Merge branch 'master' of https://gitee.com/zouxuan/mec

mec-gateway/mec-gateway-web/src/main/java/com/ym/mec/gateway/web/config/SwaggerDocumentConfig.java

@@ -21,6 +21,7 @@ public class SwaggerDocumentConfig implements SwaggerResourcesProvider {
 		resources.add(swaggerResource("授权服务", "/auth-server/v2/api-docs", "2.0"));
 		resources.add(swaggerResource("CMS服务", "/cms-server/v2/api-docs", "2.0"));
 		resources.add(swaggerResource("WEB服务", "/web-server/v2/api-docs", "2.0"));
+		resources.add(swaggerResource("TASK服务", "/task-server/v2/api-docs", "2.0"));
 		return resources;
 	}
 

mec-task/pom.xml

@@ -19,6 +19,12 @@
 	</properties>
 
 	<dependencies>
+	
+		<dependency>
+			<groupId>org.springframework.cloud</groupId>
+			<artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
+		</dependency>
+		
 		<dependency>
 			<groupId>com.ym</groupId>
 			<artifactId>common-core</artifactId>

mec-task/src/main/java/com/ym/mec/task/security/ResourceConfig.java

@@ -15,6 +15,6 @@ public class ResourceConfig extends ResourceServerConfigurerAdapter {
 	public void configure(HttpSecurity http) throws Exception {
 		http.csrf().disable().exceptionHandling()
 				.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED)).and()
-				.authorizeRequests().anyRequest().authenticated().and().httpBasic();
+				.authorizeRequests().antMatchers("/v2/api-docs").permitAll().anyRequest().authenticated().and().httpBasic();
 	}
 }

mec-web/src/main/java/com/ym/mec/web/WebApplication.java

@@ -1,6 +1,5 @@
 package com.ym.mec.web;
 
-import com.spring4all.swagger.EnableSwagger2Doc;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
@@ -12,25 +11,23 @@ import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.client.RestTemplate;
 
-/**
- * Hello world!
- *
- */
+import com.spring4all.swagger.EnableSwagger2Doc;
+
 @SpringBootApplication
 @EnableDiscoveryClient
 @EnableFeignClients
 @MapperScan("com.ym.mec.web.dal.dao")
-//@ComponentScan(basePackages="com.ym.mec.web")
+@ComponentScan(basePackages = "com.ym.mec.web")
 @Configuration
 @EnableSwagger2Doc
 public class WebApplication {
-    public static void main( String[] args ){
-        SpringApplication.run(WebApplication.class, args);
-    }
+	public static void main(String[] args) {
+		SpringApplication.run(WebApplication.class, args);
+	}
 
-    @Bean
-    @LoadBalanced
-    public RestTemplate restTemplate() {
-        return new RestTemplate();
-    }
+	@Bean
+	@LoadBalanced
+	public RestTemplate restTemplate() {
+		return new RestTemplate();
+	}
 }

