social + base login

authorization-server/build.gradle

@@ -25,12 +25,13 @@ ext {
 
 dependencies {
     compile('org.springframework.security:spring-security-oauth2-client')
-    compile('org.springframework.security:spring-security-oauth2-jose')
+//    compile('org.springframework.security:spring-security-oauth2-jose')
     
     implementation 'org.springframework.boot:spring-boot-starter-actuator'
     implementation 'org.springframework.boot:spring-boot-starter-freemarker'
     implementation 'org.springframework.boot:spring-boot-starter-web'
     implementation 'org.springframework.cloud:spring-cloud-starter-oauth2'
+//    implementation 'org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.1.5.RELEASE'
     implementation 'org.springframework.cloud:spring-cloud-starter-security'
     implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
     compileOnly 'org.projectlombok:lombok'

authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebMvcConfig.java

@@ -16,13 +16,13 @@ import java.util.List;
 @EnableWebSecurity
 public class WebMvcConfig implements WebMvcConfigurer {
 
-    @Autowired
+//    @Autowired
-    private UserArgumentResolver userArgumentResolver;
+//    private UserArgumentResolver userArgumentResolver;
-
+//
-    @Override
+//    @Override
-    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
+//    public void addArgumentResolvers(List<HandlerMethodArgumentResolver> resolvers) {
-        resolvers.add(userArgumentResolver);
+//        resolvers.add(userArgumentResolver);
-    }
+//    }
 
     @Bean
     FilterRegistrationBean forwardedHeaderFilter() {

authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java

@@ -11,12 +11,13 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 import org.springframework.security.web.csrf.CsrfFilter;
 import org.springframework.web.filter.CharacterEncodingFilter;
 
 @Configuration
-@EnableWebSecurity
+//@EnableOAuth2Client
 //@Order(SecurityProperties.BASIC_AUTH_ORDER - 6)
 @Order(-1)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@@ -45,35 +46,40 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         CharacterEncodingFilter filter = new CharacterEncodingFilter();
-        http
+//        http
-            .authorizeRequests()
+//            .formLogin().loginPage("/login").permitAll()
-                .antMatchers("/", "/login/**", "/css/**", "/images/**", "/js/**",
+//            .and()
-                        "/console/**", "/oauth2/**").permitAll()
+//            .authorizeRequests()
-                .anyRequest().authenticated()
+//                .antMatchers("/", "/login/**", "/css/**", "/images/**", "/js/**", "/oauth/authorize", "/oauth/confirm_access",
+//                        "/console/**", "/oauth2/**").permitAll()
+//                .anyRequest().authenticated();
+//            .and()
+//                .oauth2Login();
+//                .loginPage("/login").permitAll()
+////                .defaultSuccessUrl("http://localhost:8765/login")
+//                .failureUrl("/loginFailure")
+//            .and()
+//                .headers().frameOptions().disable()
+//            .and()
+//                .exceptionHandling()
+//                .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
+//
+//            .and()
+//                .logout()
+//                .logoutUrl("/logout")
+//                .deleteCookies("JSESSSIONID")
+//                .invalidateHttpSession(true)
+//            .and()
+//                .addFilterBefore(filter, CsrfFilter.class);
+//                .csrf().disable();
+        http.formLogin().loginPage("/login").permitAll()
+                .and()
+                .requestMatchers().antMatchers("/login/**", "/logout", "/oauth/authorize", "/oauth/confirm_access", "/oauth2/**")
+                .and()
+                .authorizeRequests().anyRequest().authenticated()
                 .and()
                 .oauth2Login()
-                .defaultSuccessUrl("/loginSuccess")
+                .loginPage("/login").permitAll();
-                .failureUrl("/loginFailure")
-            .and()
-                .headers().frameOptions().disable()
-            .and()
-                .exceptionHandling()
-                .authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login"))
-            .and()
-                .formLogin().loginPage("/login")
-            .and()
-                .logout()
-                .logoutUrl("/logout")
-                .deleteCookies("JSESSSIONID")
-                .invalidateHttpSession(true)
-            .and()
-                .addFilterBefore(filter, CsrfFilter.class);
-//                .csrf().disable();
-//        http.formLogin().loginPage("/login").permitAll()
-//                .and()
-//                .requestMatchers().antMatchers("/login", "/logout", "/oauth/authorize", "/oauth/confirm_access")
-//                .and()
-//                .authorizeRequests().anyRequest().authenticated();
 
     }
 

authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java

@@ -82,8 +82,10 @@ public class SsoController {
     }
 
     @GetMapping(value = "/loginSuccess")
+    @ResponseBody
     public String loginComplete(@SocialUser User user) {
-        return "redirect:/login/success";
+        System.out.println(user);
+        return "kkkkkkkkk";
     }
 
