增加山东用户中心token接口的引用

2020-12-30 15:10:34 +08:00
parent 4c41e73ab1
commit e821e2b0ad
7 changed files with 142 additions and 8 deletions
--- a/mall-ebtp-cloud-security-starter/pom.xml
+++ b/mall-ebtp-cloud-security-starter/pom.xml
@ -4,33 +4,31 @@
 	xmlns="http://maven.apache.org/POM/4.0.0"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 	<modelVersion>4.0.0</modelVersion>
 	<parent>
 		<groupId>com.chinaunicom.ebtp</groupId>
 		<artifactId>mall-ebtp-cloud-parent</artifactId>
 		<version>0.0.1</version>
 		<relativePath>../mall-ebtp-cloud-parent</relativePath>
 	</parent>
 	<groupId>com.chinaunicom.ebtp</groupId>
 	<artifactId>mall-ebtp-cloud-security-starter</artifactId>
 	<version>0.0.1</version>
 	<name>mall-ebtp-cloud-security-starter</name>
 	<dependencies>
 		<dependency>
 			<groupId>cn.chinaunicom.sdsi</groupId>
 			<artifactId>unifast-security</artifactId>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.cloud</groupId>
 			<artifactId>spring-cloud-security</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.cloud</groupId>
+			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-cloud-starter-oauth2</artifactId>
+			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.springframework.security.oauth</groupId>
+			<groupId>org.apache.commons</groupId>
-			<artifactId>spring-security-oauth2</artifactId>
+			<artifactId>commons-lang3</artifactId>
 		</dependency>
 	</dependencies>
 </project>
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/SecurityStarterConfiguration.java
@ -1,10 +1,17 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.PropertySource;
 import org.springframework.web.client.RestTemplate;
@Configuration
@PropertySource("classpath:security-configuration.properties")
 public class SecurityStarterConfiguration {
 	@Bean
 	public RestTemplate restTemplate() {
 		return new RestTemplate();
 	}
 }
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java
@ -0,0 +1,11 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter.common;
 /**
 * @author Ajaxfan
 */
 public interface Constants {
 	public static final String AUTHORIZATION_HEADER = "Authorization";
 	public static final String TOKEN_PREFIX = "Bearer ";
 }
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/config/BrowserSecurityConfig.java
@ -0,0 +1,37 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter.config;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import com.chinaunicom.mall.ebtp.cloud.security.starter.filter.TokenAuthenticationFilter;
 /**
 * 安全设置
 * 
 * @author Ajaxfan
 */
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true, securedEnabled = true)
 public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter {
 	@Bean
 	public TokenAuthenticationFilter authenticationTokenFilterBean() {
 		return new TokenAuthenticationFilter();
 	}
 	/**
 	 * 向Filter链中插入自定义TokenFilter
 	 * 
 	 * @param http
 	 * @throws Exception
 	 */
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
 		http.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
 	}
 }
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
@ -0,0 +1,76 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
 import java.io.IOException;
 import java.util.Map;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.RegExUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.client.RestTemplate;
 import org.springframework.web.filter.OncePerRequestFilter;
 import com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants;
 /**
 * 请求Token拦截
 * 
 * @author Ajaxfan
 */
 public class TokenAuthenticationFilter extends OncePerRequestFilter {
 	private @Autowired RestTemplate restTemplate;
 	private @Value("${user.auth.resource.token-info-uri}") String token_uri;
 	/**
 	 * @param request
 	 * @param response
 	 * @param filterChain
 	 * @throws ServletException
 	 * @throws IOException
 	 */
 	@Override
 	protected void doFilterInternal(final HttpServletRequest request, final HttpServletResponse response,
 			final FilterChain filterChain) throws ServletException, IOException {
 		// 提取request头信息
 		final String header = request.getHeader(Constants.AUTHORIZATION_HEADER);
 		// 检查请求头是否包含 Bearer 前缀
 		if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) {
 			// 提取 token 信息
 			String authToken = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, "");
 			// 通过token读取用户信息
 			SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken));
 		}
 		filterChain.doFilter(request, response);
 	}
 	/**
 	 * @param token
 	 * @return
 	 */
 	private Authentication getAuthentication(String token) {
 		ResponseEntity<Map> entity = restTemplate.getForEntity(createRequestUri(token), Map.class);
 		return new UsernamePasswordAuthenticationToken(entity.getBody(), token);
 	}
 	/**
 	 * @param token
 	 * @return
 	 */
 	private String createRequestUri(String token) {
 		return new StringBuilder(token_uri).append("?token=").append(token).toString();
 	}
 }
--- a/mall-ebtp-cloud-security-starter/src/main/resources/META-INF/spring.factories
+++ b/mall-ebtp-cloud-security-starter/src/main/resources/META-INF/spring.factories
@ -0,0 +1,4 @@
 # AutoConfiguration
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
 com.chinaunicom.mall.ebtp.cloud.security.starter.SecurityStarterConfiguration,\
 com.chinaunicom.mall.ebtp.cloud.security.starter.config.BrowserSecurityConfig
--- a/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
+++ b/mall-ebtp-cloud-security-starter/src/main/resources/security-configuration.properties
@ -0,0 +1 @@
 user.auth.resource.token-info-uri=http://125.32.114.204:18091/oauth/check_token
		`@ -0,0 +1 @@`
							`user.auth.resource.token-info-uri=http://125.32.114.204:18091/oauth/check_token`