Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
L
long-tern-care-service
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
hubin
long-tern-care-service
Commits
0ff5381a
Commit
0ff5381a
authored
Feb 09, 2023
by
maqing
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
RSA密码加密
parent
d1f18992
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
31 additions
and
5 deletions
+31
-5
AuthController.java
...main/java/com/hungraim/ltc/controller/AuthController.java
+15
-1
PublicKeyController.java
...java/com/hungraim/ltc/controller/PublicKeyController.java
+5
-0
WebSecurityConfig.java
...va/com/hungraim/ltc/gateway/config/WebSecurityConfig.java
+9
-2
ResourceServerConfig.java
...com/hungraim/ltc/gateway/config/ResourceServerConfig.java
+1
-1
AuthorizationManager.java
...m/hungraim/ltc/gateway/security/AuthorizationManager.java
+1
-1
No files found.
auth-service/src/main/java/com/hungraim/ltc/controller/AuthController.java
View file @
0ff5381a
...
@@ -4,11 +4,15 @@ import com.hungraim.ltc.util.CsoftSecurityUtil;
...
@@ -4,11 +4,15 @@ import com.hungraim.ltc.util.CsoftSecurityUtil;
import
com.hungraim.ltc.util.Result
;
import
com.hungraim.ltc.util.Result
;
import
lombok.AllArgsConstructor
;
import
lombok.AllArgsConstructor
;
import
lombok.SneakyThrows
;
import
lombok.SneakyThrows
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.oauth2.common.OAuth2AccessToken
;
import
org.springframework.security.oauth2.common.OAuth2AccessToken
;
import
org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
;
import
org.springframework.security.oauth2.provider.endpoint.TokenEndpoint
;
import
org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
;
import
org.springframework.web.bind.annotation.*
;
import
org.springframework.web.bind.annotation.*
;
import
java.security.NoSuchAlgorithmException
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
java.security.Principal
;
import
java.security.Principal
;
import
java.util.Map
;
import
java.util.Map
;
...
@@ -21,6 +25,7 @@ import java.util.Map;
...
@@ -21,6 +25,7 @@ import java.util.Map;
@RequestMapping
(
"/oauth"
)
@RequestMapping
(
"/oauth"
)
@AllArgsConstructor
@AllArgsConstructor
public
class
AuthController
{
public
class
AuthController
{
private
final
TokenEndpoint
tokenEndpoint
;
private
final
TokenEndpoint
tokenEndpoint
;
@PostMapping
(
"/token"
)
@PostMapping
(
"/token"
)
...
@@ -43,6 +48,15 @@ public class AuthController {
...
@@ -43,6 +48,15 @@ public class AuthController {
return
Result
.
success
(
keyMap
.
get
(
0
).
toString
());
return
Result
.
success
(
keyMap
.
get
(
0
).
toString
());
}
}
@GetMapping
(
"/authLogout"
)
public
Result
authLogout
(
HttpServletRequest
request
,
HttpServletResponse
response
)
{
Authentication
auth
=
SecurityContextHolder
.
getContext
().
getAuthentication
();
//清除认证
if
(
auth
!=
null
)
{
new
SecurityContextLogoutHandler
().
logout
(
request
,
response
,
auth
);
}
return
Result
.
success
();
}
}
}
auth-service/src/main/java/com/hungraim/ltc/controller/PublicKeyController.java
View file @
0ff5381a
...
@@ -7,10 +7,15 @@ import com.nimbusds.jose.jwk.RSAKey;
...
