone</url>
75 |             <snapshots>
76 |                 <enabled>false</enabled>
77 |             </snapshots>
78 |         </repository>
79 |     </repositories>
80 | 
81 |     <pluginRepositories>
82 |         <pluginRepository>
83 |             <id>spring-snapshots</id>
84 |             <name>Spring Snapshots</name>
85 |             <url>https://repo.spring.io/snapshot</url>
86 |             <snapshots>
87 |                 <enabled>true</enabled>
88 |             </snapshots>
89 |         </pluginRepository>
90 |         <pluginRepository>
91 |             <id>spring-milestones</id>
92 |             <name>Spring Milestones</name>
93 |             <url>https://repo.spring.io/milestone</url>
94 |             <snapshots>
95 |                 <enabled>false</enabled>
96 |             </snapshots>
97 |         </pluginRepository>
98 |     </pluginRepositories>
99 | </project>


--------------------------------------------------------------------------------
/resource-server/pom.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <project xmlns="http://maven.apache.org/POM/4.0.0"
 3 |          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 4 |          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 5 |     <parent>
 6 |         <artifactId>springboot2.0-oauth2</artifactId>
 7 |         <groupId>cn.merryyou</groupId>
 8 |         <version>1.0-SNAPSHOT</version>
 9 |     </parent>
10 |     <modelVersion>4.0.0</modelVersion>
11 | 
12 |     <artifactId>resource-server</artifactId>
13 | 
14 |     <dependencies>
15 |         <dependency>
16 |             <groupId>org.springframework.cloud</groupId>
17 |             <artifactId>spring-cloud-starter-oauth2</artifactId>
18 |         </dependency>
19 | 
20 | 
21 |     </dependencies>
22 | </project>


--------------------------------------------------------------------------------
/resource-server/resource-server.iml:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="UTF-8"?>
  2 | <module org.jetbrains.idea.maven.project.MavenProjectsManager.isMavenModule="true" type="JAVA_MODULE" version="4">
  3 |   <component name="FacetManager">
  4 |     <facet type="Spring" name="Spring">
  5 |       <configuration />
  6 |     </facet>
  7 |     <facet type="web" name="Web">
  8 |       <configuration>
  9 |         <webroots />
 10 |         <sourceRoots>
 11 |           <root url="file://$MODULE_DIR$/src/main/java" />
 12 |           <root url="file://$MODULE_DIR$/src/main/resources" />
 13 |         </sourceRoots>
 14 |       </configuration>
 15 |     </facet>
 16 |   </component>
 17 |   <component name="NewModuleRootManager" LANGUAGE_LEVEL="JDK_1_8">
 18 |     <output url="file://$MODULE_DIR$/target/classes" />
 19 |     <output-test url="file://$MODULE_DIR$/target/test-classes" />
 20 |     <content url="file://$MODULE_DIR$">
 21 |       <sourceFolder url="file://$MODULE_DIR$/src/main/java" isTestSource="false" />
 22 |       <sourceFolder url="file://$MODULE_DIR$/src/main/resources" type="java-resource" />
 23 |       <sourceFolder url="file://$MODULE_DIR$/src/test/java" isTestSource="true" />
 24 |       <excludeFolder url="file://$MODULE_DIR$/target" />
 25 |     </content>
 26 |     <orderEntry type="inheritedJdk" />
 27 |     <orderEntry type="sourceFolder" forTests="false" />
 28 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-security:2.0.1.RELEASE" level="project" />
 29 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter:2.0.1.RELEASE" level="project" />
 30 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot:2.0.1.RELEASE" level="project" />
 31 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-autoconfigure:2.0.1.RELEASE" level="project" />
 32 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-logging:2.0.1.RELEASE" level="project" />
 33 |     <orderEntry type="library" name="Maven: ch.qos.logback:logback-classic:1.2.3" level="project" />
 34 |     <orderEntry type="library" name="Maven: ch.qos.logback:logback-core:1.2.3" level="project" />
 35 |     <orderEntry type="library" name="Maven: org.apache.logging.log4j:log4j-to-slf4j:2.10.0" level="project" />
 36 |     <orderEntry type="library" name="Maven: org.apache.logging.log4j:log4j-api:2.10.0" level="project" />
 37 |     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.25" level="project" />
 38 |     <orderEntry type="library" name="Maven: javax.annotation:javax.annotation-api:1.3.2" level="project" />
 39 |     <orderEntry type="library" scope="RUNTIME" name="Maven: org.yaml:snakeyaml:1.19" level="project" />
 40 |     <orderEntry type="library" name="Maven: org.springframework:spring-aop:5.0.5.RELEASE" level="project" />
 41 |     <orderEntry type="library" name="Maven: org.springframework.security:spring-security-config:5.0.4.RELEASE" level="project" />
 42 |     <orderEntry type="library" name="Maven: org.springframework.security:spring-security-web:5.0.4.RELEASE" level="project" />
 43 |     <orderEntry type="library" name="Maven: org.springframework:spring-expression:5.0.5.RELEASE" level="project" />
 44 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-web:2.0.1.RELEASE" level="project" />
 45 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-json:2.0.1.RELEASE" level="project" />
 46 |     <orderEntry type="library" name="Maven: com.fasterxml.jackson.core:jackson-databind:2.9.5" level="project" />
 47 |     <orderEntry type="library" name="Maven: com.fasterxml.jackson.core:jackson-annotations:2.9.0" level="project" />
 48 |     <orderEntry type="library" name="Maven: com.fasterxml.jackson.core:jackson-core:2.9.5" level="project" />
 49 |     <orderEntry type="library" name="Maven: com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.9.5" level="project" />
 50 |     <orderEntry type="library" name="Maven: com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.9.5" level="project" />
 51 |     <orderEntry type="library" name="Maven: com.fasterxml.jackson.module:jackson-module-parameter-names:2.9.5" level="project" />
 52 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-tomcat:2.0.1.RELEASE" level="project" />
 53 |     <orderEntry type="library" name="Maven: org.apache.tomcat.embed:tomcat-embed-core:8.5.29" level="project" />
 54 |     <orderEntry type="library" name="Maven: org.apache.tomcat.embed:tomcat-embed-el:8.5.29" level="project" />
 55 |     <orderEntry type="library" name="Maven: org.apache.tomcat.embed:tomcat-embed-websocket:8.5.29" level="project" />
 56 |     <orderEntry type="library" name="Maven: org.hibernate.validator:hibernate-validator:6.0.9.Final" level="project" />
 57 |     <orderEntry type="library" name="Maven: javax.validation:validation-api:2.0.1.Final" level="project" />
 58 |     <orderEntry type="library" name="Maven: org.jboss.logging:jboss-logging:3.3.2.Final" level="project" />
 59 |     <orderEntry type="library" name="Maven: com.fasterxml:classmate:1.3.4" level="project" />
 60 |     <orderEntry type="library" name="Maven: org.springframework:spring-web:5.0.5.RELEASE" level="project" />
 61 |     <orderEntry type="library" name="Maven: org.springframework:spring-webmvc:5.0.5.RELEASE" level="project" />
 62 |     <orderEntry type="library" name="Maven: org.springframework.security.oauth:spring-security-oauth2:2.3.2.RELEASE" level="project" />
 63 |     <orderEntry type="library" name="Maven: org.springframework:spring-beans:5.0.5.RELEASE" level="project" />
 64 |     <orderEntry type="library" name="Maven: org.springframework:spring-core:5.0.5.RELEASE" level="project" />
 65 |     <orderEntry type="library" name="Maven: org.springframework:spring-jcl:5.0.5.RELEASE" level="project" />
 66 |     <orderEntry type="library" name="Maven: org.springframework:spring-context:5.0.5.RELEASE" level="project" />
 67 |     <orderEntry type="library" name="Maven: org.springframework.security:spring-security-core:5.0.4.RELEASE" level="project" />
 68 |     <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.11" level="project" />
 69 |     <orderEntry type="library" name="Maven: org.codehaus.jackson:jackson-mapper-asl:1.9.13" level="project" />
 70 |     <orderEntry type="library" name="Maven: org.codehaus.jackson:jackson-core-asl:1.9.13" level="project" />
 71 |     <orderEntry type="library" name="Maven: org.springframework.security:spring-security-jwt:1.0.9.RELEASE" level="project" />
 72 |     <orderEntry type="library" name="Maven: org.bouncycastle:bcpkix-jdk15on:1.56" level="project" />
 73 |     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk15on:1.56" level="project" />
 74 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-test:2.0.1.RELEASE" level="project" />
 75 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-test:2.0.1.RELEASE" level="project" />
 76 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-test-autoconfigure:2.0.1.RELEASE" level="project" />
 77 |     <orderEntry type="library" name="Maven: com.jayway.jsonpath:json-path:2.4.0" level="project" />
 78 |     <orderEntry type="library" name="Maven: net.minidev:json-smart:2.3" level="project" />
 79 |     <orderEntry type="library" name="Maven: net.minidev:accessors-smart:1.2" level="project" />
 80 |     <orderEntry type="library" name="Maven: org.ow2.asm:asm:5.0.4" level="project" />
 81 |     <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.25" level="project" />
 82 |     <orderEntry type="library" name="Maven: junit:junit:4.12" level="project" />
 83 |     <orderEntry type="library" name="Maven: org.assertj:assertj-core:3.9.1" level="project" />
 84 |     <orderEntry type="library" name="Maven: org.mockito:mockito-core:2.15.0" level="project" />
 85 |     <orderEntry type="library" name="Maven: net.bytebuddy:byte-buddy:1.7.11" level="project" />
 86 |     <orderEntry type="library" name="Maven: net.bytebuddy:byte-buddy-agent:1.7.11" level="project" />
 87 |     <orderEntry type="library" name="Maven: org.objenesis:objenesis:2.6" level="project" />
 88 |     <orderEntry type="library" name="Maven: org.hamcrest:hamcrest-core:1.3" level="project" />
 89 |     <orderEntry type="library" name="Maven: org.hamcrest:hamcrest-library:1.3" level="project" />
 90 |     <orderEntry type="library" name="Maven: org.skyscreamer:jsonassert:1.5.0" level="project" />
 91 |     <orderEntry type="library" name="Maven: com.vaadin.external.google:android-json:0.0.20131108.vaadin1" level="project" />
 92 |     <orderEntry type="library" name="Maven: org.springframework:spring-test:5.0.5.RELEASE" level="project" />
 93 |     <orderEntry type="library" name="Maven: org.xmlunit:xmlunit-core:2.5.1" level="project" />
 94 |     <orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-redis:1.4.7.RELEASE" level="project" />
 95 |     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-redis:2.0.6.RELEASE" level="project" />
 96 |     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-keyvalue:2.0.6.RELEASE" level="project" />
 97 |     <orderEntry type="library" name="Maven: org.springframework.data:spring-data-commons:2.0.6.RELEASE" level="project" />
 98 |     <orderEntry type="library" name="Maven: org.springframework:spring-tx:5.0.5.RELEASE" level="project" />
 99 |     <orderEntry type="library" name="Maven: org.springframework:spring-oxm:5.0.5.RELEASE" level="project" />
100 |     <orderEntry type="library" name="Maven: org.springframework:spring-context-support:5.0.5.RELEASE" level="project" />
101 |     <orderEntry type="library" name="Maven: redis.clients:jedis:2.9.0" level="project" />
102 |     <orderEntry type="library" name="Maven: org.apache.commons:commons-pool2:2.5.0" level="project" />
103 |   </component>
104 | </module>


--------------------------------------------------------------------------------
/resource-server/src/main/java/cn/merryyou/security/SpringBoot2Oauth2ResourceApplication.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security;
 2 | 
 3 | import org.springframework.boot.SpringApplication;
 4 | import org.springframework.boot.autoconfigure.SpringBootApplication;
 5 | import org.springframework.security.access.prepost.PreAuthorize;
 6 | import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 7 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 8 | import org.springframework.web.bind.annotation.RequestMapping;
 9 | import org.springframework.web.bind.annotation.RestController;
10 | 
11 | /**
12 |  * Created on 2018/5/3 0003.
13 |  *
14 |  * @author zlf
15 |  * @email i@merryyou.cn
16 |  * @since 1.0
17 |  */
18 | @SpringBootApplication
19 | @RestController
20 | @EnableGlobalMethodSecurity(prePostEnabled = true)//开启注解
21 | public class SpringBoot2Oauth2ResourceApplication extends ResourceServerConfigurerAdapter {
22 | 
23 |     public static void main(String[] args) {
24 |         SpringApplication.run(SpringBoot2Oauth2ResourceApplication.class, args);
25 |     }
26 | 
27 |     @RequestMapping(value = "/api")
28 |     @PreAuthorize("hasRole('ROLE_USER')")
29 |     public String success() {
30 |         return "SUCCESS";
31 |     }
32 | }
33 | 


--------------------------------------------------------------------------------
/resource-server/src/main/java/cn/merryyou/security/resource/MerryyouResourceServerConfiguration.java:
--------------------------------------------------------------------------------
 1 | package cn.merryyou.security.resource;
 2 | 
 3 | import org.springframework.context.annotation.Configuration;
 4 | import org.springframework.http.HttpMethod;
 5 | import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 6 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 7 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 8 | 
 9 | /**
10 |  * Created on 2018/5/5 0005.
11 |  *
12 |  * @author zlf
13 |  * @email i@merryyou.cn
14 |  * @since 1.0
15 |  */
16 | @Configuration
17 | @EnableResourceServer
18 | public class MerryyouResourceServerConfiguration extends ResourceServerConfigurerAdapter {
19 | 
20 | 
21 |     @Override
22 |     public void configure(HttpSecurity http) throws Exception {
23 |         http.csrf().disable().authorizeRequests().antMatchers("/**").authenticated().antMatchers(HttpMethod.GET, "/api")
24 |                 // 拦截用户，必须具有所列权限
25 |                 .hasAuthority("ROLE_USER");
26 |     }
27 | 
28 | 
29 | 
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/resource-server/src/main/resources/application.yml:
--------------------------------------------------------------------------------
 1 | auth-server: http://localhost:8888 # sso-server地址
 2 | server:
 3 |   port: 8889
 4 | security:
 5 |   oauth2:
 6 |     client:
 7 |       client-id: merryyou
 8 |       client-secret: merryyou
 9 |       user-authorization-uri: ${auth-server}/oauth/authorize #请求认证的地址
10 |       access-token-uri: ${auth-server}/oauth/token #请求令牌的地址
11 |     resource:
12 |       jwt:
13 |         key-uri: ${auth-server}/oauth/token_key
14 |       user-info-uri: ${auth-server}/user/me
15 |       token-info-uri: ${auth-server}/oauth/check_token
16 | logging:
17 |   level:
18 |     org.springframework: debug


--------------------------------------------------------------------------------