From 0effb30de83d63c39ad5f88e2a3160334af8d3a5 Mon Sep 17 00:00:00 2001 From: smallchill Date: Thu, 8 Jul 2021 17:09:09 +0800 Subject: [PATCH] =?UTF-8?q?:zap:=20=E4=BC=98=E5=8C=96auth=EF=BC=8C?= =?UTF-8?q?=E5=8E=BB=E9=99=A4=E8=BF=87=E6=97=B6=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../BladeResourceServerConfiguration.java | 7 -- .../auth/config/SecurityConfiguration.java | 2 +- .../handler/AppLoginInSuccessHandler.java | 82 ------------------- 3 files changed, 1 insertion(+), 90 deletions(-) delete mode 100644 blade-auth/src/main/java/org/springblade/auth/handler/AppLoginInSuccessHandler.java diff --git a/blade-auth/src/main/java/org/springblade/auth/config/BladeResourceServerConfiguration.java b/blade-auth/src/main/java/org/springblade/auth/config/BladeResourceServerConfiguration.java index 859261d4..206f72ea 100644 --- a/blade-auth/src/main/java/org/springblade/auth/config/BladeResourceServerConfiguration.java +++ b/blade-auth/src/main/java/org/springblade/auth/config/BladeResourceServerConfiguration.java @@ -22,7 +22,6 @@ import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; /** * 自定义登录成功配置 @@ -34,17 +33,11 @@ import org.springframework.security.web.authentication.AuthenticationSuccessHand @EnableResourceServer public class BladeResourceServerConfiguration extends ResourceServerConfigurerAdapter { - /** - * 自定义登录成功处理器 - */ - private final AuthenticationSuccessHandler appLoginInSuccessHandler; - @Override @SneakyThrows public void configure(HttpSecurity http) { http.headers().frameOptions().disable(); http.formLogin() - .successHandler(appLoginInSuccessHandler) .and() .authorizeRequests() .antMatchers( diff --git a/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java b/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java index eaf5cf59..41bfb468 100644 --- a/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java +++ b/blade-auth/src/main/java/org/springblade/auth/config/SecurityConfiguration.java @@ -50,7 +50,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { @Override @SneakyThrows protected void configure(HttpSecurity http) { - http.httpBasic().and().csrf().disable(); + http.httpBasic().and().csrf().disable().authorizeRequests().anyRequest().fullyAuthenticated(); } } diff --git a/blade-auth/src/main/java/org/springblade/auth/handler/AppLoginInSuccessHandler.java b/blade-auth/src/main/java/org/springblade/auth/handler/AppLoginInSuccessHandler.java deleted file mode 100644 index 6b602858..00000000 --- a/blade-auth/src/main/java/org/springblade/auth/handler/AppLoginInSuccessHandler.java +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions are met: - * - * Redistributions of source code must retain the above copyright notice, - * this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * Neither the name of the dreamlu.net developer nor the names of its - * contributors may be used to endorse or promote products derived from - * this software without specific prior written permission. - * Author: Chill 庄骞 (smallchill@163.com) - */ -package org.springblade.auth.handler; - -import lombok.AllArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import org.springblade.auth.utils.TokenUtil; -import org.springblade.core.tool.jackson.JsonUtil; -import org.springframework.http.MediaType; -import org.springframework.security.core.Authentication; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.oauth2.common.OAuth2AccessToken; -import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException; -import org.springframework.security.oauth2.provider.*; -import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; -import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; -import org.springframework.stereotype.Component; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.util.HashMap; - -/** - * APP登录成功处理器 - * - * @author Chill - */ -@Slf4j -@AllArgsConstructor -@Component("appLoginInSuccessHandler") -public class AppLoginInSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler { - - private final PasswordEncoder passwordEncoder; - - private final ClientDetailsService clientDetailsService; - - private final AuthorizationServerTokenServices authorizationServerTokenServices; - - @Override - public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws ServletException, IOException { - log.info("【AppLoginInSuccessHandler】 onAuthenticationSuccess authentication={}", authentication); - - String[] tokens = TokenUtil.extractAndDecodeHeader(); - if (tokens.length != 2) { - throw new UnapprovedClientAuthenticationException("client对应的配置信息不存在"); - } - String clientId = tokens[0]; - String clientSecret = tokens[1]; - - ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId); - if (clientDetails == null) { - throw new UnapprovedClientAuthenticationException("clientId 对应的配置信息不存在" + clientId); - } else if (!passwordEncoder.matches(clientSecret, clientDetails.getClientSecret())) { - throw new UnapprovedClientAuthenticationException("clientSecret 不匹配" + clientId); - } - - TokenRequest tokenRequest = new TokenRequest(new HashMap<>(16), clientId, clientDetails.getScope(), "app"); - OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails); - OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication); - OAuth2AccessToken token = authorizationServerTokenServices.createAccessToken(oAuth2Authentication); - - response.setContentType(MediaType.APPLICATION_JSON_UTF8_VALUE); - response.getWriter().write(JsonUtil.toJson(token)); - } - -}