增加前后端分离的单点登录样例工程web-sso

91328ef6 · zlt2000 · 658f4d65 · 91328ef6 · 91328ef6 · 91328ef6
19 changed file
--- a/zlt-demo/sso-demo/README.md
+++ b/zlt-demo/sso-demo/README.md
-## **详细的原理和注意事项请查看**
-[单点登录详解](https://www.kancloud.cn/zlt2000/microservices-platform/1515193)
+* **ss-sso**：使用springSecurity来实现自动单点登录，非前后端分离

+* **web-sso**：前后端分离的单点登录

-
-## 启动以下服务
-
-1. zlt-uaa：统一认证中心
-2. user-center：用户服务
-3. sc-gateway：api网关
-4. back-web：webApp应用前端页面
-5. sso-demo：单点登录demo(zlt应用)
-
-
-
-## 测试步骤
-
-1. 登录webApp应用：
-  通过地址 http://127.0.0.1:8066 先登录webApp应用
-2. 访问zlt应用(单点成功)：
-   在浏览器打开一个新的页签(共享session)，通过地址 http://127.0.0.1:8080 访问zlt应用，单点登录成功显示当前登录用户名、权限、应用id信息
\ No newline at end of file
--- a/zlt-demo/sso-demo/pom.xml
+++ b/zlt-demo/sso-demo/pom.xml
@@ -7,44 +7,12 @@
        <version>3.3.0</version>
    </parent>
    <artifactId>sso-demo</artifactId>
-    <description>单点登录demo</description>
-    
-    <dependencies>
-        <dependency>
-            <groupId>com.zlt</groupId>
-            <artifactId>zlt-common-spring-boot-starter</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-web</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.cloud</groupId>
-            <artifactId>spring-cloud-starter-oauth2</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-thymeleaf</artifactId>
-        </dependency>
-        <dependency>
-            <groupId>com.baomidou</groupId>
-            <artifactId>mybatis-plus-extension</artifactId>
-        </dependency>
-    </dependencies>
+    <packaging>pom</packaging>

-    <build>
-        <plugins>
-            <plugin>
-                <groupId>org.springframework.boot</groupId>
-                <artifactId>spring-boot-maven-plugin</artifactId>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>repackage</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
-        </plugins>
-    </build>
-</project>
+    <modules>
+        <!-- springSecurity单点登录demo -->
+        <module>ss-sso</module>
+        <!-- 前后端分离单点登录demo -->
+        <module>web-sso</module>
+    </modules>
+</project>
\ No newline at end of file
--- a/zlt-demo/sso-demo/ss-sso/README.md
+++ b/zlt-demo/sso-demo/ss-sso/README.md
+## **详细的原理和注意事项请查看**
+[单点登录详解](https://www.kancloud.cn/zlt2000/microservices-platform/1515193)
+
+
+
+## 启动以下服务
+
+1. zlt-uaa：统一认证中心
+2. user-center：用户服务
+3. sc-gateway：api网关
+4. back-web：webApp应用前端页面
+5. ss-sso：单点登录demo(zlt应用)
+
+
+
+## 测试步骤
+
+1. 登录webApp应用：
+    通过地址 http://127.0.0.1:8066 先登录webApp应用
+2. 访问zlt应用(单点成功)：
+   在浏览器打开一个新的页签(共享session)，通过地址 http://127.0.0.1:8080 访问zlt应用，单点登录成功显示当前登录用户名、权限、应用id信息
\ No newline at end of file
--- a/zlt-demo/sso-demo/ss-sso/pom.xml
+++ b/zlt-demo/sso-demo/ss-sso/pom.xml
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>com.zlt</groupId>
+        <artifactId>sso-demo</artifactId>
+        <version>3.3.0</version>
+    </parent>
+    <artifactId>ss-sso</artifactId>
+    <description>springSecurity单点登录demo</description>
+    
+    <dependencies>
+        <dependency>
+            <groupId>com.zlt</groupId>
+            <artifactId>zlt-common-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-oauth2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus-extension</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>repackage</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>
--- a/zlt-demo/sso-demo/src/main/java/com/sso/demo/SSOApplication.java
+++ b/zlt-demo/sso-demo/src/main/java/com/sso/demo/SSOApplication.java
--- a/zlt-demo/sso-demo/src/main/java/com/sso/demo/config/SecurityConfig.java
+++ b/zlt-demo/sso-demo/src/main/java/com/sso/demo/config/SecurityConfig.java
--- a/zlt-demo/sso-demo/src/main/java/com/sso/demo/config/SsoLogoutSuccessHandler.java
+++ b/zlt-demo/sso-demo/src/main/java/com/sso/demo/config/SsoLogoutSuccessHandler.java
--- a/zlt-demo/sso-demo/src/main/java/com/sso/demo/controller/HomeController.java
+++ b/zlt-demo/sso-demo/src/main/java/com/sso/demo/controller/HomeController.java
--- a/zlt-demo/sso-demo/src/main/resources/bootstrap.yml
+++ b/zlt-demo/sso-demo/src/main/resources/bootstrap.yml
@@ -8,7 +8,7 @@ spring:
 zlt:
  api-uaa:
    url: http://127.0.0.1:9900/api-uaa/oauth
-  logout-uri: ${zlt.api-uaa.url}/remove/token?redirectUri=http://127.0.0.1:8080&access_token=
+  logout-uri: ${zlt.api-uaa.url}/remove/token?redirect_uri=http://127.0.0.1:8080&access_token=

 security:
  oauth2:

--- a/zlt-demo/sso-demo/src/main/resources/templates/index.html
+++ b/zlt-demo/sso-demo/src/main/resources/templates/index.html
--- a/zlt-demo/sso-demo/单点登录架构图.jpg
+++ b/zlt-demo/sso-demo/单点登录架构图.jpg
--- a/zlt-demo/sso-demo/web-sso/README.md
+++ b/zlt-demo/sso-demo/web-sso/README.md
+## **详细的原理和注意事项请查看**
+[单点登录详解](https://www.kancloud.cn/zlt2000/microservices-platform/1515193)
+
+
+
+## 启动以下服务
+
+1. zlt-uaa：统一认证中心
+2. user-center：用户服务
+3. sc-gateway：api网关
+4. back-web：webApp应用前端页面
+5. web-sso：单点登录demo(app应用)
+
+
+
+## 测试步骤
+
+1. 登录webApp应用：
+    通过地址 http://127.0.0.1:8066 先登录webApp应用
+2. 访问app应用(单点成功)：
+   在浏览器打开一个新的页签(共享session)，通过地址 http://127.0.0.1:8081/index.html 访问app应用静态页面，单点登录成功显示当前登录用户名、应用id、token信息
\ No newline at end of file
--- a/zlt-demo/sso-demo/web-sso/pom.xml
+++ b/zlt-demo/sso-demo/web-sso/pom.xml
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>com.zlt</groupId>
+        <artifactId>sso-demo</artifactId>
+        <version>3.3.0</version>
+    </parent>
+    <artifactId>web-sso</artifactId>
+    <description>前后端分离单点登录demo</description>
+    
+    <dependencies>
+        <dependency>
+            <groupId>com.zlt</groupId>
+            <artifactId>zlt-common-spring-boot-starter</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>repackage</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+</project>
--- a/zlt-demo/sso-demo/web-sso/src/main/java/com/sso/demo/WebSSOApplication.java
+++ b/zlt-demo/sso-demo/web-sso/src/main/java/com/sso/demo/WebSSOApplication.java
+package com.sso.demo;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * @author zlt
+ * @date 2020/3/10
+ * <p>
+ * Blog: https://blog.csdn.net/zlt2000
+ * Github: https://github.com/zlt2000
+ */
+@SpringBootApplication
+public class WebSSOApplication {
+    public static void main(String[] args) {
+        SpringApplication.run(WebSSOApplication.class, args);
+    }
+}
--- a/zlt-demo/sso-demo/web-sso/src/main/java/com/sso/demo/controller/ApiController.java
+++ b/zlt-demo/sso-demo/web-sso/src/main/java/com/sso/demo/controller/ApiController.java
+package com.sso.demo.controller;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.util.LinkedMultiValueMap;
+import org.springframework.util.MultiValueMap;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.client.RestTemplate;
+import sun.misc.BASE64Encoder;
+
+import java.io.UnsupportedEncodingException;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author zlt
+ * @date 2020/3/10
+ * <p>
+ * Blog: https://blog.csdn.net/zlt2000
+ * Github: https://github.com/zlt2000
+ */
+@RestController
+public class ApiController {
+    @Value("${zlt.sso.client-id:}")
+    private String clientId;
+
+    @Value("${zlt.sso.client-secret:}")
+    private String clientSecret;
+
+    @Value("${zlt.sso.redirect-uri:}")
+    private String redirectUri;
+
+    @Value("${zlt.sso.access-token-uri:}")
+    private String accessTokenUri;
+
+    @Value("${zlt.sso.user-info-uri:}")
+    private String userInfoUri;
+
+    @GetMapping("/token/{code}")
+    public Map tokenInfo(@PathVariable String code) throws UnsupportedEncodingException {
+        //获取token
+        Map tokenMap = getAccessToken(code);
+        String accessToken = (String)tokenMap.get("access_token");
+        //获取用户信息
+        Map userMap = getUserInfo(accessToken);
+
+        Map result = new HashMap(2);
+        result.put("tokenInfo", tokenMap);
+        result.put("userInfo", userMap);
+        return result;
+    }
+
+    /**
+     * 获取token
+     */
+    public Map getAccessToken(String code) throws UnsupportedEncodingException {
+        RestTemplate restTemplate = new RestTemplate();
+        HttpHeaders headers = new HttpHeaders();
+        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
+        byte[] authorization = (clientId + ":" + clientSecret).getBytes("UTF-8");
+        BASE64Encoder encoder = new BASE64Encoder();
+        String base64Auth = encoder.encode(authorization);
+        headers.add("Authorization", "Basic " + base64Auth);
+
+        MultiValueMap<String, String> param = new LinkedMultiValueMap<>();
+        param.add("code", code);
+        param.add("grant_type", "authorization_code");
+        param.add("redirect_uri", redirectUri);
+        param.add("scope", "app");
+        HttpEntity<MultiValueMap<String, String>> request = new HttpEntity<>(param, headers);
+        ResponseEntity<Map> response = restTemplate.postForEntity(accessTokenUri, request , Map.class);
+        Map result = response.getBody();
+        return result;
+    }
+
+    /**
+     * 获取用户信息
+     */
+    public Map getUserInfo(String accessToken) {
+        RestTemplate restTemplate = new RestTemplate();
+        Map result = restTemplate.getForObject(userInfoUri+"?access_token="+accessToken, Map.class);
+        return (Map)result.get("datas");
+    }
+}
--- a/zlt-demo/sso-demo/web-sso/src/main/resources/bootstrap.yml
+++ b/zlt-demo/sso-demo/web-sso/src/main/resources/bootstrap.yml
+server:
+  port: 8081
+
+spring:
+  application:
+    name: sepSso-demo
+
+zlt:
+  sso:
+    client-id: app
+    client-secret: app
+    redirect-uri: http://127.0.0.1:8081/login.html
+    access-token-uri: http://127.0.0.1:9900/api-uaa/oauth/token
+    user-info-uri: http://127.0.0.1:9900/api-user/users/current
\ No newline at end of file
--- a/zlt-demo/sso-demo/web-sso/src/main/resources/static/index.html
+++ b/zlt-demo/sso-demo/web-sso/src/main/resources/static/index.html
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+    <meta charset="utf-8"/>
+    <title>zlt</title>
+    <script type="text/javascript" src="js/jquery-3.2.1.min.js"></script>
+</head>
+<body>
+<div>
+    <p>用户名：<span id="userName"></span></p>
+    <p>应用id：<span id="clientId"></span></p>
+    <p>token：<span id="accessToken"></span></p>
+    <p><input type="button" value="登出" onclick="logout()"/></p>
+</div>
+<script>
+    //应用id
+    let clientId = 'app';
+    //授权中心地址
+    let uaaUri = 'http://127.0.0.1:9900/api-uaa/oauth/';
+
+    window.onload = function() {
+        let accessToken = sessionStorage.getItem('access_token');
+        if (accessToken) {//已登录
+            let username = sessionStorage.getItem('username');
+            $('#accessToken').html(accessToken);
+            $('#userName').html(username);
+            $('#clientId').html(clientId);
+        } else {//未登录
+            sessionStorage.setItem("visitUri", window.location.href);
+            window.location = uaaUri+'authorize?client_id='+clientId+'&redirect_uri=http://127.0.0.1:8081/login.html&response_type=code';
+        }
+    };
+
+    function logout() {
+        let accessToken = sessionStorage.getItem('access_token');
+        sessionStorage.removeItem('access_token');
+        sessionStorage.removeItem('username');
+        window.location = uaaUri+'remove/token?redirect_uri=http://127.0.0.1:8081/index.html&access_token='+accessToken;
+    }
+</script>
+</body>
+</html>
--- a/zlt-demo/sso-demo/web-sso/src/main/resources/static/js/jquery-3.2.1.min.js
+++ b/zlt-demo/sso-demo/web-sso/src/main/resources/static/js/jquery-3.2.1.min.js
--- a/zlt-demo/sso-demo/web-sso/src/main/resources/static/login.html
+++ b/zlt-demo/sso-demo/web-sso/src/main/resources/static/login.html
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
+    <meta charset="utf-8"/>
+    <title>zlt</title>
+    <script type="text/javascript" src="js/jquery-3.2.1.min.js"></script>
+</head>
+<body>
+<script>
+    window.onload = function() {
+        //获取url参数
+        function getQueryVariable(variable) {
+            var query = window.location.search.substring(1);
+            var vars = query.split("&");
+            for (var i=0;i<vars.length;i++) {
+                var pair = vars[i].split("=");
+                if(pair[0] == variable){return pair[1];}
+            }
+            return '';
+        }
+
+        //url获取code
+        let code = getQueryVariable('code');
+        //获取token和用户信息
+        $.ajax({url:'http://127.0.0.1:8081/token/'+code, success:function(result) {
+            console.log(result);
+            sessionStorage.setItem('access_token', result.tokenInfo.access_token);
+            sessionStorage.setItem('username', result.userInfo.username);
+            window.location = sessionStorage.getItem('visitUri');
+        }});
+    };
+</script>
+</body>
+</html>