a unfinished oauth implement

.gitignore

@@ -1,3 +1,5 @@
+target/
+
 # Created by .ignore support plugin (hsz.mobi)
 ### VisualStudioCode template
 .vscode/*

pom.xml

@@ -13,13 +13,16 @@
     <url>https://github.com/DoneSpeak/spring-security-kit</url>
 
     <modules>
-        <module>parent</module>
-        <module>pom</module>
-        <module>rbac</module>
-        <module>sso</module>
-        <module>auth-app</module>
-        <module>auth-core</module>
-        <module>auth-browser</module>
+        <module>security-parent</module>
+        <module>security-bom</module>
+        <module>security-rbac</module>
+        <module>security-sso</module>
+        <module>security-auth-app</module>
+        <module>security-auth-core</module>
+        <module>security-auth-io.github.donespeak.springsecuritykit.browser</module>
+        <module>social-weixin</module>
+        <module>social-qq</module>
+        <module>security-samples</module>
     </modules>
 
     <properties>

security-auth-app/pom.xml

@@ -6,11 +6,18 @@
         <groupId>io.github.donespeak.springsecuritykit</groupId>
         <artifactId>security-parent</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../parent/pom.xml</relativePath>
+        <relativePath>../security-parent/pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 
-    <artifactId>security-auth</artifactId>
+    <artifactId>security-auth-app</artifactId>
 
-    <name>security-auth</name>
+    <name>security-auth-app</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>io.github.donespeak.springsecuritykit</groupId>
+            <artifactId>security-auth-core</artifactId>
+        </dependency>
+    </dependencies>
 </project>

security-auth-app/src/main/java/io/github/donespeak/springsecuritykit/app/oauth/JwtTokenEnhancer.java

@@ -0,0 +1,28 @@
+package io.github.donespeak.springsecuritykit.app.oauth;
+
+import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.token.TokenEnhancer;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author Yang Guanrong
+ * @date 2020/01/12 20:23
+ */
+public class JwtTokenEnhancer implements TokenEnhancer {
+
+    @Override
+    public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
+        // 可以在这里为jwt增加附加字段
+        Map<String, Object> info = new HashMap<>();
+        info.put("author", "donespeak");
+
+        ((DefaultOAuth2AccessToken)oAuth2AccessToken).setAdditionalInformation(info);
+
+        return oAuth2AccessToken;
+    }
+}
+

security-auth-app/src/main/java/io/github/donespeak/springsecuritykit/app/oauth/OAuthAuthorizationServerConfig.java

@@ -0,0 +1,78 @@
+package io.github.donespeak.springsecuritykit.app.oauth;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.token.TokenEnhancer;
+import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * @author Yang Guanrong
+ * @date 2020/01/12 20:09
+ */
+@Configuration
+@EnableAuthorizationServer
+public class OAuthAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
+
+    @Autowired
+    private UserDetailsService userDetailsService;
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    @Autowired
+    private TokenStore tokenStore;
+
+    @Autowired(required = false)
+    private JwtAccessTokenConverter jwtAccessTokenConverter;
+
+    @Autowired(required = false)
+    private TokenEnhancer jwtTokenEnhancer;
+
+    /**
+     * tokenKey的访问权限表达式配置
+     */
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
+        // TODO 为什么没有生效？
+        // security.tokenKeyAccess("permitAll()");
+    }
+
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        InMemoryClientDetailsServiceBuilder builder = clients.inMemory();
+        builder.withClient("app")
+            .authorizedGrantTypes("password", "refresh_token")
+            .accessTokenValiditySeconds(7200)
+            .refreshTokenValiditySeconds(7200)
+            .scopes("all");
+    }
+
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+        endpoints.tokenStore(tokenStore)
+            .authenticationManager(authenticationManager)
+            .userDetailsService(userDetailsService);
+
+        if(jwtAccessTokenConverter != null && jwtTokenEnhancer != null) {
+            TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
+            List<TokenEnhancer> enhancerList = new ArrayList<>();
+            enhancerList.add(jwtAccessTokenConverter);
+            enhancerList.add(jwtTokenEnhancer);
+            tokenEnhancerChain.setTokenEnhancers(enhancerList);
+            endpoints.tokenEnhancer(tokenEnhancerChain).accessTokenConverter(jwtAccessTokenConverter);
+        }
+    }
+}

security-auth-app/src/main/java/io/github/donespeak/springsecuritykit/app/oauth/OAuthResourceServerConfig.java

@@ -0,0 +1,16 @@
+package io.github.donespeak.springsecuritykit.app.oauth;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
+/**
+ * @author Yang Guanrong
+ * @date 2020/01/12 20:10
+ */
+@Configuration
+@EnableResourceServer
+public class OAuthResourceServerConfig extends ResourceServerConfigurerAdapter {
+
+
+}

security-auth-app/src/main/java/io/github/donespeak/springsecuritykit/app/oauth/TokenStoreConfig.java

@@ -0,0 +1,39 @@
+package io.github.donespeak.springsecuritykit.app.oauth;
+
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.provider.token.TokenEnhancer;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
+
+/**
+ * @author Yang Guanrong
+ * @date 2020/01/12 20:27
+ */
+@Configuration
+public class TokenStoreConfig {
+
+    @Configuration
+    public static class JwtTokenStoreConfig {
+
+        @Bean
+        public TokenStore jwtTokenStore() {
+            return new JwtTokenStore(jwtAccessTokenConverter());
+        }
+
+        @Bean
+        public JwtAccessTokenConverter jwtAccessTokenConverter() {
+            JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+            converter.setSigningKey("jinwandalaohu");
+            return converter;
+        }
+
+        @Bean
+        @ConditionalOnMissingBean(TokenEnhancer.class)
+        public JwtTokenEnhancer jwtTokenEnhancer() {
+            return new JwtTokenEnhancer();
+        }
+    }
+}

security-auth-browser/pom.xml

@@ -7,10 +7,10 @@
         <groupId>io.github.donespeak.springsecuritykit</groupId>
         <artifactId>security-parent</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../parent/pom.xml</relativePath>
+        <relativePath>../security-parent/pom.xml</relativePath>
     </parent>
 
-    <artifactId>security-auth-browser</artifactId>
+    <artifactId>security-auth-io.github.donespeak.springsecuritykit.browser</artifactId>
 
-    <name>security-auth-browser</name>
+    <name>security-auth-io.github.donespeak.springsecuritykit.browser</name>
 </project>

security-auth-core/pom.xml

@@ -7,9 +7,33 @@
         <groupId>io.github.donespeak.springsecuritykit</groupId>
         <artifactId>security-parent</artifactId>
         <version>1.0-SNAPSHOT</version>
-        <relativePath>../parent/pom.xml</relativePath>
+        <relativePath>../security-parent/pom.xml</relativePath>
     </parent>
-    <artifactId>security-core</artifactId>
+    <artifactId>security-auth-core</artifactId>
 
-    <name>security-core</name>
+    <name>security-auth-core</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-oauth2</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-configuration-processor</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-tomcat</artifactId>
+            <scope>provided</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.projectlombok</groupId>
+            <artifactId>lombok</artifactId>
+        </dependency>
+    </dependencies>
 </project>

security-auth-core/src/main/java/io/github/donespeak/springsecuritykit/core/SecurityCoreConfig.java

@@ -0,0 +1,16 @@
+package io.github.donespeak.springsecuritykit.core;
+
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+import io.github.donespeak.springsecuritykit.core.properties.SecurityProperties;
+
+/**
+ * @author Yang Guanrong
+ * @date 2020/01/12 20:03
+ */
+@Configuration
+@EnableConfigurationProperties(SecurityProperties.class)
+public class SecurityCoreConfig {
+
+}