@@ -7,10 +7,15 @@ import com.nimbusds.jose.jwk.RSAKey;
import
lombok.AllArgsConstructor
;
import
lombok.AllArgsConstructor
;
import
lombok.SneakyThrows
;
import
lombok.SneakyThrows
;
import
lombok.extern.slf4j.Slf4j
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
;
import
org.springframework.web.bind.annotation.GetMapping
;
import
org.springframework.web.bind.annotation.GetMapping
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RequestMapping
;
import
org.springframework.web.bind.annotation.RestController
;
import
org.springframework.web.bind.annotation.RestController
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
java.security.KeyPair
;
import
java.security.KeyPair
;
import
java.security.interfaces.RSAPublicKey
;
import
java.security.interfaces.RSAPublicKey
;
import
java.util.Map
;
import
java.util.Map
;
...
...
auth-service/src/main/java/com/hungraim/ltc/gateway/config/WebSecurityConfig.java
View file @
0ff5381a
...
@@ -11,6 +11,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
...
@@ -11,6 +11,8 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
import
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
;
import
org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
import
org.springframework.security.crypto.password.PasswordEncoder
;
import
org.springframework.security.crypto.password.PasswordEncoder
;
import
org.springframework.security.web.authentication.logout.LogoutHandler
;
import
org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
;
/**
/**
...
@@ -33,8 +35,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
...
@@ -33,8 +35,13 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
.
authorizeRequests
().
requestMatchers
(
EndpointRequest
.
toAnyEndpoint
()).
permitAll
()
.
authorizeRequests
().
requestMatchers
(
EndpointRequest
.
toAnyEndpoint
()).
permitAll
()
.
and
()
.
and
()
.
authorizeRequests
()
.
authorizeRequests
()
.
antMatchers
(
"/getPublicKey"
,
"/oauth/token"
,
"/genKeyPair"
,
"/oauth/genKeyPair"
).
permitAll
()
.
antMatchers
(
"/getPublicKey"
,
"/oauth/*"
).
permitAll
()
.
anyRequest
().
authenticated
();
.
anyRequest
().
authenticated
()
.
and
()
.
logout
()
.
logoutUrl
(
"/oauth/logout"
)
.
invalidateHttpSession
(
true
);
}
}
/**
/**
...
...
gateway-service/src/main/java/com/hungraim/ltc/gateway/config/ResourceServerConfig.java
View file @
0ff5381a
...
@@ -51,7 +51,7 @@ public class ResourceServerConfig {
...
@@ -51,7 +51,7 @@ public class ResourceServerConfig {
http
.
oauth2ResourceServer
().
jwt
()
http
.
oauth2ResourceServer
().
jwt
()
.
jwtAuthenticationConverter
(
jwtAuthenticationConverter
());
.
jwtAuthenticationConverter
(
jwtAuthenticationConverter
());
http
.
authorizeExchange
()
http
.
authorizeExchange
()
.
pathMatchers
(
"/api/oauth/token"
,
"/oauth/token"
,
"/oauth/genKeyPair
"
,
"/api/oauth/genKeyPair"
).
permitAll
()
.
pathMatchers
(
"/api/oauth/token"
,
"/oauth/*
"
,
"/api/oauth/genKeyPair"
).
permitAll
()
.
anyExchange
().
access
(
authorizationManager
)
.
anyExchange
().
access
(
authorizationManager
)
.
and
()
.
and
()
.
exceptionHandling
()
.
exceptionHandling
()
...
...
gateway-service/src/main/java/com/hungraim/ltc/gateway/security/AuthorizationManager.java
View file @
0ff5381a
...
@@ -77,7 +77,7 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
...
@@ -77,7 +77,7 @@ public class AuthorizationManager implements ReactiveAuthorizationManager<Author
}
}
log
.
info
(
"require authorities:{}"
,
authorities
);
log
.
info
(
"require authorities:{}"
,
authorities
);
//
认证通过且角色匹配的用户可访问当前路径
//
认证通过且角色匹配的用户可访问当前路径
// return mono.map(auth -> {
// return mono.map(auth -> {
// return new AuthorizationDecision(true);
// return new AuthorizationDecision(true);
// }).defaultIfEmpty(new AuthorizationDecision(false));
// }).defaultIfEmpty(new AuthorizationDecision(false));
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment