├── springcloud-oauth2-client ├── src │ └── main │ │ ├── resouces │ │ ├── messages.properties │ │ ├── messages_en_US.properties │ │ ├── messages_zh_CN.properties │ │ ├── templates │ │ │ ├── error.html │ │ │ ├── anonymous.html │ │ │ ├── index.html │ │ │ └── login.html │ │ └── application.properties │ │ └── java │ │ └── com │ │ └── example │ │ └── springcloud_oauth2_client │ │ ├── web │ │ └── HomeControlle.java │ │ └── Application.java ├── target │ └── classes │ │ ├── messages.properties │ │ ├── messages_en_US.properties │ │ ├── messages_zh_CN.properties │ │ ├── com │ │ └── example │ │ │ └── springcloud_oauth2_client │ │ │ ├── Application.class │ │ │ ├── web │ │ │ └── HomeControlle.class │ │ │ └── Application$MappingJackson2JsonpView.class │ │ ├── META-INF │ │ ├── maven │ │ │ └── com.example │ │ │ │ └── springcloud-oauth2-client │ │ │ │ ├── pom.properties │ │ │ │ └── pom.xml │ │ └── MANIFEST.MF │ │ ├── templates │ │ ├── error.html │ │ ├── anonymous.html │ │ ├── index.html │ │ └── login.html │ │ └── application.properties ├── bin │ ├── src │ │ └── main │ │ │ └── resouces │ │ │ ├── messages.properties │ │ │ ├── messages_en_US.properties │ │ │ ├── messages_zh_CN.properties │ │ │ └── application.properties │ └── pom.xml ├── readMe.md └── pom.xml ├── .mvn └── wrapper │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── springcloud-client ├── src │ ├── main │ │ ├── resouces │ │ │ ├── static │ │ │ │ ├── protected.html │ │ │ │ ├── home.html │ │ │ │ ├── index.html │ │ │ │ └── js │ │ │ │ │ ├── app.js │ │ │ │ │ └── angular-route.min.js │ │ │ └── application.properties │ │ └── java │ │ │ └── org │ │ │ └── springcloud │ │ │ └── client │ │ │ └── ClientApplication.java │ └── test │ │ └── java │ │ └── org │ │ └── springcloud │ │ └── client │ │ └── AppTest.java ├── target │ ├── classes │ │ ├── static │ │ │ ├── protected.html │ │ │ ├── home.html │ │ │ ├── index.html │ │ │ └── js │ │ │ │ ├── app.js │ │ │ │ └── angular-route.min.js │ │ ├── application.properties │ │ ├── org │ │ │ └── springcloud │ │ │ │ └── client │ │ │ │ └── ClientApplication.class │ │ └── META-INF │ │ │ ├── maven │ │ │ └── cn.com.taiji │ │ │ │ └── springcloud-client │ │ │ │ ├── pom.properties │ │ │ │ └── pom.xml │ │ │ └── MANIFEST.MF │ └── test-classes │ │ └── org │ │ └── springcloud │ │ └── client │ │ └── AppTest.class ├── pom.xml └── bin │ └── pom.xml ├── springcloud-zuul ├── target │ ├── test-classes │ │ └── org │ │ │ └── springcloud │ │ │ └── zuul │ │ │ └── AppTest.class │ └── classes │ │ ├── org │ │ └── springcloud │ │ │ └── zuul │ │ │ ├── TestController.class │ │ │ ├── GatewayApplication.class │ │ │ ├── zuul │ │ │ └── SimpleFilter.class │ │ │ ├── WorkaroundRestTemplateCustomizer.class │ │ │ ├── GatewayApplication$SecurityConfiguration.class │ │ │ └── GatewayApplication$SecurityConfiguration$1.class │ │ ├── META-INF │ │ ├── maven │ │ │ └── cn.com.taiji │ │ │ │ └── springcloud-zuul │ │ │ │ ├── pom.properties │ │ │ │ └── pom.xml │ │ └── MANIFEST.MF │ │ └── application.yml ├── src │ ├── test │ │ └── java │ │ │ └── org │ │ │ └── springcloud │ │ │ └── zuul │ │ │ └── AppTest.java │ └── main │ │ ├── resouces │ │ └── application.yml │ │ └── java │ │ └── org │ │ └── springcloud │ │ └── zuul │ │ ├── zuul │ │ └── SimpleFilter.java │ │ ├── TestController.java │ │ └── GatewayApplication.java └── pom.xml ├── springcloud-resource-server ├── target │ ├── test-classes │ │ └── org │ │ │ └── springcloud │ │ │ └── resource │ │ │ └── server │ │ │ └── AppTest.class │ └── classes │ │ ├── org │ │ └── springcloud │ │ │ └── resource │ │ │ └── server │ │ │ ├── api │ │ │ ├── DemoController.class │ │ │ └── TestController.class │ │ │ ├── ResourceServerConfig.class │ │ │ ├── ResourceServerConfig$1.class │ │ │ └── ResourceServerApplication.class │ │ ├── META-INF │ │ ├── maven │ │ │ ├── com.example │ │ │ │ └── springcloud-resource-server │ │ │ │ │ ├── pom.properties │ │ │ │ │ └── pom.xml │ │ │ └── cn.com.taiji │ │ │ │ └── springcloud-resource-server │ │ │ │ ├── pom.properties │ │ │ │ └── pom.xml │ │ └── MANIFEST.MF │ │ └── application.properties ├── src │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── springcloud │ │ │ │ └── resource │ │ │ │ └── server │ │ │ │ ├── ResourceServerApplication.java │ │ │ │ ├── api │ │ │ │ ├── TestController.java │ │ │ │ └── DemoController.java │ │ │ │ └── ResourceServerConfig.java │ │ └── resouces │ │ │ └── application.properties │ └── test │ │ └── java │ │ └── org │ │ └── springcloud │ │ └── resource │ │ └── server │ │ └── AppTest.java └── pom.xml ├── springcloud-oauth2-auth-server ├── bin │ ├── src │ │ ├── test │ │ │ └── java │ │ │ │ └── org │ │ │ │ └── springcloud │ │ │ │ └── oauth2 │ │ │ │ └── auth │ │ │ │ └── server │ │ │ │ └── AppTest.class │ │ └── main │ │ │ └── resouces │ │ │ ├── application.properties │ │ │ └── alan-oauth2.sql │ └── target │ │ └── classes │ │ ├── application.properties │ │ └── alan-oauth2.sql ├── target │ ├── classes │ │ ├── org │ │ │ └── springcloud │ │ │ │ └── oauth2 │ │ │ │ └── auth │ │ │ │ └── server │ │ │ │ ├── OAuth2Config.class │ │ │ │ ├── OAuth2Config$1.class │ │ │ │ ├── WebSecurityConfig.class │ │ │ │ ├── conf │ │ │ │ ├── OAuth2Config.class │ │ │ │ └── WebSecurityConfig.class │ │ │ │ ├── web │ │ │ │ ├── UserControll.class │ │ │ │ └── CustomController.class │ │ │ │ └── AuthServerApplication.class │ │ ├── META-INF │ │ │ ├── maven │ │ │ │ └── cn.com.taiji │ │ │ │ │ └── springcloud-oauth2-auth-server │ │ │ │ │ ├── pom.properties │ │ │ │ │ └── pom.xml │ │ │ └── MANIFEST.MF │ │ ├── application.properties │ │ └── alan-oauth2.sql │ └── test-classes │ │ └── org │ │ └── springcloud │ │ └── oauth2 │ │ └── auth │ │ └── server │ │ └── AppTest.class ├── src │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── springcloud │ │ │ │ └── oauth2 │ │ │ │ └── auth │ │ │ │ └── server │ │ │ │ ├── AuthServerApplication.java │ │ │ │ ├── WebSecurityConfig.java │ │ │ │ ├── conf │ │ │ │ ├── WebSecurityConfig.java │ │ │ │ └── OAuth2Config.java │ │ │ │ ├── web │ │ │ │ ├── UserControll.java │ │ │ │ └── CustomController.java │ │ │ │ └── OAuth2Config.java │ │ └── resouces │ │ │ ├── application.properties │ │ │ └── alan-oauth2.sql │ └── test │ │ └── java │ │ └── org │ │ └── springcloud │ │ └── oauth2 │ │ └── auth │ │ └── server │ │ └── AppTest.java └── pom.xml ├── .gitignore ├── readMe.md ├── pom.xml └── alan-oauth2.sql /springcloud-oauth2-client/src/main/resouces/messages.properties: -------------------------------------------------------------------------------- 1 | welcome = \u6B22\u8FCE\u4F60\u767B\u5F55form1.cn\u7F51\u7AD9 -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/resouces/messages_en_US.properties: -------------------------------------------------------------------------------- 1 | welcome = welcome to login to form.cn website(English) -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/messages.properties: -------------------------------------------------------------------------------- 1 | welcome = \u6B22\u8FCE\u4F60\u767B\u5F55form1.cn\u7F51\u7AD9 -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/messages_en_US.properties: -------------------------------------------------------------------------------- 1 | welcome = welcome to login to form.cn website(English) -------------------------------------------------------------------------------- /springcloud-oauth2-client/bin/src/main/resouces/messages.properties: -------------------------------------------------------------------------------- 1 | welcome = \u6B22\u8FCE\u4F60\u767B\u5F55form1.cn\u7F51\u7AD9 -------------------------------------------------------------------------------- /springcloud-oauth2-client/bin/src/main/resouces/messages_en_US.properties: -------------------------------------------------------------------------------- 1 | welcome = welcome to login to form.cn website(English) -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo1.maven.org/maven2/org/apache/maven/apache-maven/3.5.3/apache-maven-3.5.3-bin.zip 2 | -------------------------------------------------------------------------------- /springcloud-client/src/main/resouces/static/protected.html: -------------------------------------------------------------------------------- 1 |

Protected area for logged in user

2 | 3 |

User details:

4 |

test

5 | -------------------------------------------------------------------------------- /springcloud-client/target/classes/static/protected.html: -------------------------------------------------------------------------------- 1 |

Protected area for logged in user

2 | 3 |

User details:

4 |

test

5 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/messages_zh_CN.properties: -------------------------------------------------------------------------------- 1 | welcome = \u6b22\u8fce\u4f60\u767b\u5f55\u5230 \u963f\u91cc\u5df4\u5df4 \u7f51\u7ad9\uff08\u4e2d\u6587\uff09 #unicode -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/resouces/messages_zh_CN.properties: -------------------------------------------------------------------------------- 1 | welcome = \u6b22\u8fce\u4f60\u767b\u5f55\u5230 \u963f\u91cc\u5df4\u5df4 \u7f51\u7ad9\uff08\u4e2d\u6587\uff09 #unicode -------------------------------------------------------------------------------- /springcloud-oauth2-client/bin/src/main/resouces/messages_zh_CN.properties: -------------------------------------------------------------------------------- 1 | welcome = \u6b22\u8fce\u4f60\u767b\u5f55\u5230 \u963f\u91cc\u5df4\u5df4 \u7f51\u7ad9\uff08\u4e2d\u6587\uff09 #unicode -------------------------------------------------------------------------------- /springcloud-zuul/target/test-classes/org/springcloud/zuul/AppTest.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/test-classes/org/springcloud/zuul/AppTest.class -------------------------------------------------------------------------------- /springcloud-client/target/classes/application.properties: -------------------------------------------------------------------------------- 1 | debug=true 2 | security.basic.enabled=false 3 | logging.level.org.springframework.security=DEBUG 4 | logging.level.org.springframework.web=DEBUG 5 | server.port=8081 -------------------------------------------------------------------------------- /springcloud-client/target/test-classes/org/springcloud/client/AppTest.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-client/target/test-classes/org/springcloud/client/AppTest.class -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/org/springcloud/zuul/TestController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/classes/org/springcloud/zuul/TestController.class -------------------------------------------------------------------------------- /springcloud-client/src/main/resouces/application.properties: -------------------------------------------------------------------------------- 1 | debug=true 2 | security.basic.enabled=false 3 | logging.level.org.springframework.security=DEBUG 4 | logging.level.org.springframework.web=DEBUG 5 | server.port=8081 -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/org/springcloud/zuul/GatewayApplication.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/classes/org/springcloud/zuul/GatewayApplication.class -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/org/springcloud/zuul/zuul/SimpleFilter.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/classes/org/springcloud/zuul/zuul/SimpleFilter.class -------------------------------------------------------------------------------- /springcloud-client/target/classes/org/springcloud/client/ClientApplication.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-client/target/classes/org/springcloud/client/ClientApplication.class -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/org/springcloud/zuul/WorkaroundRestTemplateCustomizer.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/classes/org/springcloud/zuul/WorkaroundRestTemplateCustomizer.class -------------------------------------------------------------------------------- /springcloud-resource-server/target/test-classes/org/springcloud/resource/server/AppTest.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-resource-server/target/test-classes/org/springcloud/resource/server/AppTest.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/bin/src/test/java/org/springcloud/oauth2/auth/server/AppTest.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/bin/src/test/java/org/springcloud/oauth2/auth/server/AppTest.class -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/com/example/springcloud_oauth2_client/Application.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-client/target/classes/com/example/springcloud_oauth2_client/Application.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/OAuth2Config.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/OAuth2Config.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/test-classes/org/springcloud/oauth2/auth/server/AppTest.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/test-classes/org/springcloud/oauth2/auth/server/AppTest.class -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/org/springcloud/resource/server/api/DemoController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-resource-server/target/classes/org/springcloud/resource/server/api/DemoController.class -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/org/springcloud/resource/server/api/TestController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-resource-server/target/classes/org/springcloud/resource/server/api/TestController.class -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/org/springcloud/zuul/GatewayApplication$SecurityConfiguration.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/classes/org/springcloud/zuul/GatewayApplication$SecurityConfiguration.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/OAuth2Config$1.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/OAuth2Config$1.class -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/com/example/springcloud_oauth2_client/web/HomeControlle.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-client/target/classes/com/example/springcloud_oauth2_client/web/HomeControlle.class -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/org/springcloud/resource/server/ResourceServerConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-resource-server/target/classes/org/springcloud/resource/server/ResourceServerConfig.class -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/org/springcloud/zuul/GatewayApplication$SecurityConfiguration$1.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-zuul/target/classes/org/springcloud/zuul/GatewayApplication$SecurityConfiguration$1.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/WebSecurityConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/WebSecurityConfig.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/conf/OAuth2Config.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/conf/OAuth2Config.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/web/UserControll.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/web/UserControll.class -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/org/springcloud/resource/server/ResourceServerConfig$1.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-resource-server/target/classes/org/springcloud/resource/server/ResourceServerConfig$1.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/web/CustomController.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/web/CustomController.class -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/org/springcloud/resource/server/ResourceServerApplication.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-resource-server/target/classes/org/springcloud/resource/server/ResourceServerApplication.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/AuthServerApplication.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/AuthServerApplication.class -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/conf/WebSecurityConfig.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-auth-server/target/classes/org/springcloud/oauth2/auth/server/conf/WebSecurityConfig.class -------------------------------------------------------------------------------- /springcloud-client/target/classes/static/home.html: -------------------------------------------------------------------------------- 1 |

Startpage ui1

2 |
3 |

Name: {{loggedInUser.name}}

4 |
5 |
6 |

Login to see your name

7 |
8 | 9 |

Unprotected data from resource-server: {{greeting}}

-------------------------------------------------------------------------------- /springcloud-client/src/main/resouces/static/home.html: -------------------------------------------------------------------------------- 1 |

