OAuth2 패스워드 그랜트 타입을 사용하여 사용자 인증
This commit is contained in:
juhyun10
10
README.md
10
README.md
@@ -164,7 +164,17 @@ http://localhost:5555/api/mb/member/name/hyori
|
|||||||
---
|
---
|
||||||
|
|
||||||
***- OAuth2, JWT (Security)***<br />
|
***- OAuth2, JWT (Security)***<br />
|
||||||
|
자세한 설명은 [여기](https://assu10.github.io/dev/2020/09/12/spring-cloud-oauth2.0/) 를 참고
|
||||||
|
|
||||||
|
```shell script
|
||||||
|
HOW TO RUN
|
||||||
|
|
||||||
|
-- 액세스 토큰 획득
|
||||||
|
[POST] http://localhost:8901/auth/oauth/token
|
||||||
|
|
||||||
|
-- 액세스 토큰으로 사용자 정보 조회
|
||||||
|
[GET] http://localhost:8901/auth/user
|
||||||
|
```
|
||||||
---
|
---
|
||||||
|
|
||||||
***- Sleath, Papertrail, Zipkin (Logging Tracker)***<br />
|
***- Sleath, Papertrail, Zipkin (Logging Tracker)***<br />
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ package com.assu.cloud.authservice;
|
|||||||
|
|
||||||
import org.springframework.boot.SpringApplication;
|
import org.springframework.boot.SpringApplication;
|
||||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||||
|
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
|
||||||
import org.springframework.security.core.authority.AuthorityUtils;
|
import org.springframework.security.core.authority.AuthorityUtils;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
|
||||||
@@ -14,6 +15,7 @@ import java.util.Map;
|
|||||||
|
|
||||||
@SpringBootApplication
|
@SpringBootApplication
|
||||||
@RestController
|
@RestController
|
||||||
|
@EnableEurekaClient
|
||||||
@EnableResourceServer
|
@EnableResourceServer
|
||||||
@EnableAuthorizationServer // 이 서비스가 OAuth2 인증 서버가 될 것이라고 스프링 클라우드에 알림
|
@EnableAuthorizationServer // 이 서비스가 OAuth2 인증 서버가 될 것이라고 스프링 클라우드에 알림
|
||||||
public class AuthServiceApplication {
|
public class AuthServiceApplication {
|
||||||
@@ -22,7 +24,8 @@ public class AuthServiceApplication {
|
|||||||
* OAuth2 로 보호되는 서비스에 접근하려고 할 때 사용
|
* OAuth2 로 보호되는 서비스에 접근하려고 할 때 사용
|
||||||
* 보호 서비스로 호출되어 OAuth2 액세스 토큰의 유효성을 검증하고 보호 서비스에 접근하는 사용자 역할 조회
|
* 보호 서비스로 호출되어 OAuth2 액세스 토큰의 유효성을 검증하고 보호 서비스에 접근하는 사용자 역할 조회
|
||||||
*/
|
*/
|
||||||
@RequestMapping(value = { "/user" }, produces = "application/json") // /auth/user 로 매핑
|
//@RequestMapping(value = { "/user" }, produces = "application/json") // /auth/user 로 매핑
|
||||||
|
@RequestMapping(value = "/user") // /auth/user 로 매핑
|
||||||
public Map<String, Object> user(OAuth2Authentication user) {
|
public Map<String, Object> user(OAuth2Authentication user) {
|
||||||
Map<String, Object> userInfo = new HashMap<>();
|
Map<String, Object> userInfo = new HashMap<>();
|
||||||
userInfo.put("user", user.getUserAuthentication().getPrincipal());
|
userInfo.put("user", user.getUserAuthentication().getPrincipal());
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
package com.assu.cloud.authservice.security;
|
package com.assu.cloud.authservice.security;
|
||||||
|
|
||||||
|
import org.springframework.beans.factory.annotation.Qualifier;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
@@ -18,7 +19,7 @@ public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
|
|||||||
private final AuthenticationManager authenticationManager;
|
private final AuthenticationManager authenticationManager;
|
||||||
private final UserDetailsService userDetailsService;
|
private final UserDetailsService userDetailsService;
|
||||||
|
|
||||||
public OAuth2Config(AuthenticationManager authenticationManager, UserDetailsService userDetailsService) {
|
public OAuth2Config(AuthenticationManager authenticationManager, @Qualifier("userDetailsServiceBean") UserDetailsService userDetailsService) {
|
||||||
this.authenticationManager = authenticationManager;
|
this.authenticationManager = authenticationManager;
|
||||||
this.userDetailsService = userDetailsService;
|
this.userDetailsService = userDetailsService;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -3,13 +3,37 @@ package com.assu.cloud.authservice.security;
|
|||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
|
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 사용자 ID, 패스워드, 역할 정의
|
||||||
|
*/
|
||||||
@Configuration
|
@Configuration
|
||||||
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
||||||
@Bean
|
|
||||||
@Override
|
@Override
|
||||||
|
@Bean // 스프링 시큐리티가 인증 처리하는데 사용
|
||||||
public AuthenticationManager authenticationManagerBean() throws Exception {
|
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||||
return super.authenticationManagerBean();
|
return super.authenticationManagerBean();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
@Bean // 스프링 시큐리티에서 반환될 사용자 정보 저장
|
||||||
|
public UserDetailsService userDetailsServiceBean() throws Exception {
|
||||||
|
return super.userDetailsServiceBean();
|
||||||
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
|
PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
|
||||||
|
auth.inMemoryAuthentication()
|
||||||
|
.passwordEncoder(passwordEncoder)
|
||||||
|
.withUser("assuUser").password(passwordEncoder.encode("user1234")).roles("USER")
|
||||||
|
.and()
|
||||||
|
.withUser("assuAdmin").password(passwordEncoder.encode("admin1234")).roles("USER", "ADMIN");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
|
|
||||||
4
auth-service/src/main/resources/application.yaml
Normal file
4
auth-service/src/main/resources/application.yaml
Normal file
@@ -0,0 +1,4 @@
|
|||||||
|
server:
|
||||||
|
port: 8901
|
||||||
|
servlet:
|
||||||
|
contextPath: /auth
|
||||||
8
auth-service/src/main/resources/bootstrap.yaml
Normal file
8
auth-service/src/main/resources/bootstrap.yaml
Normal file
@@ -0,0 +1,8 @@
|
|||||||
|
spring:
|
||||||
|
application:
|
||||||
|
name: auth-service # 서비스 ID (컨피그 클라이언트가 어떤 서비스를 조회하는지 매핑)
|
||||||
|
profiles:
|
||||||
|
active: default # 서비스가 실행할 기본 프로파일
|
||||||
|
cloud:
|
||||||
|
config:
|
||||||
|
uri: http://localhost:8889 # 컨피그 서버 위치
|
||||||
Reference in New Issue
Block a user