Merge pull request #7092 from Doha2012/master

upgrade spring security cloud
This commit is contained in:
maibin 2019-06-06 22:58:46 +02:00 committed by GitHub
commit 9d1396b99c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 46 additions and 36 deletions

View File

@ -24,7 +24,7 @@
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-zuul</artifactId>
<artifactId>spring-cloud-starter-netflix-zuul</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
@ -34,14 +34,16 @@
<dependency>
<groupId>org.webjars</groupId>
<artifactId>jquery</artifactId>
<version>${jquery.version}</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>bootstrap</artifactId>
<version>${bootstrap.version}</version>
</dependency>
<dependency>
<groupId>org.webjars</groupId>
<artifactId>webjars-locator</artifactId>
<artifactId>webjars-locator-core</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
@ -62,8 +64,8 @@
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
</dependencies>
@ -89,8 +91,10 @@
</dependencyManagement>
<properties>
<js-cookie.version>2.1.0</js-cookie.version>
<spring-cloud.version>Dalston.SR4</spring-cloud.version>
<js-cookie.version>2.2.0</js-cookie.version>
<spring-cloud.version>Greenwich.SR1</spring-cloud.version>
<jquery.version>3.4.1</jquery.version>
<bootstrap.version>4.3.1</bootstrap.version>
</properties>
</project>

View File

@ -2,7 +2,8 @@
# These are default settings, but we add them for clarity.
server:
port: 8080
contextPath: /
servlet:
context-path: /
# Configure the Authorization Server and User Info Resource Server details
security:
@ -21,6 +22,7 @@ person:
# Proxies the calls to http://localhost:8080/api/* to our REST service at http://localhost:8081/*
# and automatically includes our OAuth2 token in the request headers
zuul:
sensitiveHeaders: Cookie,Set-Cookie
routes:
resource:
path: /api/**

View File

@ -19,8 +19,8 @@
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
@ -30,6 +30,7 @@
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
<version>${spring-jwt.version}</version>
</dependency>
</dependencies>
@ -55,7 +56,8 @@
</build>
<properties>
<spring-cloud.version>Edgware.RELEASE</spring-cloud.version>
<spring-cloud.version>Greenwich.SR1</spring-cloud.version>
<spring-jwt.version>1.0.10.RELEASE</spring-jwt.version>
</properties>
</project>

View File

@ -3,7 +3,7 @@ package com.baeldung.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
@ -11,15 +11,18 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.R
* REST API Resource Server.
*/
@Configuration
@EnableWebSecurity
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true) // Allow method annotations like @PreAuthorize
public class ResourceConfigurer extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http.httpBasic().disable();
http.authorizeRequests().anyRequest().authenticated();
http.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.NEVER)
.and()
.authorizeRequests()
.anyRequest().authenticated();
}
}

View File

@ -5,7 +5,6 @@ server:
# Configure the public key to use for verifying the incoming JWT tokens
security:
sessions: NEVER
oauth2:
resource:
jwt:

View File

@ -38,7 +38,7 @@
</dependencies>
<properties>
<spring-cloud-starter-oauth2.version>1.1.2.RELEASE</spring-cloud-starter-oauth2.version>
<spring-cloud-starter-oauth2.version>2.1.2.RELEASE</spring-cloud-starter-oauth2.version>
</properties>
</project>

View File

@ -9,6 +9,7 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.core.io.Resource;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@ -19,9 +20,7 @@ import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFacto
@Configuration
@EnableAuthorizationServer
@Order(6)
public class AuthServerConfigurer
extends
AuthorizationServerConfigurerAdapter {
public class AuthServerConfigurer extends AuthorizationServerConfigurerAdapter {
@Value("${jwt.certificate.store.file}")
private Resource keystore;
@ -38,6 +37,9 @@ public class AuthServerConfigurer
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@Override
public void configure(
ClientDetailsServiceConfigurer clients)
@ -45,8 +47,8 @@ public class AuthServerConfigurer
clients
.inMemory()
.withClient("authserver")
.secret("passwordforauthserver")
.redirectUris("http://localhost:8080/")
.secret(passwordEncoder.encode("passwordforauthserver"))
.redirectUris("http://localhost:8080/login")
.authorizedGrantTypes("authorization_code",
"refresh_token")
.scopes("myscope")

View File

@ -2,10 +2,10 @@ package com.baeldung.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebMvcConfigurer extends WebMvcConfigurerAdapter {
public class WebMvcConfig implements WebMvcConfigurer {
@Override
public void addViewControllers(ViewControllerRegistry registry) {

View File

@ -6,8 +6,8 @@ import org.springframework.security.config.annotation.authentication.builders.Au
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
@Configuration
@ -34,7 +34,7 @@ public class WebSecurityConfigurer
AuthenticationManagerBuilder auth) throws Exception {
auth
.inMemoryAuthentication()
.withUser("user").password("user")
.withUser("user").password(passwordEncoder().encode("user"))
.roles("USER")
.and()
.withUser("admin").password("admin")
@ -48,5 +48,9 @@ public class WebSecurityConfigurer
return super.userDetailsServiceBean();
}
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}

View File

@ -1,7 +1,8 @@
# Make the application available at http://localhost:7070/authserver
server:
port: 7070
contextPath: /authserver
servlet:
context-path: /authserver
# Our certificate settings for enabling JWT tokens
jwt:
@ -12,10 +13,3 @@ jwt:
key:
alias: myauthkey
password: abirkhan04
security:
oauth2:
resource:
filter-order: 3

View File

@ -8,10 +8,10 @@
<packaging>pom</packaging>
<parent>
<artifactId>parent-boot-1</artifactId>
<artifactId>parent-boot-2</artifactId>
<groupId>com.baeldung</groupId>
<version>0.0.1-SNAPSHOT</version>
<relativePath>../../parent-boot-1</relativePath>
<relativePath>../../parent-boot-2</relativePath>
</parent>
<modules>