mec-web/src/main/java/com/ym/mec/web/config/AuthorizationServerConfig.java

@@ -1,76 +0,0 @@
-package com.ym.mec.web.config;
-
-import com.ym.mec.common.constant.CommonConstants;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.data.redis.connection.RedisConnectionFactory;
-import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
-import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
-import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
-import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
-import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
-import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
-
-import javax.sql.DataSource;
-
-/**
- * 授权服务器配置
- */
-@Configuration
-@EnableAuthorizationServer
-public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
-
-	@Autowired
-	private RedisConnectionFactory connectionFactory;
-
-	@Autowired
-	private DataSource dataSource;
-
-	@Override
-	public void configure(AuthorizationServerEndpointsConfigurer endpoints){
-		endpoints
-				.tokenServices(defaultTokenServices())
-				.tokenStore(redisTokenStore());
-	}
-
-	@Override
-	public void configure(AuthorizationServerSecurityConfigurer security){
-		security.tokenKeyAccess("isAuthenticated()")
-				.checkTokenAccess("permitAll()")
-				.allowFormAuthenticationForClients();
-	}
-
-	@Override
-	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
-
-		JdbcClientDetailsService clientDetailsService = new JdbcClientDetailsService(dataSource);
-
-		clientDetailsService
-				.setSelectClientDetailsSql("select id_, CONCAT('{noop}',client_secret_) as client_secret, resource_ids_, scope_, authorized_grant_types_, web_server_redirect_uri_, authorities_, access_token_validity_, refresh_token_validity_, additional_information_, autoapprove_ from sys_oauth_client_details where id_ = ?");
-		clientDetailsService
-				.setFindClientDetailsSql("select id_, CONCAT('{noop}',client_secret_) as client_secret, resource_ids_, scope_, authorized_grant_types_, web_server_redirect_uri_, authorities_, access_token_validity_, refresh_token_validity_, additional_information_, autoapprove_ from sys_oauth_client_details order by id_");
-
-		clients.withClientDetails(clientDetailsService);
-	}
-
-	@Bean
-	public RedisTokenStore redisTokenStore() {
-		RedisTokenStore tokenStore = new RedisTokenStore(connectionFactory);
-		tokenStore.setPrefix(CommonConstants.OAUTH_PREFIX);
-		return tokenStore;
-	}
-
-	@Bean
-	public DefaultTokenServices defaultTokenServices() {
-		DefaultTokenServices tokenServices = new DefaultTokenServices();
-		tokenServices.setTokenStore(redisTokenStore());
-		tokenServices.setSupportRefreshToken(true);
-		tokenServices.setAccessTokenValiditySeconds(60 * 60 * 24); // token有效期自定义设置，默认12小时
-		tokenServices.setRefreshTokenValiditySeconds(60 * 60 * 24 * 30);// 默认30天，这里修改
-		return tokenServices;
-	}
-
-}

mec-web/src/main/java/com/ym/mec/web/config/ResourceConfig.java

@@ -0,0 +1,21 @@
+package com.ym.mec.web.config;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
+@Configuration
+@EnableResourceServer
+public class ResourceConfig extends ResourceServerConfigurerAdapter {
+
+	@Override
+	public void configure(HttpSecurity http) throws Exception {
+		http.csrf().disable().exceptionHandling()
+				.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED)).and()
+				.authorizeRequests().antMatchers("/v2/api-docs").permitAll().anyRequest().authenticated().and().httpBasic();
+	}
+
+}

mec-web/src/main/java/com/ym/mec/web/config/ResourceServerConfig.java

@@ -1,27 +0,0 @@
-package com.ym.mec.web.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
-
-/**
- * 资源服务器配置
- */
-@Configuration
-@EnableResourceServer
-public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
-
-	//Http安全配置，对每个到达系统的http请求链接进行校验
-	@Override
-	public void configure(HttpSecurity http) throws Exception {
-		//所有请求必须认证通过
-		http.authorizeRequests()
-				//下边的路径放行
-				.antMatchers("/v2/api-docs", "/swagger-resources/configuration/ui",
-						"/swagger-resources","/swagger-resources/configuration/security",
-						"/swagger-ui.html","/course/coursebase/**").permitAll()
-				.anyRequest().authenticated();
-	}
-
-}

mec-web/src/main/java/com/ym/mec/web/config/WebSecurityConfig.java

@@ -1,21 +0,0 @@
-package com.ym.mec.web.config;
-
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-
-@Configuration
-@EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)//会拦截注解了@PreAuthrize注解的配置.
-public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
-
-	@Override
-	public void configure(WebSecurity web){
-		web.ignoring().antMatchers("/v2/api-docs", "/swagger-resources/configuration/ui",
-				"/swagger-resources","/swagger-resources/configuration/security",
-				"/swagger-ui.html","/course/coursebase/**");
-	}
-
-}

mec-web/src/main/resources/application.yml

@@ -54,6 +54,15 @@ mybatis:
     
 swagger:
   base-package: com.ym.mec.web.controller
+ 
+##认证 
+security:
+  oauth2:
+    client:
+      client-id: app
+      client-secret: app
+    resource:
+      token-info-uri: http://localhost:8001/oauth/check_token
   
 #spring boot admin 相关配置
 management: