mindol1004/ddd-gateway
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

게이트웨이 토큰 인증

Browse Source
This commit is contained in:
kimscott
2019-09-17 10:11:16 +09:00
parent 904d5d1780
commit 04b7ecd793
5 changed files with 142 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
cloudbuild.yaml
View File

@@ -1,4 +1,11 @@
steps: steps:
- id: 'build'
name: 'gcr.io/cloud-builders/mvn'
args: [
'clean',
'package',
'-Dmaven.test.skip=true'
]
### Build ### Build
- id: 'build' - id: 'build'
name: 'gcr.io/cloud-builders/docker' name: 'gcr.io/cloud-builders/docker'

48
pom.xml
View File

@@ -15,20 +15,46 @@
<properties> <properties>
<java.version>1.8</java.version> <java.version>1.8</java.version>
<spring-cloud.version>Greenwich.RELEASE</spring-cloud.version> <spring-cloud.version>Greenwich.SR2</spring-cloud.version>
</properties> </properties>
<dependencies> <dependencies>
<!-- Add Stackdriver Trace Starter --> <!-- Add Stackdriver Trace Starter -->
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-actuator</artifactId> <artifactId>spring-boot-actuator</artifactId>
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.springframework.cloud</groupId> <groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId> <artifactId>spring-cloud-starter-gateway</artifactId>
</dependency> </dependency>
</dependencies>
<!-- Add spring security -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-webflux</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-jose</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-resource-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
</dependency>
</dependencies>
<dependencyManagement> <dependencyManagement>
<dependencies> <dependencies>

62
src/main/java/com/example/template/JwkSetEndpointConfiguration.java
View File

@@ -1,31 +1,31 @@
//package com.example.template; package com.example.template;
//
//import com.nimbusds.jose.jwk.JWKSet; import com.nimbusds.jose.jwk.JWKSet;
//import com.nimbusds.jose.jwk.RSAKey; import com.nimbusds.jose.jwk.RSAKey;
//import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpoint; import org.springframework.security.oauth2.provider.endpoint.FrameworkEndpoint;
//import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
//import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseBody;
//import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
//
//import java.security.KeyPair; import java.security.KeyPair;
//import java.security.Principal; import java.security.Principal;
//import java.security.interfaces.RSAPublicKey; import java.security.interfaces.RSAPublicKey;
//import java.util.Map; import java.util.Map;
//
//@FrameworkEndpoint @FrameworkEndpoint
//@RestController @RestController
//public class JwkSetEndpointConfiguration { public class JwkSetEndpointConfiguration {
// KeyPair keyPair; KeyPair keyPair;
//
// public JwkSetEndpointConfiguration(KeyPair keyPair) { public JwkSetEndpointConfiguration(KeyPair keyPair) {
// this.keyPair = keyPair; this.keyPair = keyPair;
// } }
//
// @GetMapping("/.well-known/jwks.json") @GetMapping("/.well-known/jwks.json")
// @ResponseBody @ResponseBody
// public Map<String, Object> getKey(Principal principal) { public Map<String, Object> getKey(Principal principal) {
// RSAPublicKey publicKey = (RSAPublicKey) this.keyPair.getPublic(); RSAPublicKey publicKey = (RSAPublicKey) this.keyPair.getPublic();
// RSAKey key = new RSAKey.Builder(publicKey).build(); RSAKey key = new RSAKey.Builder(publicKey).build();
// return new JWKSet(key).toJSONObject(); return new JWKSet(key).toJSONObject();
// } }
//} }