Startpage ui1

2 |
3 |

Name: {{loggedInUser.name}}

4 |
5 |
6 |

Login to see your name

7 |
8 | 9 |

Unprotected data from resource-server: {{greeting}}

-------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/com/example/springcloud_oauth2_client/Application$MappingJackson2JsonpView.class: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/startSnow/SpringCloud-security-oauth2/HEAD/springcloud-oauth2-client/target/classes/com/example/springcloud_oauth2_client/Application$MappingJackson2JsonpView.class -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/META-INF/maven/cn.com.taiji/springcloud-zuul/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven Integration for Eclipse 2 | #Tue May 07 16:42:41 CST 2019 3 | version=0.0.1-SNAPSHOT 4 | groupId=cn.com.taiji 5 | m2e.projectName=springcloud-zuul 6 | m2e.projectLocation=C\:\\Users\\Admin\\git\\oauth2\\springcloud-zuul 7 | artifactId=springcloud-zuul 8 | -------------------------------------------------------------------------------- /springcloud-client/target/classes/META-INF/maven/cn.com.taiji/springcloud-client/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven Integration for Eclipse 2 | #Tue May 07 16:41:15 CST 2019 3 | version=0.0.1-SNAPSHOT 4 | groupId=cn.com.taiji 5 | m2e.projectName=springcloud-client 6 | m2e.projectLocation=C\:\\Users\\Admin\\git\\oauth2\\springcloud-client 7 | artifactId=springcloud-client 8 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | /target/ 2 | !.mvn/wrapper/maven-wrapper.jar 3 | 4 | ### STS ### 5 | .apt_generated 6 | .classpath 7 | .factorypath 8 | .project 9 | .settings 10 | .springBeans 11 | .sts4-cache 12 | 13 | ### IntelliJ IDEA ### 14 | .idea 15 | *.iws 16 | *.iml 17 | *.ipr 18 | 19 | ### NetBeans ### 20 | /nbproject/private/ 21 | /build/ 22 | /nbbuild/ 23 | /dist/ 24 | /nbdist/ 25 | /.nb-gradle/ -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/META-INF/maven/com.example/springcloud-oauth2-client/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven Integration for Eclipse 2 | #Tue May 07 16:42:34 CST 2019 3 | version=0.0.1-SNAPSHOT 4 | groupId=com.example 5 | m2e.projectName=springcloud-oauth2-client 6 | m2e.projectLocation=C\:\\Users\\Admin\\git\\oauth2\\springcloud-oauth2-client 7 | artifactId=springcloud-oauth2-client 8 | -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | Implementation-Title: springcloud-zuul 3 | Implementation-Version: 0.0.1-SNAPSHOT 4 | Built-By: Admin 5 | Implementation-Vendor-Id: cn.com.taiji 6 | Build-Jdk: 1.8.0_162 7 | Implementation-URL: http://maven.apache.org 8 | Created-By: Maven Integration for Eclipse 9 | Implementation-Vendor: Pivotal Software, Inc. 10 | 11 | -------------------------------------------------------------------------------- /springcloud-client/target/classes/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | Implementation-Title: springcloud-client 3 | Implementation-Version: 0.0.1-SNAPSHOT 4 | Built-By: Admin 5 | Implementation-Vendor-Id: cn.com.taiji 6 | Build-Jdk: 1.8.0_162 7 | Implementation-URL: http://maven.apache.org 8 | Created-By: Maven Integration for Eclipse 9 | Implementation-Vendor: Pivotal Software, Inc. 10 | 11 | -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/META-INF/maven/com.example/springcloud-resource-server/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven Integration for Eclipse 2 | #Tue May 07 16:42:39 CST 2019 3 | version=0.0.1-SNAPSHOT 4 | groupId=com.example 5 | m2e.projectName=springcloud-resource-server 6 | m2e.projectLocation=C\:\\Users\\Admin\\git\\oauth2\\springcloud-resource-server 7 | artifactId=springcloud-resource-server 8 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | Implementation-Title: springcloud-oauth2-client 3 | Implementation-Version: 0.0.1-SNAPSHOT 4 | Built-By: Admin 5 | Implementation-Vendor-Id: com.example 6 | Build-Jdk: 1.8.0_162 7 | Implementation-URL: http://maven.apache.org 8 | Created-By: Maven Integration for Eclipse 9 | Implementation-Vendor: Pivotal Software, Inc. 10 | 11 | -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | Implementation-Title: springcloud-resource-server 3 | Implementation-Version: 0.0.1-SNAPSHOT 4 | Built-By: Admin 5 | Implementation-Vendor-Id: com.example 6 | Build-Jdk: 1.8.0_162 7 | Implementation-URL: http://maven.apache.org 8 | Created-By: Maven Integration for Eclipse 9 | Implementation-Vendor: Pivotal Software, Inc. 10 | 11 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/META-INF/maven/cn.com.taiji/springcloud-oauth2-auth-server/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven Integration for Eclipse 2 | #Tue May 07 16:42:33 CST 2019 3 | version=0.0.1-SNAPSHOT 4 | groupId=cn.com.taiji 5 | m2e.projectName=springcloud-oauth2-auth-server 6 | m2e.projectLocation=C\:\\Users\\Admin\\git\\oauth2\\springcloud-oauth2-auth-server 7 | artifactId=springcloud-oauth2-auth-server 8 | -------------------------------------------------------------------------------- /springcloud-client/src/main/java/org/springcloud/client/ClientApplication.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.client; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class ClientApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(ClientApplication.class, args); 11 | } 12 | } 13 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | Implementation-Title: springcloud-oauth2-auth-server 3 | Implementation-Version: 0.0.1-SNAPSHOT 4 | Built-By: Admin 5 | Implementation-Vendor-Id: cn.com.taiji 6 | Build-Jdk: 1.8.0_162 7 | Implementation-URL: http://maven.apache.org 8 | Created-By: Maven Integration for Eclipse 9 | Implementation-Vendor: Pivotal Software, Inc. 10 | 11 | -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/META-INF/maven/cn.com.taiji/springcloud-resource-server/pom.properties: -------------------------------------------------------------------------------- 1 | #Generated by Maven Integration for Eclipse 2 | #Fri Jul 13 17:17:48 CST 2018 3 | version=0.0.1-SNAPSHOT 4 | groupId=cn.com.taiji 5 | m2e.projectName=springcloud-resource-server 6 | m2e.projectLocation=C\:\\Users\\Admin\\git\\SpringCloud-security-oauth2\\springcloud-resource-server 7 | artifactId=springcloud-resource-server 8 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/templates/error.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 统一异常处理 5 | 6 | 8 | 9 | 10 |

Error Handler

11 |
12 |
13 | 14 | 15 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/resouces/templates/error.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 统一异常处理 5 | 6 | 8 | 9 | 10 |

