提交 506a9ac4 编写于 作者: M ManongJu

Zuul 网关统一token校验

上级 c8d0db66
......@@ -4,6 +4,7 @@ import com.microservice.skeleton.auth.service.impl.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
......@@ -13,7 +14,6 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Aut
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
import javax.sql.DataSource;
......@@ -54,13 +54,22 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
endpoints.tokenStore(jdbcTokenStore())
.userDetailsService(userDetailsService)
.authenticationManager(authenticationManager);
endpoints.tokenServices(defaultTokenServices());
}
/**
* <p>注意,自定义TokenServices的时候,需要设置@Primary,否则报错,</p>
* @return
*/
@Primary
@Bean
public DefaultTokenServices defaultTokenServices(){
DefaultTokenServices tokenServices = new DefaultTokenServices();
tokenServices.setTokenStore(endpoints.getTokenStore());
tokenServices.setTokenStore(jdbcTokenStore());
tokenServices.setSupportRefreshToken(true);
tokenServices.setClientDetailsService(endpoints.getClientDetailsService());
tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer());
tokenServices.setClientDetailsService(clientDetails());
// tokenServices.setAccessTokenValiditySeconds( (int) TimeUnit.DAYS.toSeconds(30)); // token有效期自定义设置,默认12小时
endpoints.tokenServices(tokenServices);
return tokenServices;
}
@Override
......
......@@ -12,8 +12,8 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.R
* Time:10:46
* ProjectName:Mirco-Service-Skeleton
*/
//@Configuration
//@EnableResourceServer
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter{
@Override
public void configure(HttpSecurity http) throws Exception {
......
......@@ -53,4 +53,5 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/favor.ioc");
}
}
package com.microservice.skeleton.auth.repository;
import com.microservice.skeleton.auth.entity.RcMenuEntity;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.stereotype.Repository;
import java.util.List;
/**
* Created by Mr.Yangxiufeng on 2017/12/29.
* Time:12:39
* ProjectName:Mirco-Service-Skeleton
*/
@Repository
public interface PermissionRepository extends JpaRepository<RcMenuEntity,Integer> {
@Query(value = "select menu.* from rc_menu menu,rc_privilege p where menu.id=p.menu_id and p.role_id=?1",nativeQuery = true)
List<RcMenuEntity> getPermissionsByRoleId(Integer roleId);
}
......@@ -2,8 +2,11 @@ package com.microservice.skeleton.auth.repository;
import com.microservice.skeleton.auth.entity.RcRoleEntity;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.stereotype.Repository;
import java.util.List;
/**
* Created by Mr.Yangxiufeng on 2017/12/27.
* Time:16:09
......@@ -11,4 +14,7 @@ import org.springframework.stereotype.Repository;
*/
@Repository
public interface RoleRepository extends JpaRepository<RcRoleEntity,Integer>{
@Query(value = "select role.* from rc_role role,rc_user_role ur where role.id=ur.role_id and ur.user_id=?1",nativeQuery = true)
List<RcRoleEntity> getRoleValuesByUserId(Integer userId);
}
package com.microservice.skeleton.auth.service;
import com.microservice.skeleton.auth.entity.RcMenuEntity;
import java.util.List;
/**
* Created by Mr.Yangxiufeng on 2017/12/29.
* Time:12:37
* ProjectName:Mirco-Service-Skeleton
*/
public interface PermissionService {
List<RcMenuEntity> getPermissionsByRoleId(Integer roleId);
}
package com.microservice.skeleton.auth.service;
import com.microservice.skeleton.auth.entity.RcRoleEntity;
import java.util.List;
/**
* Created by Mr.Yangxiufeng on 2017/12/29.
* Time:12:30
* ProjectName:Mirco-Service-Skeleton
*/
public interface RoleService {
List<RcRoleEntity> getRoleValuesByUserId(Integer userId);
}
package com.microservice.skeleton.auth.service.impl;
import com.microservice.skeleton.auth.entity.RcMenuEntity;
import com.microservice.skeleton.auth.repository.PermissionRepository;
import com.microservice.skeleton.auth.service.PermissionService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* Created by Mr.Yangxiufeng on 2017/12/29.
* Time:12:38
* ProjectName:Mirco-Service-Skeleton
*/
@Service
public class PermissionServiceImpl implements PermissionService {
@Autowired
private PermissionRepository permissionRepository;
@Override
public List<RcMenuEntity> getPermissionsByRoleId(Integer roleId) {
return permissionRepository.getPermissionsByRoleId(roleId);
}
}
package com.microservice.skeleton.auth.service.impl;
import com.microservice.skeleton.auth.entity.RcRoleEntity;
import com.microservice.skeleton.auth.repository.RoleRepository;
import com.microservice.skeleton.auth.service.RoleService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* Created by Mr.Yangxiufeng on 2017/12/29.
* Time:12:31
* ProjectName:Mirco-Service-Skeleton
*/
@Service
public class RoleServiceImpl implements RoleService {
@Autowired
private RoleRepository roleRepository;
@Override
public List<RcRoleEntity> getRoleValuesByUserId(Integer userId) {
return roleRepository.getRoleValuesByUserId(userId);
}
}
package com.microservice.skeleton.auth.service.impl;
import com.microservice.skeleton.auth.entity.RcMenuEntity;
import com.microservice.skeleton.auth.entity.RcRoleEntity;
import com.microservice.skeleton.auth.entity.RcUserEntity;
import com.microservice.skeleton.auth.service.PermissionService;
import com.microservice.skeleton.auth.service.RoleService;
import com.microservice.skeleton.auth.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
......@@ -22,6 +29,10 @@ import java.util.Set;
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@Autowired
private PermissionService permissionService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
......@@ -34,6 +45,19 @@ public class UserDetailsServiceImpl implements UserDetailsService {
boolean accountNonExpired = true; // 过期性 :true:没过期 false:过期
boolean credentialsNonExpired = true; // 有效性 :true:凭证有效 false:凭证无效
boolean accountNonLocked = true; // 锁定性 :true:未锁定 false:已锁定
List<RcRoleEntity> roleValues = roleService.getRoleValuesByUserId(userEntity.getId());
for (RcRoleEntity role:roleValues){
//角色必须是ROLE_开头,可以在数据库中设置
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ROLE_"+role.getValue());
grantedAuthorities.add(grantedAuthority);
//获取权限
List<RcMenuEntity> permissionList = permissionService.getPermissionsByRoleId(role.getId());
for (RcMenuEntity menu:permissionList
) {
GrantedAuthority authority = new SimpleGrantedAuthority(menu.getCode());
grantedAuthorities.add(authority);
}
}
User user = new User(userEntity.getUsername(), userEntity.getPassword(),
enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, grantedAuthorities);
return user;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册