84
src/main/java/com/example/template/ResourceServerConfiguration.java
View File

@@ -1,42 +1,42 @@
//package com.example.template; package com.example.template;
//import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
//import org.springframework.core.io.ClassPathResource; import org.springframework.core.io.ClassPathResource;
//import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity; import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
//import org.springframework.security.config.web.server.ServerHttpSecurity; import org.springframework.security.config.web.server.ServerHttpSecurity;
//import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory; import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
//import org.springframework.security.web.server.SecurityWebFilterChain; import org.springframework.security.web.server.SecurityWebFilterChain;
//
//import java.security.KeyPair; import java.security.KeyPair;
//
//@Configuration @Configuration
//@EnableWebFluxSecurity @EnableWebFluxSecurity
//public class ResourceServerConfiguration { public class ResourceServerConfiguration {
//
// @Bean @Bean
// SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception { SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) throws Exception {
//
// http http
// .cors().and() .cors().and()
// .csrf().disable() .csrf().disable()
// .authorizeExchange() .authorizeExchange()
// .pathMatchers("/oauth/**","/login/**","/.well-known/jwks.json").permitAll() .pathMatchers("/oauth/**","/login/**","/.well-known/jwks.json").permitAll()
// .anyExchange().authenticated() .anyExchange().authenticated()
// .and() .and()
// .oauth2ResourceServer() .oauth2ResourceServer()
// .jwt() .jwt()
// ; ;
//
// return http.build(); return http.build();
// } }
//
// @Bean @Bean
// public KeyPair makeKeyPair(){ public KeyPair makeKeyPair(){
// KeyPair keyPair = new KeyStoreKeyFactory( KeyPair keyPair = new KeyStoreKeyFactory(
// new ClassPathResource("server.jks"), "qweqwe".toCharArray()) new ClassPathResource("server.jks"), "qweqwe".toCharArray())
// .getKeyPair("uengine", "qweqwe".toCharArray()); .getKeyPair("uengine", "qweqwe".toCharArray());
// return keyPair; return keyPair;
// } }
//
//
//} }

37
src/main/resources/application.yml
View File

@@ -5,20 +5,20 @@ server:
--- ---
spring: spring:
profiles: default profiles: default
# security: security:
# oauth2: oauth2:
# resourceserver: resourceserver:
# jwt: jwt:
# jwk-set-uri: http://localhost:8080/.well-known/jwks.json jwk-set-uri: http://localhost:8080/.well-known/jwks.json
cloud: cloud:
gateway: gateway:
routes: routes:
- id: product - id: product
uri: http://localhost:8085 uri: http://localhost:8085
predicates: predicates:
- Path=/products/** - Path=/product/**
- id: goods - id: goods
uri: http://localhost:8085 uri: http://product:8085
predicates: predicates:
- Path=/goods/** - Path=/goods/**
- id: order - id: order
@@ -66,15 +66,19 @@ spring:
- id: product - id: product
uri: http://product:8080 uri: http://product:8080
predicates: predicates:
- Path=/product/** - Path=/products/**
- id: goods
uri: http://product:8080
predicates:
- Path=/goods/**
- id: order - id: order
uri: http://order:8080 uri: http://order:8080
predicates: predicates:
- Path=/order/** - Path=/orders/**
- id: delivery - id: delivery
uri: http://delivery:8080 uri: http://delivery:8080
predicates: predicates:
- Path=/deliveries/** - Path=/deliveryies/**
- id: marketing - id: marketing
uri: http://marketing:8080 uri: http://marketing:8080
predicates: predicates:
@@ -82,7 +86,15 @@ spring:
- id: servicecenter - id: servicecenter
uri: http://servicecenter:8080 uri: http://servicecenter:8080
predicates: predicates:
- Path=/customers/** - Path=/serveys/**
- id: mypage
uri: http://mypage:8080
predicates:
- Path=/users/**,/mypage/**
- id: oauth
uri: http://oauth:8080
predicates:
- Path=/oauth/**
globalcors: globalcors:
corsConfigurations: corsConfigurations:
'[/**]': '[/**]':
@@ -93,5 +105,6 @@ spring:
allowedHeaders: allowedHeaders:
- "*" - "*"
allowCredentials: true allowCredentials: true
server: server:
port: 8080 port: 8080