没有测试通

build.gradle

@@ -23,6 +23,9 @@ repositories {
 dependencies {
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 	implementation 'org.springframework.boot:spring-boot-starter-security'
+	implementation 'org.springframework.security.oauth:spring-security-oauth2:2.4.0.RELEASE'
+	compile group: 'org.springframework.security', name: 'spring-security-jwt', version: '1.1.0.RELEASE'
+
 	implementation 'org.springframework.boot:spring-boot-starter-web'
 	implementation 'org.springframework.boot:spring-boot-starter-data-redis'
 	implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'

src/main/java/com/aiprose/scauth/conf/AuthcServerConfig.java

@@ -0,0 +1,70 @@
+package com.aiprose.scauth.conf;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
+import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
+
+/**
+ * @author nelson
+ * @desc TODO
+ * @company 北京中经网软件有限公司
+ * @date 2020/11/30 11:10
+ * @since 1.0
+ */
+@Configuration
+@EnableAuthorizationServer
+public class AuthcServerConfig extends AuthorizationServerConfigurerAdapter {
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+
+    /**
+     * 配置一个客户端
+     *
+     * 既可以通过授权码方式获取令牌，也可以通过密码方式获取令牌
+     */
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        clients.inMemory()
+                .withClient("clientId")
+                .secret("secret")
+                .authorizedGrantTypes("authorization_code","password","refresh_token")
+                .scopes("all")
+                .redirectUris("http://localhost:8015/");
+    }
+
+    /** 配置token管理 */
+    @Override
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+        endpoints.tokenStore(new InMemoryTokenStore())
+                .accessTokenConverter(accessTokenConverter())
+                .authenticationManager(authenticationManager)
+                .reuseRefreshTokens(false);
+    }
+
+    /** 配置jwt转换器 */
+    @Bean
+    public JwtAccessTokenConverter accessTokenConverter() {
+        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+        converter.setSigningKey("secret");
+        return converter;
+    }
+
+
+
+    @Override
+    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
+        security.tokenKeyAccess("permitAll()") //允许所有人请求令牌
+                .checkTokenAccess("isAuthenticated()") //已验证的客户端才能请求check_token端点
+                .allowFormAuthenticationForClients();
+    }
+}

src/main/java/com/aiprose/scauth/conf/WebAuthcSecurityConfig.java

@@ -0,0 +1,89 @@
+package com.aiprose.scauth.conf;
+
+import com.aiprose.scauth.entity.User;
+import com.aiprose.scauth.filter.JWTAuthenticationFilter;
+import com.aiprose.scauth.handler.*;
+import com.aiprose.scauth.service.IUserService;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * @author nelson
+ * @desc script配置
+ * @company 北京中经网软件有限公司
+ * @date 2020/11/27 15:32
+ * @since 1.0
+ */
+@Configuration
+@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
+public class WebAuthcSecurityConfig extends WebSecurityConfigurerAdapter {
+    @Autowired
+    private IUserService userService;
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.ignoring().antMatchers("/v3/api-docs/**", "/swagger-resources/**", "/swagger-ui/**","/swagger-ui/index.html");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.cors().and().csrf().disable();
+
+        // 授权配置
+        http.authorizeRequests().antMatchers("/oauth/**").permitAll().anyRequest().authenticated();
+        // 配置登录
+        http.formLogin().permitAll();
+
+        //登录过期、 未登录
+        http.exceptionHandling().authenticationEntryPoint(new LoginExpireHandler());
+        // 配置登录失败后的操作
+        http.formLogin().failureHandler(new LoginFailureHandler());
+        // 配置登录成功后的操作
+        http.formLogin().successHandler(new LoginSuccessHandler());
+
+        //权限不足
+        http.exceptionHandling().accessDeniedHandler(new AuthLimitHandler());
+
+        // 登出授权
+//        http.logout().permitAll();
+        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+        /* 配置token验证过滤器 */
+//        http.addFilterBefore(new JWTAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userDetailsService()).passwordEncoder(new BCryptPasswordEncoder());
+    }
+
+    @Bean
+    public WebMvcConfigurer corsConfigurer() {
+        return new WebMvcConfigurer() {
+            @Override
+            public void addCorsMappings(CorsRegistry registry) {
+                registry.addMapping("/**");
+            }
+        };
+    }
+
+    @Bean
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+}

src/main/java/com/aiprose/scauth/conf/WebSecurityConfig.java

@@ -39,8 +39,8 @@ import java.util.List;
  * @date 2020/11/27 15:32
  * @since 1.0
  */
-@Configuration
-@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
+//@Configuration
+//@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private IUserService userService;