Error Handler

11 |
12 |
13 | 14 | 15 | -------------------------------------------------------------------------------- /springcloud-resource-server/src/main/java/org/springcloud/resource/server/ResourceServerApplication.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.resource.server; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | 6 | @SpringBootApplication 7 | public class ResourceServerApplication { 8 | 9 | public static void main(String[] args) { 10 | SpringApplication.run(ResourceServerApplication.class, args); 11 | } 12 | } -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/AuthServerApplication.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; 6 | /** 7 | * 配置授权服务 8 | * @author chixue 9 | * 10 | */ 11 | @SpringBootApplication 12 | @EnableResourceServer 13 | 14 | public class AuthServerApplication { 15 | 16 | 17 | public static void main(String[] args) { 18 | SpringApplication.run(AuthServerApplication.class, args); 19 | } 20 | 21 | 22 | } 23 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/readMe.md: -------------------------------------------------------------------------------- 1 | spring.thymeleaf.cache = true 启用模板缓存(开发时建议关闭) 2 | spring.thymeleaf.check-template = true 检查模板是否存在,然后再呈现 3 | spring.thymeleaf.check-template-location = true 检查模板位置是否存在 4 | spring.thymeleaf.content-type = text/html Content-Type值 5 | spring.thymeleaf.enabled = true 启用MVC Thymeleaf视图分辨率 6 | spring.thymeleaf.encoding = UTF-8 模板编码 7 | spring.thymeleaf.excluded-view-names = 应该从解决方案中排除的视图名称的逗号分隔列表 8 | spring.thymeleaf.mode = HTML5 应用于模板的模板模式。另请参见StandardTemplateModeHandlers 9 | spring.thymeleaf.prefix = classpath:/templates/ 在构建URL时预先查看名称的前缀 10 | spring.thymeleaf.suffix = .html 构建URL时附加查看名称的后缀 11 | spring.thymeleaf.template-resolver-order = 链中模板解析器的顺序 12 | spring.thymeleaf.view-names = 可以解析的视图名称的逗号分隔列表 -------------------------------------------------------------------------------- /springcloud-resource-server/src/main/java/org/springcloud/resource/server/api/TestController.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.resource.server.api; 2 | 3 | import static org.springframework.web.bind.annotation.RequestMethod.GET; 4 | 5 | import java.util.HashMap; 6 | import java.util.Map; 7 | 8 | import org.springframework.web.bind.annotation.RequestMapping; 9 | import org.springframework.web.bind.annotation.RestController; 10 | 11 | @RestController 12 | @RequestMapping("test") 13 | public class TestController { 14 | 15 | @RequestMapping(method = GET) 16 | public Map getTest() { 17 | Map map = new HashMap<>(); 18 | map.put("data", "protected_data"); 19 | return map; 20 | } 21 | 22 | } -------------------------------------------------------------------------------- /springcloud-resource-server/src/main/java/org/springcloud/resource/server/api/DemoController.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.resource.server.api; 2 | 3 | 4 | 5 | import static org.springframework.web.bind.annotation.RequestMethod.GET; 6 | 7 | import java.util.HashMap; 8 | import java.util.Map; 9 | 10 | import org.springframework.web.bind.annotation.RequestMapping; 11 | import org.springframework.web.bind.annotation.RestController; 12 | @RestController 13 | @RequestMapping("demo") 14 | public class DemoController { 15 | 16 | @RequestMapping(method = GET) 17 | public Map getTest() { 18 | Map map = new HashMap<>(); 19 | map.put("data", "unprotected_data"); 20 | return map; 21 | } 22 | 23 | } -------------------------------------------------------------------------------- /springcloud-resource-server/src/main/resouces/application.properties: -------------------------------------------------------------------------------- 1 | server.port=9001 2 | server.context-path=/resource 3 | security.basic.enabled=false 4 | server.session.timeout=300 5 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/alan-oauth?characterEncoding=UTF-8 6 | spring.datasource.username=root 7 | spring.datasource.password=root 8 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver 9 | spring.datasource.max-idle=5 10 | spring.datasource.max-wait=10000 11 | spring.datasource.min-idle=2 12 | spring.datasource.initial-size=3 13 | spring.datasource.validation-query=SELECT 1 14 | spring.datasource.time-between-eviction-runs-millis=18800 15 | spring.datasource.jdbc-interceptors=ConnectionState;SlowQueryReport(threshold=50) 16 | -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/application.properties: -------------------------------------------------------------------------------- 1 | server.port=9001 2 | server.context-path=/resource 3 | security.basic.enabled=false 4 | server.session.timeout=300 5 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/alan-oauth?characterEncoding=UTF-8 6 | spring.datasource.username=root 7 | spring.datasource.password=root 8 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver 9 | spring.datasource.max-idle=5 10 | spring.datasource.max-wait=10000 11 | spring.datasource.min-idle=2 12 | spring.datasource.initial-size=3 13 | spring.datasource.validation-query=SELECT 1 14 | spring.datasource.time-between-eviction-runs-millis=18800 15 | spring.datasource.jdbc-interceptors=ConnectionState;SlowQueryReport(threshold=50) 16 | -------------------------------------------------------------------------------- /springcloud-zuul/src/test/java/org/springcloud/zuul/AppTest.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.zuul; 2 | 3 | import junit.framework.Test; 4 | import junit.framework.TestCase; 5 | import junit.framework.TestSuite; 6 | 7 | /** 8 | * Unit test for simple App. 9 | */ 10 | public class AppTest 11 | extends TestCase 12 | { 13 | /** 14 | * Create the test case 15 | * 16 | * @param testName name of the test case 17 | */ 18 | public AppTest( String testName ) 19 | { 20 | super( testName ); 21 | } 22 | 23 | /** 24 | * @return the suite of tests being tested 25 | */ 26 | public static Test suite() 27 | { 28 | return new TestSuite( AppTest.class ); 29 | } 30 | 31 | /** 32 | * Rigourous Test :-) 33 | */ 34 | public void testApp() 35 | { 36 | assertTrue( true ); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /springcloud-client/src/test/java/org/springcloud/client/AppTest.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.client; 2 | 3 | import junit.framework.Test; 4 | import junit.framework.TestCase; 5 | import junit.framework.TestSuite; 6 | 7 | /** 8 | * Unit test for simple App. 9 | */ 10 | public class AppTest 11 | extends TestCase 12 | { 13 | /** 14 | * Create the test case 15 | * 16 | * @param testName name of the test case 17 | */ 18 | public AppTest( String testName ) 19 | { 20 | super( testName ); 21 | } 22 | 23 | /** 24 | * @return the suite of tests being tested 25 | */ 26 | public static Test suite() 27 | { 28 | return new TestSuite( AppTest.class ); 29 | } 30 | 31 | /** 32 | * Rigourous Test :-) 33 | */ 34 | public void testApp() 35 | { 36 | assertTrue( true ); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/test/java/org/springcloud/oauth2/auth/server/AppTest.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server; 2 | 3 | import junit.framework.Test; 4 | import junit.framework.TestCase; 5 | import junit.framework.TestSuite; 6 | 7 | /** 8 | * Unit test for simple App. 9 | */ 10 | public class AppTest 11 | extends TestCase 12 | { 13 | /** 14 | * Create the test case 15 | * 16 | * @param testName name of the test case 17 | */ 18 | public AppTest( String testName ) 19 | { 20 | super( testName ); 21 | } 22 | 23 | /** 24 | * @return the suite of tests being tested 25 | */ 26 | public static Test suite() 27 | { 28 | return new TestSuite( AppTest.class ); 29 | } 30 | 31 | /** 32 | * Rigourous Test :-) 33 | */ 34 | public void testApp() 35 | { 36 | assertTrue( true ); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/application.properties: -------------------------------------------------------------------------------- 1 | spring.thymeleaf.prefix=classpath:/templates/ 2 | spring.thymeleaf.suffix=.html 3 | spring.thymeleaf.mode=HTML5 4 | spring.thymeleaf.encoding=UTF-8 5 | spring.thymeleaf.content-type=text/html 6 | spring.thymeleaf.cache=false 7 | spring.messages.basename=message 8 | 9 | ##\u914D\u7F6E\u5E94\u7528\u4FE1\u606F 10 | security.oauth2.client.clientId=ui2 11 | security.oauth2.client.clientSecret=ui2-secret 12 | /##\u914D\u7F6E\u670D\u52A1\u5730\u5740 13 | security.oauth2.client.accessTokenUri=http://localhost:9999/uaa/oauth/token 14 | security.oauth2.client.userAuthorizationUri=http://localhost:9999/uaa/oauth/authorize 15 | security.oauth2.resource.loadBalanced=true 16 | security.oauth2.resource.userInfoUri=http://localhost:9999/uaa/user 17 | ##\u767B\u51FA\u5730\u5740 18 | security.oauth2.resource.logout.url=http://localhost:9999/uaa/revoke-token 19 | server.port=7777 20 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/resouces/application.properties: -------------------------------------------------------------------------------- 1 | spring.thymeleaf.prefix=classpath:/templates/ 2 | spring.thymeleaf.suffix=.html 3 | spring.thymeleaf.mode=HTML5 4 | spring.thymeleaf.encoding=UTF-8 5 | spring.thymeleaf.content-type=text/html 6 | spring.thymeleaf.cache=false 7 | spring.messages.basename=message 8 | 9 | ##\u914D\u7F6E\u5E94\u7528\u4FE1\u606F 10 | security.oauth2.client.clientId=ui2 11 | security.oauth2.client.clientSecret=ui2-secret 12 | /##\u914D\u7F6E\u670D\u52A1\u5730\u5740 13 | security.oauth2.client.accessTokenUri=http://localhost:9999/uaa/oauth/token 14 | security.oauth2.client.userAuthorizationUri=http://localhost:9999/uaa/oauth/authorize 15 | security.oauth2.resource.loadBalanced=true 16 | security.oauth2.resource.userInfoUri=http://localhost:9999/uaa/user 17 | ##\u767B\u51FA\u5730\u5740 18 | security.oauth2.resource.logout.url=http://localhost:9999/uaa/revoke-token 19 | server.port=7777 20 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/bin/src/main/resouces/application.properties: -------------------------------------------------------------------------------- 1 | spring.thymeleaf.prefix=classpath:/templates/ 2 | spring.thymeleaf.suffix=.html 3 | spring.thymeleaf.mode=HTML5 4 | spring.thymeleaf.encoding=UTF-8 5 | spring.thymeleaf.content-type=text/html 6 | spring.thymeleaf.cache=false 7 | spring.messages.basename=message 8 | 9 | ##\u914D\u7F6E\u5E94\u7528\u4FE1\u606F 10 | security.oauth2.client.clientId=ui2 11 | security.oauth2.client.clientSecret=ui2-secret 12 | /##\u914D\u7F6E\u670D\u52A1\u5730\u5740 13 | security.oauth2.client.accessTokenUri=http://localhost:9999/uaa/oauth/token 14 | security.oauth2.client.userAuthorizationUri=http://localhost:9999/uaa/oauth/authorize 15 | security.oauth2.resource.loadBalanced=true 16 | security.oauth2.resource.userInfoUri=http://localhost:9999/uaa/user 17 | ##\u767B\u51FA\u5730\u5740 18 | security.oauth2.resource.logout.url=http://localhost:9999/uaa/revoke-token 19 | server.port=7777 20 | -------------------------------------------------------------------------------- /springcloud-resource-server/src/test/java/org/springcloud/resource/server/AppTest.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.resource.server; 2 | 3 | import junit.framework.Test; 4 | import junit.framework.TestCase; 5 | import junit.framework.TestSuite; 6 | 7 | /** 8 | * Unit test for simple App. 9 | */ 10 | public class AppTest 11 | extends TestCase 12 | { 13 | /** 14 | * Create the test case 15 | * 16 | * @param testName name of the test case 17 | */ 18 | public AppTest( String testName ) 19 | { 20 | super( testName ); 21 | } 22 | 23 | /** 24 | * @return the suite of tests being tested 25 | */ 26 | public static Test suite() 27 | { 28 | return new TestSuite( AppTest.class ); 29 | } 30 | 31 | /** 32 | * Rigourous Test :-) 33 | */ 34 | public void testApp() 35 | { 36 | assertTrue( true ); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /readMe.md: -------------------------------------------------------------------------------- 1 | 2 | 1、项目清单 3 | 4 | | 项目名称 | 启动顺序 | 用途 | 5 | | -------- | -----: | :----: | 6 | | springcloud-client | 3 | angularjs ,zuul代理 | 7 | | springcloud-zuul | 4 | 网关 | 8 | | springcloud-oauth2-auth-server | 1 | 认证服务器 | 9 | | springcloud-resource-server | 2 | 资源服务器 | 10 | | springcloud-oauth2-client | 5 | 单点登录测试客户端 | 11 | 12 | 13 | 2、需要在数据库中创建名为alan-oauth2的数据库 账号密码root/root 14 | 15 | 16 | 3、访问路径 授权码模拟 17 | 18 | 单点登录测试-》http://127.0.0.1:7777/ 点击企业登录 19 | 账号输入->admin admin 20 | 登陆成功->首页页面点击系统B即可单点至B系统 21 | 22 | 4、密码模式 23 | 24 | 时间不足,用命令行测试 25 | 26 | ~~~ 27 | curl -i -d "grant_type=password&username=admin&password=admin&scope=read" -u "customer-integration-system:1234567890" -X POST http://localhost:9999/uaa/oauth/token 28 | ~~~ 29 | 5、遗留 30 | 5-1 Oauth2授权模式password单一账号并发问题,需要增加Redis 锁 31 | 32 | ~~~ 33 | https://blog.csdn.net/chao_1990/article/details/83782147 34 | ~~~ 35 | ======= 36 | 6、当工程启动不了的时候,可能是上传的resouces的文件夹不是源文件夹了,需要手动变更一下。怎么控制上传文件夹的类型我忘记了好像是文件中该什么,如果有知道的同学给我留言多谢 37 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/bin/target/classes/application.properties: -------------------------------------------------------------------------------- 1 | server.port=9999 2 | server.context-path=/uaa 3 | 4 | security.sessions=if-required 5 | 6 | security.basic.enabled=false 7 | server.session.timeout=300 8 | #\u6570\u636E\u5E93\u811A\u672C\u521B\u5EFA\u5730\u5740\uFF0C\u5F53\u6709\u591A\u4E2A\u662F\u53EF\u4F7F\u7528[x]\u8868\u793A\u96C6\u5408\u7B2C\u51E0\u4E2A\u5143\u7D20 9 | spring.datasource.schema[0]=classpath:/alan-oauth2.sql 10 | spring.datasource.initialize=true 11 | spring.datasource.continue-on-error=true 12 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/alan-oauth2?characterEncoding=UTF-8 13 | spring.datasource.username=root 14 | spring.datasource.password=root 15 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver 16 | spring.datasource.max-idle=5 17 | spring.datasource.max-wait=10000 18 | spring.datasource.min-idle=2 19 | spring.datasource.initial-size=3 20 | spring.datasource.validation-query=SELECT 1 21 | spring.datasource.time-between-eviction-runs-millis=18800 22 | spring.datasource.jdbc-interceptors=ConnectionState;SlowQueryReport(threshold=50) 23 | 24 | 25 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/resouces/application.properties: -------------------------------------------------------------------------------- 1 | server.port=9999 2 | server.context-path=/uaa 3 | 4 | security.sessions=if-required 5 | 6 | security.basic.enabled=false 7 | server.session.timeout=300 8 | #\u6570\u636E\u5E93\u811A\u672C\u521B\u5EFA\u5730\u5740\uFF0C\u5F53\u6709\u591A\u4E2A\u662F\u53EF\u4F7F\u7528[x]\u8868\u793A\u96C6\u5408\u7B2C\u51E0\u4E2A\u5143\u7D20 9 | spring.datasource.schema[0]=classpath:/alan-oauth2.sql 10 | spring.datasource.initialize=true 11 | spring.datasource.continue-on-error=true 12 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/alan-oauth2?characterEncoding=UTF-8 13 | spring.datasource.username=root 14 | spring.datasource.password=root 15 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver 16 | spring.datasource.max-idle=5 17 | spring.datasource.max-wait=10000 18 | spring.datasource.min-idle=2 19 | spring.datasource.initial-size=3 20 | spring.datasource.validation-query=SELECT 1 21 | spring.datasource.time-between-eviction-runs-millis=18800 22 | spring.datasource.jdbc-interceptors=ConnectionState;SlowQueryReport(threshold=50) 23 | 24 | 25 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/application.properties: -------------------------------------------------------------------------------- 1 | server.port=9999 2 | server.context-path=/uaa 3 | 4 | security.sessions=if-required 5 | 6 | security.basic.enabled=false 7 | server.session.timeout=300 8 | #\u6570\u636E\u5E93\u811A\u672C\u521B\u5EFA\u5730\u5740\uFF0C\u5F53\u6709\u591A\u4E2A\u662F\u53EF\u4F7F\u7528[x]\u8868\u793A\u96C6\u5408\u7B2C\u51E0\u4E2A\u5143\u7D20 9 | spring.datasource.schema[0]=classpath:/alan-oauth2.sql 10 | spring.datasource.initialize=true 11 | spring.datasource.continue-on-error=true 12 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/alan-oauth2?characterEncoding=UTF-8 13 | spring.datasource.username=root 14 | spring.datasource.password=root 15 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver 16 | spring.datasource.max-idle=5 17 | spring.datasource.max-wait=10000 18 | spring.datasource.min-idle=2 19 | spring.datasource.initial-size=3 20 | spring.datasource.validation-query=SELECT 1 21 | spring.datasource.time-between-eviction-runs-millis=18800 22 | spring.datasource.jdbc-interceptors=ConnectionState;SlowQueryReport(threshold=50) 23 | 24 | 25 | -------------------------------------------------------------------------------- /springcloud-zuul/src/main/resouces/application.yml: -------------------------------------------------------------------------------- 1 | logging: 2 | level: 3 | org.springframework.security: DEBUG 4 | org.springframework.cloud: DEBUG 5 | org.springframework.web: WARN 6 | 7 | server: 8 | port: 8080 9 | proxy: 10 | auth: 11 | routes: 12 | customers: oauth2 13 | stores: passthru 14 | recommendations: none 15 | spring: 16 | aop: 17 | proxy-target-class: true 18 | 19 | zuul: 20 | routes: 21 | startpage: 22 | path: /** 23 | url: http://localhost:8081 24 | resource: 25 | path: /resource/** 26 | url: http://localhost:9001/resource 27 | user: 28 | path: /user/** 29 | url: http://localhost:9999/uaa/user 30 | 31 | security: 32 | oauth2: 33 | client: 34 | accessTokenUri: http://localhost:9999/uaa/oauth/token 35 | userAuthorizationUri: http://localhost:9999/uaa/oauth/authorize 36 | clientId: ui1 37 | clientSecret: ui1-secret 38 | resource: 39 | userInfoUri: http://localhost:9999/uaa/user 40 | preferTokenInfo: false 41 | sessions: ALWAYS -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/application.yml: -------------------------------------------------------------------------------- 1 | logging: 2 | level: 3 | org.springframework.security: DEBUG 4 | org.springframework.cloud: DEBUG 5 | org.springframework.web: WARN 6 | 7 | server: 8 | port: 8080 9 | proxy: 10 | auth: 11 | routes: 12 | customers: oauth2 13 | stores: passthru 14 | recommendations: none 15 | spring: 16 | aop: 17 | proxy-target-class: true 18 | 19 | zuul: 20 | routes: 21 | startpage: 22 | path: /** 23 | url: http://localhost:8081 24 | resource: 25 | path: /resource/** 26 | url: http://localhost:9001/resource 27 | user: 28 | path: /user/** 29 | url: http://localhost:9999/uaa/user 30 | 31 | security: 32 | oauth2: 33 | client: 34 | accessTokenUri: http://localhost:9999/uaa/oauth/token 35 | userAuthorizationUri: http://localhost:9999/uaa/oauth/authorize 36 | clientId: ui1 37 | clientSecret: ui1-secret 38 | resource: 39 | userInfoUri: http://localhost:9999/uaa/user 40 | preferTokenInfo: false 41 | sessions: ALWAYS -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/bin/src/main/resouces/application.properties: -------------------------------------------------------------------------------- 1 | server.port=9999 2 | server.context-path=/uaa 3 | 4 | security.sessions=if-required 5 | 6 | security.basic.enabled=false 7 | server.session.timeout=300 8 | #\u6570\u636E\u5E93\u811A\u672C\u521B\u5EFA\u5730\u5740\uFF0C\u5F53\u6709\u591A\u4E2A\u662F\u53EF\u4F7F\u7528[x]\u8868\u793A\u96C6\u5408\u7B2C\u51E0\u4E2A\u5143\u7D20 9 | spring.datasource.schema[0]=classpath:/alan-oauth2.sql 10 | spring.datasource.initialize=true 11 | spring.datasource.continue-on-error=true 12 | spring.datasource.url=jdbc:mysql://127.0.0.1:3306/alan-oauth2?characterEncoding=UTF-8 13 | spring.datasource.username=root 14 | spring.datasource.password=root 15 | spring.datasource.driver-class-name=com.mysql.jdbc.Driver 16 | spring.datasource.max-idle=5 17 | spring.datasource.max-wait=10000 18 | spring.datasource.min-idle=2 19 | spring.datasource.initial-size=3 20 | spring.datasource.validation-query=SELECT 1 21 | spring.datasource.time-between-eviction-runs-millis=18800 22 | spring.datasource.jdbc-interceptors=ConnectionState;SlowQueryReport(threshold=50) 23 | 24 | 25 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/templates/anonymous.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 9 | 10 | 11 |
12 | 25 |

Title

26 | 您好 注销 28 | 登录 29 |

30 | Logged in as: 31 |

32 |
33 | 34 | 35 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/resouces/templates/anonymous.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 9 | 10 | 11 |
12 | 25 |

Title

26 | 您好 注销 28 | 登录 29 |

30 | Logged in as: 31 |

32 |
33 | 34 | 35 | -------------------------------------------------------------------------------- /springcloud-zuul/src/main/java/org/springcloud/zuul/zuul/SimpleFilter.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.zuul.zuul; 2 | 3 | import javax.servlet.http.HttpServletRequest; 4 | 5 | import org.slf4j.Logger; 6 | import org.slf4j.LoggerFactory; 7 | import org.springframework.stereotype.Component; 8 | 9 | import com.netflix.zuul.ZuulFilter; 10 | import com.netflix.zuul.context.RequestContext; 11 | @Component 12 | public class SimpleFilter extends ZuulFilter{ 13 | 14 | private static Logger log = LoggerFactory.getLogger(SimpleFilter.class); 15 | /* pre:请求执行之前filter 16 | route: 处理请求,进行路由 17 | post: 请求处理完成后执行的filter 18 | error:出现错误时执行的filter*/ 19 | @Override 20 | public String filterType() { 21 | return "pre"; 22 | } 23 | 24 | @Override 25 | public int filterOrder() { 26 | return 1; 27 | } 28 | 29 | @Override 30 | public boolean shouldFilter() { 31 | return true; 32 | } 33 | 34 | @Override 35 | public Object run() { 36 | RequestContext ctx = RequestContext.getCurrentContext(); 37 | HttpServletRequest request = ctx.getRequest(); 38 | log.info(String.format("%s request to %s", request.getMethod(), request.getRequestURL().toString(),request.getParameterMap())); 39 | 40 | return null; 41 | } 42 | 43 | 44 | } 45 | -------------------------------------------------------------------------------- /springcloud-client/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-client 12 | 0.0.1-SNAPSHOT 13 | springcloud-client 14 | http://maven.apache.org 15 | 16 | UTF-8 17 | 18 | 19 | 20 | org.springframework.boot 21 | spring-boot-starter-security 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-web 26 | 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-test 31 | test 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /springcloud-client/bin/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-client 12 | 0.0.1-SNAPSHOT 13 | springcloud-client 14 | http://maven.apache.org 15 | 16 | UTF-8 17 | 18 | 19 | 20 | org.springframework.boot 21 | spring-boot-starter-security 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-web 26 | 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-test 31 | test 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /springcloud-client/src/main/resouces/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | UI 1 5 | 8 | 13 | 14 | 15 | 16 | 17 |
18 | 27 | 28 |

Logged in as: {{loggedInUser.name}}

29 | 30 |
31 |
32 | 33 | 34 | 35 | 36 | 37 | -------------------------------------------------------------------------------- /springcloud-client/target/classes/static/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | UI 1 5 | 8 | 13 | 14 | 15 | 16 | 17 |
18 | 27 | 28 |

Logged in as: {{loggedInUser.name}}

29 | 30 |
31 |
32 | 33 | 34 | 35 | 36 | 37 | -------------------------------------------------------------------------------- /springcloud-zuul/src/main/java/org/springcloud/zuul/TestController.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.zuul; 2 | 3 | import java.util.ArrayList; 4 | import java.util.List; 5 | 6 | import org.springframework.beans.factory.annotation.Autowired; 7 | import org.springframework.beans.factory.annotation.Qualifier; 8 | import org.springframework.security.core.session.SessionRegistry; 9 | import org.springframework.security.core.userdetails.User; 10 | import org.springframework.web.bind.annotation.RequestMapping; 11 | import org.springframework.web.bind.annotation.RestController; 12 | @RestController 13 | public class TestController { 14 | @Autowired 15 | @Qualifier("sessionRegistry") 16 | private SessionRegistry sessionRegistry; 17 | @RequestMapping(name="/test/onlineUser") 18 | public String PrintAllOnlineUser() { 19 | List principals = sessionRegistry.getAllPrincipals(); 20 | 21 | List usersNamesList = new ArrayList(); 22 | 23 | for (Object principal: principals) { 24 | if (principal instanceof User) { 25 | usersNamesList.add(((User) principal).getUsername()); 26 | } 27 | } 28 | 29 | return "count:"+usersNamesList.size()+"=>"+usersNamesList.toString(); 30 | } 31 | } 32 | 33 | -------------------------------------------------------------------------------- /springcloud-client/target/classes/META-INF/maven/cn.com.taiji/springcloud-client/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-client 12 | 0.0.1-SNAPSHOT 13 | springcloud-client 14 | http://maven.apache.org 15 | 16 | UTF-8 17 | 18 | 19 | 20 | org.springframework.boot 21 | spring-boot-starter-security 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-web 26 | 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-test 31 | test 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 9 | 10 | 11 | 12 | 13 |
14 | 30 |

Title

31 | 您好 32 | 注销s 33 | 登录 34 |

Logged in as: demo

35 | 36 |
37 | 38 | 39 | 47 | 48 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/resouces/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 9 | 10 | 11 | 12 | 13 |
14 | 30 |

Title

31 | 您好 32 | 注销s 33 | 登录 34 |

Logged in as: demo

35 | 36 |
37 | 38 | 39 | 47 | 48 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/WebSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server; 2 | 3 | import org.springframework.context.annotation.Bean; 4 | import org.springframework.context.annotation.Configuration; 5 | import org.springframework.core.annotation.Order; 6 | import org.springframework.security.authentication.AuthenticationManager; 7 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 8 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 9 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 11 | 12 | @Configuration 13 | @EnableWebSecurity 14 | @Order(-20) 15 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ 16 | @Bean 17 | @Override 18 | public AuthenticationManager authenticationManagerBean() throws Exception { 19 | return super.authenticationManagerBean(); 20 | } 21 | 22 | @Override 23 | public void configure(AuthenticationManagerBuilder auth) throws Exception { 24 | auth.inMemoryAuthentication() 25 | .withUser("steve").password("password").roles("END_USER") 26 | .and() 27 | .withUser("admin").password("admin").roles("ADMIN"); 28 | } 29 | 30 | @Override 31 | protected void configure(HttpSecurity http) throws Exception { 32 | http 33 | .formLogin().permitAll() 34 | .and() 35 | .requestMatchers().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access","/rediect") 36 | .and() 37 | .authorizeRequests().anyRequest().authenticated(); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /springcloud-client/src/main/resouces/static/js/app.js: -------------------------------------------------------------------------------- 1 | //Angular module 2 | angular.module('hello', [ 'ngRoute' ]).config(function($routeProvider, $httpProvider) { 3 | $routeProvider.when('/', { 4 | templateUrl : 'home.html', 5 | controller : 'home' 6 | }).when('/protected', { 7 | templateUrl : 'protected.html', 8 | controller : 'protected' 9 | }).when('sso', { 10 | controller : 'sso' 11 | }).otherwise('/'); 12 | 13 | $httpProvider.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; 14 | }) 15 | 16 | //Navigation controller 17 | .controller('navigation', function($rootScope, $scope, $http, $location, $route) { 18 | 19 | $scope.tab = function(route) { 20 | return $route.current && route === $route.current.controller; 21 | }; 22 | 23 | $http.get('/user').success(function(data) { 24 | if (data.name) { 25 | $rootScope.authenticated = true; 26 | $rootScope.loggedInUser = data; 27 | } else { 28 | $rootScope.authenticated = false; 29 | } 30 | }).error(function() { 31 | $rootScope.authenticated = false; 32 | }); 33 | 34 | $scope.credentials = {}; 35 | 36 | $scope.logout = function() { 37 | $http.post('logout', {}).success(function() { 38 | $rootScope.authenticated = false; 39 | $location.path("/"); 40 | }).error(function(data) { 41 | console.log("Logout failed") 42 | $rootScope.authenticated = false; 43 | }); 44 | } 45 | 46 | 47 | }) 48 | 49 | 50 | .controller('home', function($scope, $http) { 51 | $http.get('/resource/demo').success(function(data) { 52 | $scope.greeting = data; 53 | }) 54 | }) 55 | 56 | .controller('protected', function($scope, $http) { 57 | $http.get('/resource/test').success(function(data) { 58 | console.log("protected"); 59 | $scope.test = data; 60 | }) 61 | }); -------------------------------------------------------------------------------- /springcloud-client/target/classes/static/js/app.js: -------------------------------------------------------------------------------- 1 | //Angular module 2 | angular.module('hello', [ 'ngRoute' ]).config(function($routeProvider, $httpProvider) { 3 | $routeProvider.when('/', { 4 | templateUrl : 'home.html', 5 | controller : 'home' 6 | }).when('/protected', { 7 | templateUrl : 'protected.html', 8 | controller : 'protected' 9 | }).when('sso', { 10 | controller : 'sso' 11 | }).otherwise('/'); 12 | 13 | $httpProvider.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; 14 | }) 15 | 16 | //Navigation controller 17 | .controller('navigation', function($rootScope, $scope, $http, $location, $route) { 18 | 19 | $scope.tab = function(route) { 20 | return $route.current && route === $route.current.controller; 21 | }; 22 | 23 | $http.get('/user').success(function(data) { 24 | if (data.name) { 25 | $rootScope.authenticated = true; 26 | $rootScope.loggedInUser = data; 27 | } else { 28 | $rootScope.authenticated = false; 29 | } 30 | }).error(function() { 31 | $rootScope.authenticated = false; 32 | }); 33 | 34 | $scope.credentials = {}; 35 | 36 | $scope.logout = function() { 37 | $http.post('logout', {}).success(function() { 38 | $rootScope.authenticated = false; 39 | $location.path("/"); 40 | }).error(function(data) { 41 | console.log("Logout failed") 42 | $rootScope.authenticated = false; 43 | }); 44 | } 45 | 46 | 47 | }) 48 | 49 | 50 | .controller('home', function($scope, $http) { 51 | $http.get('/resource/demo').success(function(data) { 52 | $scope.greeting = data; 53 | }) 54 | }) 55 | 56 | .controller('protected', function($scope, $http) { 57 | $http.get('/resource/test').success(function(data) { 58 | console.log("protected"); 59 | $scope.test = data; 60 | }) 61 | }); -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/conf/WebSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server.conf; 2 | 3 | import org.springframework.context.annotation.Bean; 4 | import org.springframework.context.annotation.Configuration; 5 | import org.springframework.core.annotation.Order; 6 | import org.springframework.security.authentication.AuthenticationManager; 7 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 8 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 9 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 10 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 11 | 12 | @Configuration 13 | @EnableWebSecurity 14 | @Order(-20) 15 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ 16 | @Bean 17 | @Override 18 | public AuthenticationManager authenticationManagerBean() throws Exception { 19 | return super.authenticationManagerBean(); 20 | } 21 | 22 | @Override 23 | public void configure(AuthenticationManagerBuilder auth) throws Exception { 24 | auth.inMemoryAuthentication() 25 | .withUser("steve").password("password").roles("END_USER") 26 | .and() 27 | .withUser("admin").password("admin").roles("ADMIN").and() 28 | .withUser("test").password("test").roles("ADMIN"); 29 | } 30 | 31 | @Override 32 | protected void configure(HttpSecurity http) throws Exception { 33 | http 34 | .formLogin().permitAll() 35 | .and() 36 | .requestMatchers().antMatchers("/login", "/oauth/authorize", "/oauth/confirm_access","/rediect") 37 | .and() 38 | .authorizeRequests().anyRequest().authenticated(); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /springcloud-resource-server/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | com.example 11 | springcloud-resource-server 12 | 0.0.1-SNAPSHOT 13 | springcloud-resource-server 14 | http://maven.apache.org 15 | 16 | UTF-8 17 | 18 | 19 | 20 | org.springframework.boot 21 | spring-boot-starter-web 22 | 23 | 24 | org.springframework.cloud 25 | spring-cloud-starter-security 26 | 27 | 28 | 29 | org.springframework.cloud 30 | spring-cloud-starter-oauth2 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-jdbc 35 | 36 | 37 | org.springframework.boot 38 | spring-boot-starter-test 39 | test 40 | 41 | 42 | 43 | mysql 44 | mysql-connector-java 45 | 46 | 47 | 48 | -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/META-INF/maven/cn.com.taiji/springcloud-resource-server/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-resource-server 12 | springcloud-resource-server 13 | http://maven.apache.org 14 | 15 | UTF-8 16 | 17 | 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-web 23 | 24 | 25 | org.springframework.cloud 26 | spring-cloud-starter-security 27 | 28 | 29 | 30 | org.springframework.cloud 31 | spring-cloud-starter-oauth2 32 | 33 | 34 | org.springframework.boot 35 | spring-boot-starter-jdbc 36 | 37 | 38 | org.springframework.boot 39 | spring-boot-starter-testjw 40 | test 41 | 42 | 43 | 44 | mysql 45 | mysql-connector-java 46 | 47 | 48 | -------------------------------------------------------------------------------- /springcloud-resource-server/target/classes/META-INF/maven/com.example/springcloud-resource-server/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | com.example 11 | springcloud-resource-server 12 | 0.0.1-SNAPSHOT 13 | springcloud-resource-server 14 | http://maven.apache.org 15 | 16 | UTF-8 17 | 18 | 19 | 20 | org.springframework.boot 21 | spring-boot-starter-web 22 | 23 | 24 | org.springframework.cloud 25 | spring-cloud-starter-security 26 | 27 | 28 | 29 | org.springframework.cloud 30 | spring-cloud-starter-oauth2 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-jdbc 35 | 36 | 37 | org.springframework.boot 38 | spring-boot-starter-test 39 | test 40 | 41 | 42 | 43 | mysql 44 | mysql-connector-java 45 | 46 | 47 | 48 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/bin/pom.xml: -------------------------------------------------------------------------------- 1 | 3 | 4.0.0 4 | 5 | springcloud-oauth2-client 6 | jar 7 | 8 | com.example 9 | springcloud-security-oauth2 10 | 0.0.1-SNAPSHOT 11 | 12 | springcloud-oauth2-client 13 | http://maven.apache.org 14 | 15 | 16 | UTF-8 17 | 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter 23 | 24 | 25 | org.springframework.cloud 26 | spring-cloud-starter-oauth2 27 | 28 | 29 | org.webjars 30 | jquery 31 | 32 | 33 | org.webjars 34 | bootstrap 35 | 36 | 37 | org.thymeleaf.extras 38 | thymeleaf-extras-springsecurity4 39 | 40 | 41 | org.springframework.boot 42 | spring-boot-starter-thymeleaf 43 | 44 | 45 | org.springframework.boot 46 | spring-boot-starter-security 47 | 48 | 49 | org.springframework.security.oauth 50 | spring-security-oauth2 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/pom.xml: -------------------------------------------------------------------------------- 1 | 3 | 4.0.0 4 | 5 | springcloud-oauth2-client 6 | jar 7 | 8 | com.example 9 | springcloud-security-oauth2 10 | 0.0.1-SNAPSHOT 11 | 12 | springcloud-oauth2-client 13 | http://maven.apache.org 14 | 15 | 16 | UTF-8 17 | 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter 23 | 24 | 25 | org.springframework.cloud 26 | spring-cloud-starter-oauth2 27 | 28 | 29 | org.webjars 30 | jquery 31 | 32 | 33 | org.webjars 34 | bootstrap 35 | 36 | 37 | org.thymeleaf.extras 38 | thymeleaf-extras-springsecurity4 39 | 40 | 41 | org.springframework.boot 42 | spring-boot-starter-thymeleaf 43 | 44 | 45 | org.springframework.boot 46 | spring-boot-starter-security 47 | 48 | 49 | org.springframework.security.oauth 50 | spring-security-oauth2 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/META-INF/maven/com.example/springcloud-oauth2-client/pom.xml: -------------------------------------------------------------------------------- 1 | 3 | 4.0.0 4 | 5 | springcloud-oauth2-client 6 | jar 7 | 8 | com.example 9 | springcloud-security-oauth2 10 | 0.0.1-SNAPSHOT 11 | 12 | springcloud-oauth2-client 13 | http://maven.apache.org 14 | 15 | 16 | UTF-8 17 | 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter 23 | 24 | 25 | org.springframework.cloud 26 | spring-cloud-starter-oauth2 27 | 28 | 29 | org.webjars 30 | jquery 31 | 32 | 33 | org.webjars 34 | bootstrap 35 | 36 | 37 | org.thymeleaf.extras 38 | thymeleaf-extras-springsecurity4 39 | 40 | 41 | org.springframework.boot 42 | spring-boot-starter-thymeleaf 43 | 44 | 45 | org.springframework.boot 46 | spring-boot-starter-security 47 | 48 | 49 | org.springframework.security.oauth 50 | spring-security-oauth2 51 | 52 | 53 | 54 | 55 | 56 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/web/UserControll.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server.web; 2 | 3 | import java.io.IOException; 4 | import java.security.Principal; 5 | import java.util.LinkedHashMap; 6 | import java.util.Map; 7 | 8 | import javax.servlet.http.HttpServletResponse; 9 | 10 | import org.springframework.beans.factory.annotation.Autowired; 11 | import org.springframework.security.oauth2.provider.OAuth2Authentication; 12 | import org.springframework.security.oauth2.provider.OAuth2Request; 13 | import org.springframework.security.oauth2.provider.token.TokenStore; 14 | import org.springframework.stereotype.Controller; 15 | import org.springframework.web.bind.annotation.RequestMapping; 16 | import org.springframework.web.bind.annotation.ResponseBody; 17 | import org.springframework.web.bind.annotation.SessionAttributes; 18 | 19 | @Controller 20 | @SessionAttributes("authorizationRequest") 21 | public class UserControll { 22 | @Autowired 23 | private TokenStore tokenStore; 24 | /** 25 | * 返回用户信息 26 | * @param user 27 | * @return 28 | */ 29 | @RequestMapping("/user") 30 | @ResponseBody 31 | public Principal user(Principal user) { 32 | return user; 33 | } 34 | /** 35 | * 为单点登录准备返回用户信息 36 | * @param access_token 37 | * @param response 38 | */ 39 | @RequestMapping({ "/user_info" }) 40 | public void user(String access_token,HttpServletResponse response) { 41 | OAuth2Authentication auth=tokenStore.readAuthentication(access_token); 42 | OAuth2Request request=auth.getOAuth2Request(); 43 | Map map = new LinkedHashMap<>(); 44 | map.put("loginName", auth.getUserAuthentication().getName()); 45 | map.put("password", auth.getUserAuthentication().getName()); 46 | map.put("id", auth.getUserAuthentication().getName()); 47 | try { 48 | response.sendRedirect(request.getRedirectUri()+"?name="+auth.getUserAuthentication().getName()); 49 | } catch (IOException e) { 50 | e.printStackTrace(); 51 | } 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-oauth2-auth-server 12 | springcloud-oauth2-auth-server 13 | http://maven.apache.org 14 | 15 | UTF-8 16 | 17 | 18 | 19 | redis.clients 20 | jedis 21 | 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-web 26 | 27 | 28 | org.springframework.cloud 29 | spring-cloud-starter-security 30 | 31 | 32 | 33 | org.springframework.cloud 34 | spring-cloud-starter-oauth2 35 | 36 | 37 | org.springframework.cloud 38 | spring-cloud-starter-zuul 39 | 40 | 41 | 42 | org.springframework.boot 43 | spring-boot-starter-jdbc 44 | 45 | 46 | org.springframework.boot 47 | spring-boot-starter-test 48 | test 49 | 50 | 51 | 52 | mysql 53 | mysql-connector-java 54 | 55 | 56 | 57 | 58 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/META-INF/maven/cn.com.taiji/springcloud-oauth2-auth-server/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-oauth2-auth-server 12 | springcloud-oauth2-auth-server 13 | http://maven.apache.org 14 | 15 | UTF-8 16 | 17 | 18 | 19 | redis.clients 20 | jedis 21 | 22 | 23 | 24 | org.springframework.boot 25 | spring-boot-starter-web 26 | 27 | 28 | org.springframework.cloud 29 | spring-cloud-starter-security 30 | 31 | 32 | 33 | org.springframework.cloud 34 | spring-cloud-starter-oauth2 35 | 36 | 37 | org.springframework.cloud 38 | spring-cloud-starter-zuul 39 | 40 | 41 | 42 | org.springframework.boot 43 | spring-boot-starter-jdbc 44 | 45 | 46 | org.springframework.boot 47 | spring-boot-starter-test 48 | test 49 | 50 | 51 | 52 | mysql 53 | mysql-connector-java 54 | 55 | 56 | 57 | 58 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 5 | 4.0.0 6 | 7 | com.example 8 | springcloud-security-oauth2 9 | 0.0.1-SNAPSHOT 10 | pom 11 | 12 | springcloud-security-oauth2 13 | Demo project for Spring Boot 14 | 15 | UTF-8 16 | UTF-8 17 | 1.8 18 | Edgware.SR3 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-parent 23 | 1.5.12.RELEASE 24 | 25 | 26 | 27 | 28 | org.springframework.cloud 29 | spring-cloud-dependencies 30 | ${spring-cloud.version} 31 | pom 32 | import 33 | 34 | 35 | 36 | 37 | 38 | spring-milestones 39 | Spring Milestones 40 | https://repo.spring.io/milestone 41 | 42 | false 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | org.apache.maven.plugins 51 | maven-compiler-plugin 52 | 53 | ${java.version} 54 | ${java.version} 55 | -proc:none 56 | 57 | 58 | 59 | 60 | org.springframework.boot 61 | spring-boot-maven-plugin 62 | 63 | 64 | 65 | 66 | springcloud-oauth2-auth-server 67 | springcloud-client 68 | springcloud-zuul 69 | springcloud-oauth2-client 70 | springcloud-resource-server 71 | 72 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/web/CustomController.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server.web; 2 | 3 | import java.util.HashMap; 4 | import java.util.Map; 5 | 6 | import javax.servlet.http.HttpServletResponse; 7 | 8 | import org.slf4j.Logger; 9 | import org.slf4j.LoggerFactory; 10 | import org.springframework.beans.factory.annotation.Autowired; 11 | import org.springframework.security.core.Authentication; 12 | import org.springframework.security.oauth2.common.OAuth2AccessToken; 13 | import org.springframework.security.oauth2.common.exceptions.InvalidTokenException; 14 | import org.springframework.security.oauth2.provider.OAuth2Authentication; 15 | import org.springframework.security.oauth2.provider.OAuth2Request; 16 | import org.springframework.security.oauth2.provider.token.DefaultTokenServices; 17 | import org.springframework.security.oauth2.provider.token.TokenStore; 18 | import org.springframework.stereotype.Controller; 19 | import org.springframework.web.bind.annotation.RequestMapping; 20 | 21 | @Controller 22 | public class CustomController { 23 | 24 | static final Logger LOGGER = LoggerFactory.getLogger(CustomController.class); 25 | @Autowired 26 | private TokenStore tokenStore; 27 | 28 | @Autowired 29 | private DefaultTokenServices defaultTokenServices; 30 | 31 | @RequestMapping("/rediect") 32 | public String rediect(HttpServletResponse responsel, String clientId, String token) { 33 | OAuth2Authentication authentication = tokenStore.readAuthentication(token); 34 | if (authentication == null) { 35 | throw new InvalidTokenException("Invalid access token: " + token); 36 | } 37 | OAuth2Request request = authentication.getOAuth2Request(); 38 | Map map = new HashMap(); 39 | map.put("code", request.getRequestParameters().get("code")); 40 | map.put("grant_type", request.getRequestParameters().get("grant_type")); 41 | map.put("response_type", request.getRequestParameters().get("response_type")); 42 | //TODO 需要查询一下要跳转的Client_id配置的回调地址 43 | map.put("redirect_uri", "http://127.0.0.1:8080"); 44 | map.put("client_id", clientId); 45 | map.put("state", request.getRequestParameters().get("state")); 46 | request = new OAuth2Request(map, clientId, request.getAuthorities(), request.isApproved(), request.getScope(), 47 | request.getResourceIds(), map.get("redirect_uri").toString(), request.getResponseTypes(),request.getExtensions()); // 模拟用户登录 48 | Authentication t = tokenStore.readAuthentication(token); 49 | OAuth2Authentication auth = new OAuth2Authentication(request, t); 50 | OAuth2AccessToken new_token = defaultTokenServices.createAccessToken(auth); 51 | return "redirect:/user_info?access_token=" + new_token.getValue(); 52 | } 53 | } 54 | -------------------------------------------------------------------------------- /springcloud-zuul/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-zuul 12 | springcloud-zuul 13 | http://maven.apache.org 14 | 15 | UTF-8 16 | 17 | 18 | 19 | org.springframework.cloud 20 | spring-cloud-starter-zuul 21 | 22 | 23 | org.springframework.cloud 24 | spring-cloud-starter-oauth2 25 | 26 | 27 | org.webjars 28 | angularjs 29 | 1.4.3 30 | 31 | 32 | 33 | 34 | com.github.abel533 35 | ECharts 36 | 2.2.7 37 | 38 | 39 | 40 | org.webjars 41 | jquery 42 | 43 | 44 | org.webjars 45 | bootstrap 46 | 47 | 48 | org.thymeleaf.extras 49 | thymeleaf-extras-springsecurity4 50 | 51 | 52 | org.springframework.boot 53 | spring-boot-starter-thymeleaf 54 | 55 | 56 | org.springframework.boot 57 | spring-boot-starter-security 58 | 59 | 60 | org.springframework.security.oauth 61 | spring-security-oauth2 62 | 63 | 64 | 65 | org.springframework.security 66 | spring-security-jwt 67 | 68 | 69 | org.springframework.boot 70 | spring-boot-starter-tomcat 71 | provided 72 | 73 | 74 | 75 | org.springframework.boot 76 | spring-boot-starter-test 77 | test 78 | 79 | 80 | org.apache.httpcomponents 81 | httpclient 82 | runtime 83 | 84 | 85 | org.webjars 86 | angularjs 87 | 1.3.8 88 | test 89 | 90 | 91 | 92 | -------------------------------------------------------------------------------- /springcloud-zuul/target/classes/META-INF/maven/cn.com.taiji/springcloud-zuul/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | com.example 7 | springcloud-security-oauth2 8 | 0.0.1-SNAPSHOT 9 | 10 | cn.com.taiji 11 | springcloud-zuul 12 | springcloud-zuul 13 | http://maven.apache.org 14 | 15 | UTF-8 16 | 17 | 18 | 19 | org.springframework.cloud 20 | spring-cloud-starter-zuul 21 | 22 | 23 | org.springframework.cloud 24 | spring-cloud-starter-oauth2 25 | 26 | 27 | org.webjars 28 | angularjs 29 | 1.4.3 30 | 31 | 32 | 33 | 34 | com.github.abel533 35 | ECharts 36 | 2.2.7 37 | 38 | 39 | 40 | org.webjars 41 | jquery 42 | 43 | 44 | org.webjars 45 | bootstrap 46 | 47 | 48 | org.thymeleaf.extras 49 | thymeleaf-extras-springsecurity4 50 | 51 | 52 | org.springframework.boot 53 | spring-boot-starter-thymeleaf 54 | 55 | 56 | org.springframework.boot 57 | spring-boot-starter-security 58 | 59 | 60 | org.springframework.security.oauth 61 | spring-security-oauth2 62 | 63 | 64 | 65 | org.springframework.security 66 | spring-security-jwt 67 | 68 | 69 | org.springframework.boot 70 | spring-boot-starter-tomcat 71 | provided 72 | 73 | 74 | 75 | org.springframework.boot 76 | spring-boot-starter-test 77 | test 78 | 79 | 80 | org.apache.httpcomponents 81 | httpclient 82 | runtime 83 | 84 | 85 | org.webjars 86 | angularjs 87 | 1.3.8 88 | test 89 | 90 | 91 | 92 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/java/com/example/springcloud_oauth2_client/web/HomeControlle.java: -------------------------------------------------------------------------------- 1 | package com.example.springcloud_oauth2_client.web; 2 | 3 | import java.util.Arrays; 4 | 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.beans.factory.annotation.Value; 7 | import org.springframework.http.HttpEntity; 8 | import org.springframework.http.HttpHeaders; 9 | import org.springframework.http.HttpMethod; 10 | import org.springframework.http.ResponseEntity; 11 | import org.springframework.http.converter.FormHttpMessageConverter; 12 | import org.springframework.http.converter.HttpMessageConverter; 13 | import org.springframework.http.converter.StringHttpMessageConverter; 14 | import org.springframework.stereotype.Controller; 15 | import org.springframework.util.LinkedMultiValueMap; 16 | import org.springframework.util.MultiValueMap; 17 | import org.springframework.web.bind.annotation.RequestMapping; 18 | import org.springframework.web.bind.annotation.RequestMethod; 19 | import org.springframework.web.bind.annotation.RequestParam; 20 | import org.springframework.web.client.RestTemplate; 21 | 22 | @Controller 23 | public class HomeControlle { 24 | 25 | @Value("${security.oauth2.resource.userInfoUri}") 26 | String userInfoUrl; 27 | 28 | @Autowired 29 | RestTemplate restTemplate; 30 | 31 | /** 32 | * 服务端会在注册回调的地址 获取code 33 | * @param code 34 | * @return 35 | */ 36 | @RequestMapping({"/login/code"}) 37 | public String login(@RequestParam(value = "code", required = false) String code) { 38 | return "index"; 39 | } 40 | 41 | @RequestMapping({"/github"}) 42 | public String logingitlab(@RequestParam(value = "code", required = false) String code) { 43 | System.out.println("github/"+"我回调了没"+code); 44 | return "index"; 45 | } 46 | 47 | @RequestMapping(value = "/", method = RequestMethod.GET) 48 | public String loginIndex() { 49 | return "login"; 50 | } 51 | 52 | @RequestMapping({ "/getUserInfo"}) 53 | public String getUserInfo(String access_token) { 54 | MultiValueMap params = new LinkedMultiValueMap<>(); 55 | params.add("access_token", access_token); 56 | HttpHeaders headers = new HttpHeaders(); 57 | headers.add("Authorization", "bearer " + access_token); 58 | HttpEntity request = new HttpEntity(params, headers); 59 | HttpMessageConverter formHttpMessageConverter = new FormHttpMessageConverter(); 60 | HttpMessageConverter stringHttpMessageConverternew = new StringHttpMessageConverter(); 61 | restTemplate.setMessageConverters(Arrays 62 | .asList(new HttpMessageConverter[] { 63 | formHttpMessageConverter, 64 | stringHttpMessageConverternew })); 65 | ResponseEntity result = restTemplate.exchange(userInfoUrl, HttpMethod.POST, request, String.class); 66 | System.out.println( result.getBody()); 67 | // UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(loginname, DigestUtils.sha256Hex(password)); 68 | return "index"; 69 | } 70 | 71 | @RequestMapping({ "/anonymous" }) 72 | public String anonymous(){ 73 | return "anonymous"; 74 | } 75 | 76 | 77 | @RequestMapping("/hello") 78 | public String hello() throws Exception { 79 | throw new Exception("发生错误"); 80 | } 81 | 82 | } 83 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/conf/OAuth2Config.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server.conf; 2 | 3 | import java.util.concurrent.TimeUnit; 4 | 5 | import javax.sql.DataSource; 6 | 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.context.annotation.Bean; 9 | import org.springframework.context.annotation.Configuration; 10 | import org.springframework.context.annotation.Primary; 11 | import org.springframework.security.authentication.AuthenticationManager; 12 | import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; 13 | import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; 14 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; 15 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; 16 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; 17 | import org.springframework.security.oauth2.provider.token.DefaultTokenServices; 18 | import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore; 19 | @Configuration 20 | @EnableAuthorizationServer 21 | public class OAuth2Config extends AuthorizationServerConfigurerAdapter { 22 | 23 | @Autowired 24 | private AuthenticationManager authenticationManager; 25 | 26 | //token端点配置 27 | @Override 28 | public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 29 | endpoints 30 | .authenticationManager(this.authenticationManager) 31 | .tokenStore(tokenStore()); 32 | 33 | // 配置TokenServices参数 34 | DefaultTokenServices tokenServices = new DefaultTokenServices(); 35 | tokenServices.setTokenStore(endpoints.getTokenStore()); 36 | tokenServices.setSupportRefreshToken(true); 37 | tokenServices.setClientDetailsService(endpoints.getClientDetailsService()); 38 | tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer()); 39 | tokenServices.setAccessTokenValiditySeconds((int) TimeUnit.MINUTES.toSeconds(1)); 40 | endpoints.tokenServices(tokenServices); 41 | } 42 | //oauth 的一些权限 43 | @Override 44 | public void configure(AuthorizationServerSecurityConfigurer oauthServer) 45 | throws Exception { 46 | oauthServer 47 | .tokenKeyAccess("permitAll()") 48 | .checkTokenAccess("isAuthenticated()"); 49 | } 50 | //配置客户端权限 51 | @Override 52 | public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 53 | clients.inMemory() 54 | .withClient("ui1") 55 | .secret("ui1-secret") 56 | .authorities("ROLE_TRUSTED_CLIENT") 57 | .authorizedGrantTypes("authorization_code", "refresh_token") 58 | .scopes("ui1.read") 59 | .autoApprove(true) 60 | .and() 61 | .withClient("ui2") 62 | .secret("ui2-secret") 63 | .authorities("ROLE_TRUSTED_CLIENT") 64 | .authorizedGrantTypes("authorization_code", "refresh_token") 65 | .scopes("ui2.read", "ui2.write") 66 | .autoApprove(true) 67 | .and() 68 | .withClient("mobile-app") 69 | .authorities("ROLE_CLIENT") 70 | .authorizedGrantTypes("implicit", "refresh_token") 71 | .scopes("read") 72 | .autoApprove(true) 73 | .and() 74 | .withClient("customer-integration-system") 75 | .secret("1234567890") 76 | .authorities("ROLE_CLIENT") 77 | .authorizedGrantTypes("password") 78 | .scopes("read") 79 | .autoApprove(true); 80 | } 81 | 82 | @Autowired 83 | private DataSource dataSource; 84 | 85 | @Bean// 声明TokenStore实现 86 | public JdbcTokenStore tokenStore() { 87 | return new JdbcTokenStore(dataSource); 88 | } 89 | 90 | 91 | @Bean 92 | @Primary 93 | public DefaultTokenServices tokenServices() { 94 | final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); 95 | defaultTokenServices.setTokenStore(tokenStore()); 96 | return defaultTokenServices; 97 | } 98 | 99 | } -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/java/org/springcloud/oauth2/auth/server/OAuth2Config.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.oauth2.auth.server; 2 | 3 | import java.util.concurrent.TimeUnit; 4 | 5 | import javax.sql.DataSource; 6 | 7 | import org.springframework.beans.factory.annotation.Autowired; 8 | import org.springframework.context.annotation.Bean; 9 | import org.springframework.context.annotation.Configuration; 10 | import org.springframework.context.annotation.Primary; 11 | import org.springframework.security.authentication.AuthenticationManager; 12 | import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; 13 | import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; 14 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; 15 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; 16 | import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; 17 | import org.springframework.security.oauth2.provider.token.DefaultTokenServices; 18 | import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore; 19 | @Configuration 20 | @EnableAuthorizationServer 21 | public class OAuth2Config extends AuthorizationServerConfigurerAdapter { 22 | 23 | @Autowired 24 | private AuthenticationManager authenticationManager; 25 | 26 | 27 | @Override 28 | public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { 29 | endpoints 30 | .authenticationManager(this.authenticationManager) 31 | .tokenStore(tokenStore()); 32 | 33 | /* endpoints.authenticationManager(authenticationManager); 34 | endpoints.tokenStore(tokenStore());*/ 35 | // 配置TokenServices参数 36 | /* DefaultTokenServices tokenServices = new DefaultTokenServices(); 37 | tokenServices.setTokenStore(endpoints.getTokenStore()); 38 | tokenServices.setSupportRefreshToken(true); 39 | tokenServices.setClientDetailsService(endpoints.getClientDetailsService()); 40 | tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer()); 41 | tokenServices.setAccessTokenValiditySeconds((int) TimeUnit.MINUTES.toSeconds(10)); 42 | endpoints.tokenServices(tokenServices);*/ 43 | } 44 | 45 | @Override 46 | public void configure(AuthorizationServerSecurityConfigurer oauthServer) 47 | throws Exception { 48 | oauthServer 49 | .tokenKeyAccess("permitAll()") 50 | .checkTokenAccess("isAuthenticated()"); 51 | } 52 | 53 | @Override 54 | public void configure(ClientDetailsServiceConfigurer clients) throws Exception { 55 | clients.inMemory() 56 | .withClient("ui1") 57 | .secret("ui1-secret") 58 | .authorities("ROLE_TRUSTED_CLIENT") 59 | .authorizedGrantTypes("authorization_code", "refresh_token") 60 | .scopes("ui1.read") 61 | .autoApprove(true) 62 | .and() 63 | .withClient("ui2") 64 | .secret("ui2-secret") 65 | .authorities("ROLE_TRUSTED_CLIENT") 66 | .authorizedGrantTypes("authorization_code", "refresh_token") 67 | .scopes("ui2.read", "ui2.write") 68 | .autoApprove(true) 69 | .and() 70 | .withClient("mobile-app") 71 | .authorities("ROLE_CLIENT") 72 | .authorizedGrantTypes("implicit", "refresh_token") 73 | .scopes("read") 74 | .autoApprove(true) 75 | .and() 76 | .withClient("customer-integration-system") 77 | .secret("1234567890") 78 | .authorities("ROLE_CLIENT") 79 | .authorizedGrantTypes("client_credentials") 80 | .scopes("read") 81 | .autoApprove(true); 82 | } 83 | 84 | @Autowired 85 | private DataSource dataSource; 86 | 87 | @Bean 88 | public JdbcTokenStore tokenStore() { 89 | return new JdbcTokenStore(dataSource); 90 | } 91 | 92 | 93 | @Bean 94 | @Primary 95 | public DefaultTokenServices tokenServices() { 96 | final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); 97 | defaultTokenServices.setTokenStore(tokenStore()); 98 | return defaultTokenServices; 99 | } 100 | 101 | } -------------------------------------------------------------------------------- /springcloud-client/src/main/resouces/static/js/angular-route.min.js: -------------------------------------------------------------------------------- 1 | /* 2 | AngularJS v1.4.9 3 | (c) 2010-2015 Google, Inc. http://angularjs.org 4 | License: MIT 5 | */ 6 | (function(p,c,C){'use strict';function v(r,h,g){return{restrict:"ECA",terminal:!0,priority:400,transclude:"element",link:function(a,f,b,d,y){function z(){k&&(g.cancel(k),k=null);l&&(l.$destroy(),l=null);m&&(k=g.leave(m),k.then(function(){k=null}),m=null)}function x(){var b=r.current&&r.current.locals;if(c.isDefined(b&&b.$template)){var b=a.$new(),d=r.current;m=y(b,function(b){g.enter(b,null,m||f).then(function(){!c.isDefined(t)||t&&!a.$eval(t)||h()});z()});l=d.scope=b;l.$emit("$viewContentLoaded"); 7 | l.$eval(w)}else z()}var l,m,k,t=b.autoscroll,w=b.onload||"";a.$on("$routeChangeSuccess",x);x()}}}function A(c,h,g){return{restrict:"ECA",priority:-400,link:function(a,f){var b=g.current,d=b.locals;f.html(d.$template);var y=c(f.contents());b.controller&&(d.$scope=a,d=h(b.controller,d),b.controllerAs&&(a[b.controllerAs]=d),f.data("$ngControllerController",d),f.children().data("$ngControllerController",d));y(a)}}}p=c.module("ngRoute",["ng"]).provider("$route",function(){function r(a,f){return c.extend(Object.create(a), 8 | f)}function h(a,c){var b=c.caseInsensitiveMatch,d={originalPath:a,regexp:a},g=d.keys=[];a=a.replace(/([().])/g,"\\$1").replace(/(\/)?:(\w+)([\?\*])?/g,function(a,c,b,d){a="?"===d?d:null;d="*"===d?d:null;g.push({name:b,optional:!!a});c=c||"";return""+(a?"":c)+"(?:"+(a?c:"")+(d&&"(.+?)"||"([^/]+)")+(a||"")+")"+(a||"")}).replace(/([\/$\*])/g,"\\$1");d.regexp=new RegExp("^"+a+"$",b?"i":"");return d}var g={};this.when=function(a,f){var b=c.copy(f);c.isUndefined(b.reloadOnSearch)&&(b.reloadOnSearch=!0); 9 | c.isUndefined(b.caseInsensitiveMatch)&&(b.caseInsensitiveMatch=this.caseInsensitiveMatch);g[a]=c.extend(b,a&&h(a,b));if(a){var d="/"==a[a.length-1]?a.substr(0,a.length-1):a+"/";g[d]=c.extend({redirectTo:a},h(d,b))}return this};this.caseInsensitiveMatch=!1;this.otherwise=function(a){"string"===typeof a&&(a={redirectTo:a});this.when(null,a);return this};this.$get=["$rootScope","$location","$routeParams","$q","$injector","$templateRequest","$sce",function(a,f,b,d,h,p,x){function l(b){var e=s.current; 10 | (v=(n=k())&&e&&n.$$route===e.$$route&&c.equals(n.pathParams,e.pathParams)&&!n.reloadOnSearch&&!w)||!e&&!n||a.$broadcast("$routeChangeStart",n,e).defaultPrevented&&b&&b.preventDefault()}function m(){var u=s.current,e=n;if(v)u.params=e.params,c.copy(u.params,b),a.$broadcast("$routeUpdate",u);else if(e||u)w=!1,(s.current=e)&&e.redirectTo&&(c.isString(e.redirectTo)?f.path(t(e.redirectTo,e.params)).search(e.params).replace():f.url(e.redirectTo(e.pathParams,f.path(),f.search())).replace()),d.when(e).then(function(){if(e){var a= 11 | c.extend({},e.resolve),b,f;c.forEach(a,function(b,e){a[e]=c.isString(b)?h.get(b):h.invoke(b,null,null,e)});c.isDefined(b=e.template)?c.isFunction(b)&&(b=b(e.params)):c.isDefined(f=e.templateUrl)&&(c.isFunction(f)&&(f=f(e.params)),c.isDefined(f)&&(e.loadedTemplateUrl=x.valueOf(f),b=p(f)));c.isDefined(b)&&(a.$template=b);return d.all(a)}}).then(function(f){e==s.current&&(e&&(e.locals=f,c.copy(e.params,b)),a.$broadcast("$routeChangeSuccess",e,u))},function(b){e==s.current&&a.$broadcast("$routeChangeError", 12 | e,u,b)})}function k(){var a,b;c.forEach(g,function(d,g){var q;if(q=!b){var h=f.path();q=d.keys;var l={};if(d.regexp)if(h=d.regexp.exec(h)){for(var k=1,m=h.length;k 2 | 3 | 4 | 登录 5 | 6 | 7 | 10 | 12 | 15 | 16 | 19 | 20 | 23 | 24 | 25 | 26 |
27 |
28 | 103 |
104 |
105 | 106 | 107 | 118 | 119 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/target/classes/templates/login.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 登录 5 | 6 | 7 | 10 | 12 | 15 | 16 | 19 | 20 | 23 | 24 | 25 | 26 |
27 |
28 | 103 |
104 |
105 | 106 | 107 | 118 | 119 | -------------------------------------------------------------------------------- /alan-oauth2.sql: -------------------------------------------------------------------------------- 1 | CREATE SCHEMA IF NOT EXISTS `alan-oauth` DEFAULT CHARACTER SET utf8 ; 2 | USE `alan-oauth` ; 3 | 4 | -- ----------------------------------------------------- 5 | -- Table `alan-oauth`.`clientdetails` 6 | -- ----------------------------------------------------- 7 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`clientdetails` ( 8 | `appId` VARCHAR(128) NOT NULL, 9 | `resourceIds` VARCHAR(256) NULL DEFAULT NULL, 10 | `appSecret` VARCHAR(256) NULL DEFAULT NULL, 11 | `scope` VARCHAR(256) NULL DEFAULT NULL, 12 | `grantTypes` VARCHAR(256) NULL DEFAULT NULL, 13 | `redirectUrl` VARCHAR(256) NULL DEFAULT NULL, 14 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 15 | `access_token_validity` INT(11) NULL DEFAULT NULL, 16 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 17 | `additionalInformation` VARCHAR(4096) NULL DEFAULT NULL, 18 | `autoApproveScopes` VARCHAR(256) NULL DEFAULT NULL, 19 | PRIMARY KEY (`appId`)) 20 | ENGINE = InnoDB 21 | DEFAULT CHARACTER SET = utf8; 22 | 23 | 24 | -- ----------------------------------------------------- 25 | -- Table `alan-oauth`.`oauth_access_token` 26 | -- ----------------------------------------------------- 27 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_access_token` ( 28 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 29 | `token` BLOB NULL DEFAULT NULL, 30 | `authentication_id` VARCHAR(128) NOT NULL, 31 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 32 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 33 | `authentication` BLOB NULL DEFAULT NULL, 34 | `refresh_token` VARCHAR(256) NULL DEFAULT NULL, 35 | PRIMARY KEY (`authentication_id`)) 36 | ENGINE = InnoDB 37 | DEFAULT CHARACTER SET = utf8; 38 | 39 | 40 | -- ----------------------------------------------------- 41 | -- Table `alan-oauth`.`oauth_approvals` 42 | -- ----------------------------------------------------- 43 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_approvals` ( 44 | `userId` VARCHAR(256) NULL DEFAULT NULL, 45 | `clientId` VARCHAR(256) NULL DEFAULT NULL, 46 | `scope` VARCHAR(256) NULL DEFAULT NULL, 47 | `status` VARCHAR(10) NULL DEFAULT NULL, 48 | `expiresAt` DATETIME NULL DEFAULT NULL, 49 | `lastModifiedAt` DATETIME NULL DEFAULT NULL) 50 | ENGINE = InnoDB 51 | DEFAULT CHARACTER SET = utf8; 52 | 53 | 54 | -- ----------------------------------------------------- 55 | -- Table `alan-oauth`.`oauth_client_details` 56 | -- ----------------------------------------------------- 57 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_details` ( 58 | `client_id` VARCHAR(128) NOT NULL, 59 | `resource_ids` VARCHAR(256) NULL DEFAULT NULL, 60 | `client_secret` VARCHAR(256) NULL DEFAULT NULL, 61 | `scope` VARCHAR(256) NULL DEFAULT NULL, 62 | `authorized_grant_types` VARCHAR(256) NULL DEFAULT NULL, 63 | `web_server_redirect_uri` VARCHAR(256) NULL DEFAULT NULL, 64 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 65 | `access_token_validity` INT(11) NULL DEFAULT NULL, 66 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 67 | `additional_information` VARCHAR(4096) NULL DEFAULT NULL, 68 | `autoapprove` VARCHAR(256) NULL DEFAULT NULL, 69 | PRIMARY KEY (`client_id`)) 70 | ENGINE = InnoDB 71 | DEFAULT CHARACTER SET = utf8; 72 | 73 | 74 | -- ----------------------------------------------------- 75 | -- Table `alan-oauth`.`oauth_client_token` 76 | -- ----------------------------------------------------- 77 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_token` ( 78 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 79 | `token` BLOB NULL DEFAULT NULL, 80 | `authentication_id` VARCHAR(128) NOT NULL, 81 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 82 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 83 | PRIMARY KEY (`authentication_id`)) 84 | ENGINE = InnoDB 85 | DEFAULT CHARACTER SET = utf8; 86 | 87 | 88 | -- ----------------------------------------------------- 89 | -- Table `alan-oauth`.`oauth_code` 90 | -- ----------------------------------------------------- 91 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_code` ( 92 | `code` VARCHAR(256) NULL DEFAULT NULL, 93 | `authentication` BLOB NULL DEFAULT NULL) 94 | ENGINE = InnoDB 95 | DEFAULT CHARACTER SET = utf8; 96 | 97 | 98 | -- ----------------------------------------------------- 99 | -- Table `alan-oauth`.`oauth_refresh_token` 100 | -- ----------------------------------------------------- 101 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_refresh_token` ( 102 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 103 | `token` BLOB NULL DEFAULT NULL, 104 | `authentication` BLOB NULL DEFAULT NULL) 105 | ENGINE = InnoDB 106 | DEFAULT CHARACTER SET = utf8; 107 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/bin/target/classes/alan-oauth2.sql: -------------------------------------------------------------------------------- 1 | CREATE SCHEMA IF NOT EXISTS `alan-oauth` DEFAULT CHARACTER SET utf8 ; 2 | USE `alan-oauth` ; 3 | 4 | -- ----------------------------------------------------- 5 | -- Table `alan-oauth`.`clientdetails` 6 | -- ----------------------------------------------------- 7 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`clientdetails` ( 8 | `appId` VARCHAR(128) NOT NULL, 9 | `resourceIds` VARCHAR(256) NULL DEFAULT NULL, 10 | `appSecret` VARCHAR(256) NULL DEFAULT NULL, 11 | `scope` VARCHAR(256) NULL DEFAULT NULL, 12 | `grantTypes` VARCHAR(256) NULL DEFAULT NULL, 13 | `redirectUrl` VARCHAR(256) NULL DEFAULT NULL, 14 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 15 | `access_token_validity` INT(11) NULL DEFAULT NULL, 16 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 17 | `additionalInformation` VARCHAR(4096) NULL DEFAULT NULL, 18 | `autoApproveScopes` VARCHAR(256) NULL DEFAULT NULL, 19 | PRIMARY KEY (`appId`)) 20 | ENGINE = InnoDB 21 | DEFAULT CHARACTER SET = utf8; 22 | 23 | 24 | -- ----------------------------------------------------- 25 | -- Table `alan-oauth`.`oauth_access_token` 26 | -- ----------------------------------------------------- 27 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_access_token` ( 28 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 29 | `token` BLOB NULL DEFAULT NULL, 30 | `authentication_id` VARCHAR(128) NOT NULL, 31 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 32 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 33 | `authentication` BLOB NULL DEFAULT NULL, 34 | `refresh_token` VARCHAR(256) NULL DEFAULT NULL, 35 | PRIMARY KEY (`authentication_id`)) 36 | ENGINE = InnoDB 37 | DEFAULT CHARACTER SET = utf8; 38 | 39 | 40 | -- ----------------------------------------------------- 41 | -- Table `alan-oauth`.`oauth_approvals` 42 | -- ----------------------------------------------------- 43 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_approvals` ( 44 | `userId` VARCHAR(256) NULL DEFAULT NULL, 45 | `clientId` VARCHAR(256) NULL DEFAULT NULL, 46 | `scope` VARCHAR(256) NULL DEFAULT NULL, 47 | `status` VARCHAR(10) NULL DEFAULT NULL, 48 | `expiresAt` DATETIME NULL DEFAULT NULL, 49 | `lastModifiedAt` DATETIME NULL DEFAULT NULL) 50 | ENGINE = InnoDB 51 | DEFAULT CHARACTER SET = utf8; 52 | 53 | 54 | -- ----------------------------------------------------- 55 | -- Table `alan-oauth`.`oauth_client_details` 56 | -- ----------------------------------------------------- 57 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_details` ( 58 | `client_id` VARCHAR(128) NOT NULL, 59 | `resource_ids` VARCHAR(256) NULL DEFAULT NULL, 60 | `client_secret` VARCHAR(256) NULL DEFAULT NULL, 61 | `scope` VARCHAR(256) NULL DEFAULT NULL, 62 | `authorized_grant_types` VARCHAR(256) NULL DEFAULT NULL, 63 | `web_server_redirect_uri` VARCHAR(256) NULL DEFAULT NULL, 64 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 65 | `access_token_validity` INT(11) NULL DEFAULT NULL, 66 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 67 | `additional_information` VARCHAR(4096) NULL DEFAULT NULL, 68 | `autoapprove` VARCHAR(256) NULL DEFAULT NULL, 69 | PRIMARY KEY (`client_id`)) 70 | ENGINE = InnoDB 71 | DEFAULT CHARACTER SET = utf8; 72 | 73 | 74 | -- ----------------------------------------------------- 75 | -- Table `alan-oauth`.`oauth_client_token` 76 | -- ----------------------------------------------------- 77 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_token` ( 78 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 79 | `token` BLOB NULL DEFAULT NULL, 80 | `authentication_id` VARCHAR(128) NOT NULL, 81 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 82 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 83 | PRIMARY KEY (`authentication_id`)) 84 | ENGINE = InnoDB 85 | DEFAULT CHARACTER SET = utf8; 86 | 87 | 88 | -- ----------------------------------------------------- 89 | -- Table `alan-oauth`.`oauth_code` 90 | -- ----------------------------------------------------- 91 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_code` ( 92 | `code` VARCHAR(256) NULL DEFAULT NULL, 93 | `authentication` BLOB NULL DEFAULT NULL) 94 | ENGINE = InnoDB 95 | DEFAULT CHARACTER SET = utf8; 96 | 97 | 98 | -- ----------------------------------------------------- 99 | -- Table `alan-oauth`.`oauth_refresh_token` 100 | -- ----------------------------------------------------- 101 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_refresh_token` ( 102 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 103 | `token` BLOB NULL DEFAULT NULL, 104 | `authentication` BLOB NULL DEFAULT NULL) 105 | ENGINE = InnoDB 106 | DEFAULT CHARACTER SET = utf8; 107 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/src/main/resouces/alan-oauth2.sql: -------------------------------------------------------------------------------- 1 | CREATE SCHEMA IF NOT EXISTS `alan-oauth` DEFAULT CHARACTER SET utf8 ; 2 | USE `alan-oauth` ; 3 | 4 | -- ----------------------------------------------------- 5 | -- Table `alan-oauth`.`clientdetails` 6 | -- ----------------------------------------------------- 7 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`clientdetails` ( 8 | `appId` VARCHAR(128) NOT NULL, 9 | `resourceIds` VARCHAR(256) NULL DEFAULT NULL, 10 | `appSecret` VARCHAR(256) NULL DEFAULT NULL, 11 | `scope` VARCHAR(256) NULL DEFAULT NULL, 12 | `grantTypes` VARCHAR(256) NULL DEFAULT NULL, 13 | `redirectUrl` VARCHAR(256) NULL DEFAULT NULL, 14 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 15 | `access_token_validity` INT(11) NULL DEFAULT NULL, 16 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 17 | `additionalInformation` VARCHAR(4096) NULL DEFAULT NULL, 18 | `autoApproveScopes` VARCHAR(256) NULL DEFAULT NULL, 19 | PRIMARY KEY (`appId`)) 20 | ENGINE = InnoDB 21 | DEFAULT CHARACTER SET = utf8; 22 | 23 | 24 | -- ----------------------------------------------------- 25 | -- Table `alan-oauth`.`oauth_access_token` 26 | -- ----------------------------------------------------- 27 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_access_token` ( 28 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 29 | `token` BLOB NULL DEFAULT NULL, 30 | `authentication_id` VARCHAR(128) NOT NULL, 31 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 32 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 33 | `authentication` BLOB NULL DEFAULT NULL, 34 | `refresh_token` VARCHAR(256) NULL DEFAULT NULL, 35 | PRIMARY KEY (`authentication_id`)) 36 | ENGINE = InnoDB 37 | DEFAULT CHARACTER SET = utf8; 38 | 39 | 40 | -- ----------------------------------------------------- 41 | -- Table `alan-oauth`.`oauth_approvals` 42 | -- ----------------------------------------------------- 43 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_approvals` ( 44 | `userId` VARCHAR(256) NULL DEFAULT NULL, 45 | `clientId` VARCHAR(256) NULL DEFAULT NULL, 46 | `scope` VARCHAR(256) NULL DEFAULT NULL, 47 | `status` VARCHAR(10) NULL DEFAULT NULL, 48 | `expiresAt` DATETIME NULL DEFAULT NULL, 49 | `lastModifiedAt` DATETIME NULL DEFAULT NULL) 50 | ENGINE = InnoDB 51 | DEFAULT CHARACTER SET = utf8; 52 | 53 | 54 | -- ----------------------------------------------------- 55 | -- Table `alan-oauth`.`oauth_client_details` 56 | -- ----------------------------------------------------- 57 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_details` ( 58 | `client_id` VARCHAR(128) NOT NULL, 59 | `resource_ids` VARCHAR(256) NULL DEFAULT NULL, 60 | `client_secret` VARCHAR(256) NULL DEFAULT NULL, 61 | `scope` VARCHAR(256) NULL DEFAULT NULL, 62 | `authorized_grant_types` VARCHAR(256) NULL DEFAULT NULL, 63 | `web_server_redirect_uri` VARCHAR(256) NULL DEFAULT NULL, 64 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 65 | `access_token_validity` INT(11) NULL DEFAULT NULL, 66 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 67 | `additional_information` VARCHAR(4096) NULL DEFAULT NULL, 68 | `autoapprove` VARCHAR(256) NULL DEFAULT NULL, 69 | PRIMARY KEY (`client_id`)) 70 | ENGINE = InnoDB 71 | DEFAULT CHARACTER SET = utf8; 72 | 73 | 74 | -- ----------------------------------------------------- 75 | -- Table `alan-oauth`.`oauth_client_token` 76 | -- ----------------------------------------------------- 77 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_token` ( 78 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 79 | `token` BLOB NULL DEFAULT NULL, 80 | `authentication_id` VARCHAR(128) NOT NULL, 81 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 82 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 83 | PRIMARY KEY (`authentication_id`)) 84 | ENGINE = InnoDB 85 | DEFAULT CHARACTER SET = utf8; 86 | 87 | 88 | -- ----------------------------------------------------- 89 | -- Table `alan-oauth`.`oauth_code` 90 | -- ----------------------------------------------------- 91 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_code` ( 92 | `code` VARCHAR(256) NULL DEFAULT NULL, 93 | `authentication` BLOB NULL DEFAULT NULL) 94 | ENGINE = InnoDB 95 | DEFAULT CHARACTER SET = utf8; 96 | 97 | 98 | -- ----------------------------------------------------- 99 | -- Table `alan-oauth`.`oauth_refresh_token` 100 | -- ----------------------------------------------------- 101 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_refresh_token` ( 102 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 103 | `token` BLOB NULL DEFAULT NULL, 104 | `authentication` BLOB NULL DEFAULT NULL) 105 | ENGINE = InnoDB 106 | DEFAULT CHARACTER SET = utf8; 107 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/target/classes/alan-oauth2.sql: -------------------------------------------------------------------------------- 1 | CREATE SCHEMA IF NOT EXISTS `alan-oauth` DEFAULT CHARACTER SET utf8 ; 2 | USE `alan-oauth` ; 3 | 4 | -- ----------------------------------------------------- 5 | -- Table `alan-oauth`.`clientdetails` 6 | -- ----------------------------------------------------- 7 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`clientdetails` ( 8 | `appId` VARCHAR(128) NOT NULL, 9 | `resourceIds` VARCHAR(256) NULL DEFAULT NULL, 10 | `appSecret` VARCHAR(256) NULL DEFAULT NULL, 11 | `scope` VARCHAR(256) NULL DEFAULT NULL, 12 | `grantTypes` VARCHAR(256) NULL DEFAULT NULL, 13 | `redirectUrl` VARCHAR(256) NULL DEFAULT NULL, 14 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 15 | `access_token_validity` INT(11) NULL DEFAULT NULL, 16 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 17 | `additionalInformation` VARCHAR(4096) NULL DEFAULT NULL, 18 | `autoApproveScopes` VARCHAR(256) NULL DEFAULT NULL, 19 | PRIMARY KEY (`appId`)) 20 | ENGINE = InnoDB 21 | DEFAULT CHARACTER SET = utf8; 22 | 23 | 24 | -- ----------------------------------------------------- 25 | -- Table `alan-oauth`.`oauth_access_token` 26 | -- ----------------------------------------------------- 27 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_access_token` ( 28 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 29 | `token` BLOB NULL DEFAULT NULL, 30 | `authentication_id` VARCHAR(128) NOT NULL, 31 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 32 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 33 | `authentication` BLOB NULL DEFAULT NULL, 34 | `refresh_token` VARCHAR(256) NULL DEFAULT NULL, 35 | PRIMARY KEY (`authentication_id`)) 36 | ENGINE = InnoDB 37 | DEFAULT CHARACTER SET = utf8; 38 | 39 | 40 | -- ----------------------------------------------------- 41 | -- Table `alan-oauth`.`oauth_approvals` 42 | -- ----------------------------------------------------- 43 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_approvals` ( 44 | `userId` VARCHAR(256) NULL DEFAULT NULL, 45 | `clientId` VARCHAR(256) NULL DEFAULT NULL, 46 | `scope` VARCHAR(256) NULL DEFAULT NULL, 47 | `status` VARCHAR(10) NULL DEFAULT NULL, 48 | `expiresAt` DATETIME NULL DEFAULT NULL, 49 | `lastModifiedAt` DATETIME NULL DEFAULT NULL) 50 | ENGINE = InnoDB 51 | DEFAULT CHARACTER SET = utf8; 52 | 53 | 54 | -- ----------------------------------------------------- 55 | -- Table `alan-oauth`.`oauth_client_details` 56 | -- ----------------------------------------------------- 57 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_details` ( 58 | `client_id` VARCHAR(128) NOT NULL, 59 | `resource_ids` VARCHAR(256) NULL DEFAULT NULL, 60 | `client_secret` VARCHAR(256) NULL DEFAULT NULL, 61 | `scope` VARCHAR(256) NULL DEFAULT NULL, 62 | `authorized_grant_types` VARCHAR(256) NULL DEFAULT NULL, 63 | `web_server_redirect_uri` VARCHAR(256) NULL DEFAULT NULL, 64 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 65 | `access_token_validity` INT(11) NULL DEFAULT NULL, 66 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 67 | `additional_information` VARCHAR(4096) NULL DEFAULT NULL, 68 | `autoapprove` VARCHAR(256) NULL DEFAULT NULL, 69 | PRIMARY KEY (`client_id`)) 70 | ENGINE = InnoDB 71 | DEFAULT CHARACTER SET = utf8; 72 | 73 | 74 | -- ----------------------------------------------------- 75 | -- Table `alan-oauth`.`oauth_client_token` 76 | -- ----------------------------------------------------- 77 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_token` ( 78 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 79 | `token` BLOB NULL DEFAULT NULL, 80 | `authentication_id` VARCHAR(128) NOT NULL, 81 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 82 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 83 | PRIMARY KEY (`authentication_id`)) 84 | ENGINE = InnoDB 85 | DEFAULT CHARACTER SET = utf8; 86 | 87 | 88 | -- ----------------------------------------------------- 89 | -- Table `alan-oauth`.`oauth_code` 90 | -- ----------------------------------------------------- 91 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_code` ( 92 | `code` VARCHAR(256) NULL DEFAULT NULL, 93 | `authentication` BLOB NULL DEFAULT NULL) 94 | ENGINE = InnoDB 95 | DEFAULT CHARACTER SET = utf8; 96 | 97 | 98 | -- ----------------------------------------------------- 99 | -- Table `alan-oauth`.`oauth_refresh_token` 100 | -- ----------------------------------------------------- 101 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_refresh_token` ( 102 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 103 | `token` BLOB NULL DEFAULT NULL, 104 | `authentication` BLOB NULL DEFAULT NULL) 105 | ENGINE = InnoDB 106 | DEFAULT CHARACTER SET = utf8; 107 | -------------------------------------------------------------------------------- /springcloud-oauth2-auth-server/bin/src/main/resouces/alan-oauth2.sql: -------------------------------------------------------------------------------- 1 | CREATE SCHEMA IF NOT EXISTS `alan-oauth` DEFAULT CHARACTER SET utf8 ; 2 | USE `alan-oauth` ; 3 | 4 | -- ----------------------------------------------------- 5 | -- Table `alan-oauth`.`clientdetails` 6 | -- ----------------------------------------------------- 7 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`clientdetails` ( 8 | `appId` VARCHAR(128) NOT NULL, 9 | `resourceIds` VARCHAR(256) NULL DEFAULT NULL, 10 | `appSecret` VARCHAR(256) NULL DEFAULT NULL, 11 | `scope` VARCHAR(256) NULL DEFAULT NULL, 12 | `grantTypes` VARCHAR(256) NULL DEFAULT NULL, 13 | `redirectUrl` VARCHAR(256) NULL DEFAULT NULL, 14 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 15 | `access_token_validity` INT(11) NULL DEFAULT NULL, 16 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 17 | `additionalInformation` VARCHAR(4096) NULL DEFAULT NULL, 18 | `autoApproveScopes` VARCHAR(256) NULL DEFAULT NULL, 19 | PRIMARY KEY (`appId`)) 20 | ENGINE = InnoDB 21 | DEFAULT CHARACTER SET = utf8; 22 | 23 | 24 | -- ----------------------------------------------------- 25 | -- Table `alan-oauth`.`oauth_access_token` 26 | -- ----------------------------------------------------- 27 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_access_token` ( 28 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 29 | `token` BLOB NULL DEFAULT NULL, 30 | `authentication_id` VARCHAR(128) NOT NULL, 31 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 32 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 33 | `authentication` BLOB NULL DEFAULT NULL, 34 | `refresh_token` VARCHAR(256) NULL DEFAULT NULL, 35 | PRIMARY KEY (`authentication_id`)) 36 | ENGINE = InnoDB 37 | DEFAULT CHARACTER SET = utf8; 38 | 39 | 40 | -- ----------------------------------------------------- 41 | -- Table `alan-oauth`.`oauth_approvals` 42 | -- ----------------------------------------------------- 43 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_approvals` ( 44 | `userId` VARCHAR(256) NULL DEFAULT NULL, 45 | `clientId` VARCHAR(256) NULL DEFAULT NULL, 46 | `scope` VARCHAR(256) NULL DEFAULT NULL, 47 | `status` VARCHAR(10) NULL DEFAULT NULL, 48 | `expiresAt` DATETIME NULL DEFAULT NULL, 49 | `lastModifiedAt` DATETIME NULL DEFAULT NULL) 50 | ENGINE = InnoDB 51 | DEFAULT CHARACTER SET = utf8; 52 | 53 | 54 | -- ----------------------------------------------------- 55 | -- Table `alan-oauth`.`oauth_client_details` 56 | -- ----------------------------------------------------- 57 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_details` ( 58 | `client_id` VARCHAR(128) NOT NULL, 59 | `resource_ids` VARCHAR(256) NULL DEFAULT NULL, 60 | `client_secret` VARCHAR(256) NULL DEFAULT NULL, 61 | `scope` VARCHAR(256) NULL DEFAULT NULL, 62 | `authorized_grant_types` VARCHAR(256) NULL DEFAULT NULL, 63 | `web_server_redirect_uri` VARCHAR(256) NULL DEFAULT NULL, 64 | `authorities` VARCHAR(256) NULL DEFAULT NULL, 65 | `access_token_validity` INT(11) NULL DEFAULT NULL, 66 | `refresh_token_validity` INT(11) NULL DEFAULT NULL, 67 | `additional_information` VARCHAR(4096) NULL DEFAULT NULL, 68 | `autoapprove` VARCHAR(256) NULL DEFAULT NULL, 69 | PRIMARY KEY (`client_id`)) 70 | ENGINE = InnoDB 71 | DEFAULT CHARACTER SET = utf8; 72 | 73 | 74 | -- ----------------------------------------------------- 75 | -- Table `alan-oauth`.`oauth_client_token` 76 | -- ----------------------------------------------------- 77 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_client_token` ( 78 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 79 | `token` BLOB NULL DEFAULT NULL, 80 | `authentication_id` VARCHAR(128) NOT NULL, 81 | `user_name` VARCHAR(256) NULL DEFAULT NULL, 82 | `client_id` VARCHAR(256) NULL DEFAULT NULL, 83 | PRIMARY KEY (`authentication_id`)) 84 | ENGINE = InnoDB 85 | DEFAULT CHARACTER SET = utf8; 86 | 87 | 88 | -- ----------------------------------------------------- 89 | -- Table `alan-oauth`.`oauth_code` 90 | -- ----------------------------------------------------- 91 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_code` ( 92 | `code` VARCHAR(256) NULL DEFAULT NULL, 93 | `authentication` BLOB NULL DEFAULT NULL) 94 | ENGINE = InnoDB 95 | DEFAULT CHARACTER SET = utf8; 96 | 97 | 98 | -- ----------------------------------------------------- 99 | -- Table `alan-oauth`.`oauth_refresh_token` 100 | -- ----------------------------------------------------- 101 | CREATE TABLE IF NOT EXISTS `alan-oauth`.`oauth_refresh_token` ( 102 | `token_id` VARCHAR(256) NULL DEFAULT NULL, 103 | `token` BLOB NULL DEFAULT NULL, 104 | `authentication` BLOB NULL DEFAULT NULL) 105 | ENGINE = InnoDB 106 | DEFAULT CHARACTER SET = utf8; 107 | -------------------------------------------------------------------------------- /springcloud-resource-server/src/main/java/org/springcloud/resource/server/ResourceServerConfig.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.resource.server; 2 | import javax.sql.DataSource; 3 | 4 | import org.springframework.beans.factory.annotation.Autowired; 5 | import org.springframework.context.annotation.Bean; 6 | import org.springframework.context.annotation.Configuration; 7 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 8 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 9 | import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; 10 | import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; 11 | import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; 12 | import org.springframework.security.oauth2.provider.token.DefaultTokenServices; 13 | import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; 14 | import org.springframework.security.oauth2.provider.token.TokenStore; 15 | import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; 16 | import org.springframework.security.oauth2.provider.token.store.JwtTokenStore; 17 | /* 18 | * 配置授权资源路径 19 | */ 20 | @Configuration 21 | @EnableResourceServer 22 | @EnableWebSecurity 23 | public class ResourceServerConfig extends ResourceServerConfigurerAdapter { 24 | 25 | private static final String RESOURCE_ID = "resourceService1"; 26 | 27 | @Autowired 28 | private DataSource dataSource; 29 | 30 | @Override 31 | public void configure(HttpSecurity http) throws Exception { 32 | http 33 | .requestMatchers().antMatchers("/**") 34 | .and() 35 | .authorizeRequests() 36 | .antMatchers("/test/**").access("#oauth2.isClient() or hasRole('END_USER')") 37 | .antMatchers("/demo/**").permitAll() 38 | .anyRequest().authenticated(); 39 | } 40 | 41 | @Override 42 | public void configure(ResourceServerSecurityConfigurer resources) { 43 | resources 44 | .resourceId(RESOURCE_ID) 45 | .tokenStore(tokenStore()); 46 | resources.tokenServices(defaultTokenServices()); 47 | } 48 | 49 | 50 | 51 | 52 | /* @Bean 53 | public JdbcTokenStore tokenStore() { 54 | return new JdbcTokenStore(dataSource); 55 | }*/ 56 | 57 | // ===================================================以下代码与认证服务器一致========================================= 58 | /** 59 | * token存储,这里使用jwt方式存储 60 | * 61 | * @param accessTokenConverter 62 | * @return 63 | */ 64 | @Bean 65 | public TokenStore tokenStore() { 66 | TokenStore tokenStore = new JwtTokenStore(accessTokenConverter()); 67 | return tokenStore; 68 | } 69 | 70 | /** 71 | * Token转换器必须与认证服务一致 72 | * 73 | * @return 74 | */ 75 | @Bean 76 | public JwtAccessTokenConverter accessTokenConverter() { 77 | JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter() { 78 | // /*** 79 | // * 重写增强token方法,用于自定义一些token返回的信息 80 | // */ 81 | // @Override 82 | // public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) { 83 | // String userName = authentication.getUserAuthentication().getName(); 84 | // User user = (User) authentication.getUserAuthentication().getPrincipal();// 与登录时候放进去的UserDetail实现类一直查看link{SecurityConfiguration} 85 | // /** 自定义一些token属性 ***/ 86 | // final Map additionalInformation = new HashMap<>(); 87 | // additionalInformation.put("userName", userName); 88 | // additionalInformation.put("roles", user.getAuthorities()); 89 | // ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInformation); 90 | // OAuth2AccessToken enhancedToken = super.enhance(accessToken, authentication); 91 | // return enhancedToken; 92 | // } 93 | 94 | }; 95 | accessTokenConverter.setSigningKey("123");// 测试用,授权服务使用相同的字符达到一个对称加密的效果,生产时候使用RSA非对称加密方式 96 | return accessTokenConverter; 97 | } 98 | 99 | /** 100 | * 创建一个默认的资源服务token 101 | * 102 | * @return 103 | */ 104 | @Bean 105 | public ResourceServerTokenServices defaultTokenServices() { 106 | final DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); 107 | defaultTokenServices.setTokenEnhancer(accessTokenConverter()); 108 | defaultTokenServices.setTokenStore(tokenStore()); 109 | return defaultTokenServices; 110 | } 111 | // ===================================================以上代码与认证服务器一致========================================= 112 | } -------------------------------------------------------------------------------- /springcloud-zuul/src/main/java/org/springcloud/zuul/GatewayApplication.java: -------------------------------------------------------------------------------- 1 | package org.springcloud.zuul; 2 | 3 | import java.io.IOException; 4 | import java.util.ArrayList; 5 | 6 | import javax.servlet.Filter; 7 | import javax.servlet.FilterChain; 8 | import javax.servlet.ServletException; 9 | import javax.servlet.http.Cookie; 10 | import javax.servlet.http.HttpServletRequest; 11 | import javax.servlet.http.HttpServletResponse; 12 | 13 | import org.springframework.boot.SpringApplication; 14 | import org.springframework.boot.autoconfigure.SpringBootApplication; 15 | import org.springframework.boot.autoconfigure.security.SecurityProperties; 16 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso; 17 | import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateCustomizer; 18 | import org.springframework.cloud.netflix.zuul.EnableZuulProxy; 19 | import org.springframework.context.annotation.Bean; 20 | import org.springframework.context.annotation.Configuration; 21 | import org.springframework.core.Ordered; 22 | import org.springframework.core.annotation.Order; 23 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 24 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 25 | import org.springframework.security.core.session.SessionRegistry; 26 | import org.springframework.security.core.session.SessionRegistryImpl; 27 | import org.springframework.security.oauth2.client.OAuth2RestTemplate; 28 | import org.springframework.security.web.csrf.CsrfToken; 29 | import org.springframework.security.web.csrf.CsrfTokenRepository; 30 | import org.springframework.security.web.csrf.HttpSessionCsrfTokenRepository; 31 | import org.springframework.security.web.session.SessionManagementFilter; 32 | import org.springframework.stereotype.Component; 33 | import org.springframework.web.cors.CorsConfiguration; 34 | import org.springframework.web.cors.UrlBasedCorsConfigurationSource; 35 | import org.springframework.web.filter.CorsFilter; 36 | import org.springframework.web.filter.OncePerRequestFilter; 37 | import org.springframework.web.util.WebUtils; 38 | 39 | @SpringBootApplication 40 | @EnableZuulProxy 41 | @EnableOAuth2Sso 42 | public class GatewayApplication { 43 | 44 | public static void main(String[] args) { 45 | SpringApplication.run(GatewayApplication.class, args); 46 | } 47 | @Bean 48 | public SessionRegistry sessionRegistry(){ 49 | return new SessionRegistryImpl(); 50 | } 51 | 52 | 53 | 54 | @Configuration 55 | @Order(SecurityProperties.ACCESS_OVERRIDE_ORDER) 56 | protected static class SecurityConfiguration extends WebSecurityConfigurerAdapter { 57 | 58 | 59 | @Override 60 | protected void configure(HttpSecurity http) throws Exception { 61 | http 62 | .authorizeRequests() 63 | //Allow access to all static resources without authentication 64 | .antMatchers("/","/**/*.html").permitAll() 65 | .anyRequest().authenticated() 66 | .and() 67 | .csrf().csrfTokenRepository(csrfTokenRepository()) 68 | .and() 69 | .addFilterAfter(csrfHeaderFilter(), SessionManagementFilter.class); 70 | 71 | //http.httpBasic().disable(); 72 | } 73 | 74 | private Filter csrfHeaderFilter() { 75 | return new OncePerRequestFilter() { 76 | @Override 77 | protected void doFilterInternal(HttpServletRequest request, 78 | HttpServletResponse response, FilterChain filterChain) 79 | throws ServletException, IOException { 80 | CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class 81 | .getName()); 82 | if (csrf != null) { 83 | Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN"); 84 | String token = csrf.getToken(); 85 | if (cookie == null || token != null && !token.equals(cookie.getValue())) { 86 | cookie = new Cookie("XSRF-TOKEN", token); 87 | cookie.setPath("/"); 88 | response.addCookie(cookie); 89 | } 90 | } 91 | filterChain.doFilter(request, response); 92 | } 93 | }; 94 | } 95 | 96 | private CsrfTokenRepository csrfTokenRepository() { 97 | HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository(); 98 | repository.setHeaderName("X-XSRF-TOKEN"); 99 | return repository; 100 | } 101 | } 102 | } 103 | 104 | @Component 105 | @Order(Ordered.HIGHEST_PRECEDENCE) 106 | class WorkaroundRestTemplateCustomizer implements UserInfoRestTemplateCustomizer { 107 | @Override 108 | public void customize(OAuth2RestTemplate template) { 109 | template.setInterceptors(new ArrayList<>(template.getInterceptors())); 110 | } 111 | 112 | 113 | /** 114 | * 115 | * attention:简单跨域就是GET,HEAD和POST请求,但是POST请求的"Content-Type"只能是application/x-www-form-urlencoded, multipart/form-data 或 text/plain 116 | * 反之,就是非简单跨域,此跨域有一个预检机制,说直白点,就是会发两次请求,一次OPTIONS请求,一次真正的请求 117 | */ 118 | @Bean 119 | public CorsFilter corsFilter() { 120 | final UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource(); 121 | final CorsConfiguration config = new CorsConfiguration(); 122 | config.setAllowCredentials(true); // 允许cookies跨域 123 | config.addAllowedOrigin("*");// #允许向该服务器提交请求的URI,*表示全部允许,在SpringMVC中,如果设成*,会自动转成当前请求头中的Origin 124 | config.addAllowedHeader("*");// #允许访问的头信息,*表示全部 125 | config.setMaxAge(18000L);// 预检请求的缓存时间(秒),即在这个时间段里,对于相同的跨域请求不会再预检了 126 | config.addAllowedMethod("OPTIONS");// 允许提交请求的方法,*表示全部允许 127 | config.addAllowedMethod("HEAD"); 128 | config.addAllowedMethod("GET");// 允许Get的请求方法 129 | config.addAllowedMethod("PUT"); 130 | config.addAllowedMethod("POST"); 131 | config.addAllowedMethod("DELETE"); 132 | config.addAllowedMethod("PATCH"); 133 | source.registerCorsConfiguration("/**", config); 134 | return new CorsFilter(source); 135 | } 136 | 137 | } 138 | 139 | 140 | 141 | -------------------------------------------------------------------------------- /springcloud-oauth2-client/src/main/java/com/example/springcloud_oauth2_client/Application.java: -------------------------------------------------------------------------------- 1 | package com.example.springcloud_oauth2_client; 2 | 3 | import java.util.ArrayList; 4 | import java.util.Collection; 5 | import java.util.HashSet; 6 | import java.util.List; 7 | import java.util.Map; 8 | 9 | import javax.servlet.http.HttpServletRequest; 10 | import javax.servlet.http.HttpServletResponse; 11 | 12 | import org.springframework.beans.factory.annotation.Autowired; 13 | import org.springframework.beans.factory.annotation.Value; 14 | import org.springframework.boot.SpringApplication; 15 | import org.springframework.boot.autoconfigure.SpringBootApplication; 16 | import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso; 17 | import org.springframework.cloud.client.loadbalancer.LoadBalanced; 18 | import org.springframework.context.annotation.Bean; 19 | import org.springframework.context.annotation.Primary; 20 | import org.springframework.core.env.Environment; 21 | import org.springframework.http.MediaType; 22 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 23 | import org.springframework.security.config.annotation.web.builders.WebSecurity; 24 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 25 | import org.springframework.security.oauth2.client.OAuth2ClientContext; 26 | import org.springframework.security.web.util.matcher.AntPathRequestMatcher; 27 | import org.springframework.web.accept.ContentNegotiationManager; 28 | import org.springframework.web.client.RestTemplate; 29 | import org.springframework.web.servlet.View; 30 | import org.springframework.web.servlet.ViewResolver; 31 | import org.springframework.web.servlet.config.annotation.ContentNegotiationConfigurer; 32 | import org.springframework.web.servlet.i18n.SessionLocaleResolver; 33 | import org.springframework.web.servlet.view.ContentNegotiatingViewResolver; 34 | import org.springframework.web.servlet.view.json.MappingJackson2JsonView; 35 | import org.thymeleaf.dialect.IDialect; 36 | import org.thymeleaf.spring4.view.ThymeleafViewResolver; 37 | 38 | import com.fasterxml.jackson.databind.ObjectMapper; 39 | import com.fasterxml.jackson.databind.SerializationFeature; 40 | import com.fasterxml.jackson.databind.util.ISO8601DateFormat; 41 | 42 | 43 | @SpringBootApplication 44 | @EnableOAuth2Sso 45 | public class Application extends WebSecurityConfigurerAdapter{ 46 | 47 | public static void main(String[] args) { 48 | SpringApplication.run(Application.class, args); 49 | } 50 | 51 | @Value(value = "${spring.messages.basename}") 52 | private String basename; 53 | @Autowired 54 | OAuth2ClientContext oauth2ClientContext; 55 | @Bean 56 | @LoadBalanced 57 | RestTemplate restTemplate() { 58 | return new RestTemplate(); 59 | } 60 | @Override 61 | protected void configure(HttpSecurity http) throws Exception { 62 | http.authorizeRequests() 63 | .antMatchers("/").permitAll() 64 | .antMatchers("/anonymous").permitAll() 65 | .antMatchers("/error").permitAll() 66 | .antMatchers("/img/**","/images/**","/js/**","/css/**","/fonts/**").permitAll() 67 | .anyRequest() 68 | .authenticated() 69 | .and() 70 | .logout() 71 | .logoutRequestMatcher(new AntPathRequestMatcher("/logout")).deleteCookies("JSESSIONID").invalidateHttpSession(true) 72 | .logoutSuccessUrl("/anonymous") 73 | .and() 74 | .csrf().disable(); 75 | //.csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()); 76 | } 77 | 78 | @Override 79 | public void configure(WebSecurity web) throws Exception { 80 | web.ignoring() 81 | .antMatchers("/favor.ico"); 82 | } 83 | @Autowired 84 | ThymeleafViewResolver thymeleafViewResolver; 85 | 86 | @Autowired 87 | Environment environment; 88 | 89 | @Bean 90 | @Primary 91 | public ObjectMapper jacksonObjectMapper() { 92 | // @formatter:off 93 | return new ObjectMapper() 94 | .configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, 95 | false) 96 | .configure(SerializationFeature.INDENT_OUTPUT, true) 97 | .setDateFormat(new ISO8601DateFormat()); 98 | 99 | } 100 | 101 | @Bean 102 | public MappingJackson2JsonView mappingJackson2JsonView() { 103 | MappingJackson2JsonView v = new org.springframework.web.servlet.view.json.MappingJackson2JsonView(); 104 | v.setObjectMapper(jacksonObjectMapper()); 105 | v.setPrettyPrint(true); 106 | return v; 107 | } 108 | 109 | protected class MappingJackson2JsonpView extends MappingJackson2JsonView { 110 | public static final String DEFAULT_CONTENT_TYPE = "application/javascript"; 111 | 112 | @Override 113 | public String getContentType() { 114 | return DEFAULT_CONTENT_TYPE; 115 | } 116 | 117 | @Override 118 | public void render(Map model, HttpServletRequest request, 119 | HttpServletResponse response) throws Exception { 120 | Map params = request.getParameterMap(); 121 | if (params.containsKey("callback")) { 122 | response.getOutputStream().write( 123 | new String(params.get("callback")[0] + "(").getBytes()); 124 | super.render(model, request, response); 125 | response.getOutputStream().write(new String(");").getBytes()); 126 | response.setContentType(DEFAULT_CONTENT_TYPE); 127 | } else { 128 | super.render(model, request, response); 129 | } 130 | } 131 | } 132 | 133 | @Bean 134 | public MappingJackson2JsonpView mappingJackson2JsonpView() { 135 | MappingJackson2JsonpView v = new MappingJackson2JsonpView(); 136 | v.setObjectMapper(jacksonObjectMapper()); 137 | v.setPrettyPrint(false); 138 | return v; 139 | } 140 | 141 | // @Override 142 | public void configureContentNegotiation( 143 | ContentNegotiationConfigurer configurer) { 144 | configurer 145 | .favorParameter(true) 146 | .ignoreAcceptHeader(false) 147 | .defaultContentType(MediaType.TEXT_HTML) 148 | .mediaType("json", MediaType.APPLICATION_JSON) 149 | .mediaType("jsonp", MediaType.valueOf("application/javascript")); 150 | } 151 | 152 | /* @Bean(name = "messageSource") 153 | public ResourceBundleMessageSource getMessageResource() { 154 | ResourceBundleMessageSource messageSource = new ResourceBundleMessageSource(); 155 | messageSource.setBasename(basename); 156 | return messageSource; 157 | }*/ 158 | 159 | @Bean(name="localeResolver") 160 | public SessionLocaleResolver localeResolverBean() { 161 | return new SessionLocaleResolver(); 162 | } 163 | @Bean 164 | public ViewResolver contentNegotiatingViewResolver( 165 | ContentNegotiationManager manager) { 166 | List resolvers = new ArrayList(); 167 | resolvers.add(thymeleafViewResolver); 168 | ContentNegotiatingViewResolver resolver = new ContentNegotiatingViewResolver(); 169 | resolver.setViewResolvers(resolvers); 170 | resolver.setContentNegotiationManager(manager); 171 | 172 | List views = new ArrayList(); 173 | views.add(mappingJackson2JsonView()); 174 | views.add(mappingJackson2JsonpView()); 175 | resolver.setDefaultViews(views); 176 | return resolver; 177 | 178 | } 179 | @Bean 180 | public Collection dialects() { 181 | Collection dialects = new HashSet(); 182 | dialects.add(new org.thymeleaf.extras.springsecurity4.dialect.SpringSecurityDialect()); 183 | return dialects; 184 | } 185 | 186 | } 187 | --------------------------------------------------------------------------------