     @GetMapping(value = "/login/success")

authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/UserArgumentResolver.java

@@ -98,8 +98,8 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver {
      */
     private User getModernUser(SocialType socialType, Map<String, Object> map) {
         return User.builder()
-                .username(String.valueOf(map.get("name")))
+                .name(String.valueOf(map.get("name")))
-                .email(String.valueOf(map.get("mail")))
+                .email(String.valueOf(map.get("email")))
                 .principal(String.valueOf(map.get("id")))
                 .socialType(socialType)
                 .createdAt(LocalDateTime.now())

authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java

@@ -20,6 +20,9 @@ public class User {
     @Column
     private String username;
 
+    @Column
+    private String name;
+
     @Column
     private String password;
 
@@ -50,9 +53,10 @@ public class User {
 //    private Date regDate = new Date();
 
     @Builder
-    public User(String username, String password, String email, String principal,
+    public User(String username, String name, String password, String email, String principal,
                 SocialType socialType, LocalDateTime createdAt, LocalDateTime updatedAt) {
         this.username = username;
+        this.name = name;
         this.password = password;
         this.email = email;
         this.principal = principal;

authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java

@@ -1,5 +1,6 @@
 package io.bluemoon.authorizationserver.domain.user;
 
+import io.bluemoon.authorizationserver.domain.social.SocialType;
 import lombok.Data;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -16,14 +17,12 @@ public class UserDetail implements UserDetails {
     private Long id;
     private String username;
     private String password;
-    private String userType;
     private List<String> roles;
 
     public UserDetail(User user) {
         this.id = user.getId();
         this.username = user.getUsername();
         this.password = user.getPassword();
-//        this.userType = user.getSocialType();
     }
 
     @Override

authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java

@@ -25,12 +25,14 @@ public class CustomUserDetailsServiceImpl implements UserDetailsService {
     @Override
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         User user = userRepository.findByUsername(username);
+        System.out.println(user);
 
         if (user == null) {
             throw new UsernameNotFoundException("UsernameNotFound[" + username + "]");
         }
 
         UserDetail userDetail = createUser(user);
+        System.out.println(userDetail);
         return userDetail;
     }
 
@@ -41,12 +43,13 @@ public class CustomUserDetailsServiceImpl implements UserDetailsService {
      */
     private UserDetail createUser(User user) {
         UserDetail userDetail = new UserDetail(user);
-
-        if (userDetail.getUserType().equals("1")) {
-            userDetail.setRoles(Arrays.asList("ROLE_ADMIN"));
-        } else {
         userDetail.setRoles(Arrays.asList("ROLE_USER"));
-        }
+
+//        if (userDetail.getSocial_type().getVaule().equals("FACEBOOK")) {
+//            userDetail.setRoles(Arrays.asList("ROLE_FACEBOOK"));
+//        } else {
+//            userDetail.setRoles(Arrays.asList("ROLE_USER"));
+//        }
         return userDetail;
     }
 }

authorization-server/src/main/resources/application.properties

@@ -1,5 +1,5 @@
 server.port=8081
-#server.servlet.context-path=/mk-auth
+server.servlet.context-path=/mk-auth
 server.use-forward-headers=false
 
 security.oauth2.authorization.check-token-access=isAuthenticated()

authorization-server/src/main/resources/templates/login.ftl

@@ -18,7 +18,7 @@
 </div>
 
 <div>
-    <a class="facebook-login-text" href="/oauth2/authorization/facebook">facebook으로 로그인</a>
+    <a class="facebook-login-text" href="/mk-auth/oauth2/authorization/facebook">facebook으로 로그인</a>
 </div>
 </body>
 </html>

gateway-zuul/src/main/java/io/bluemoon/gatewayzuul/config/SecurityConfig.java

@@ -1,23 +1,13 @@
 package io.bluemoon.gatewayzuul.config;
 
-import io.bluemoon.gatewayzuul.filter.DynamicOauth2ClientContextFilter;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.Primary;
 import org.springframework.core.annotation.Order;
-import org.springframework.security.authentication.AuthenticationManager;
+
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
-import org.springframework.security.oauth2.provider.ClientDetailsService;
-import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager;
-import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationProcessingFilter;
-import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
 import org.springframework.security.web.csrf.*;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -29,11 +19,10 @@ import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+
 import java.io.IOException;
 import java.util.regex.Pattern;
 
-
-
 @Configuration
 @EnableOAuth2Sso
 @EnableResourceServer
@@ -49,7 +38,7 @@ public class SecurityConfig  extends WebSecurityConfigurerAdapter {
     @Override
     public void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
-                .antMatchers("/mk-auth/**", "/login").permitAll().anyRequest().authenticated()
+                .antMatchers("/**", "/mk-auth/**", "/login").permitAll().anyRequest().authenticated()
                 .and()
 //                .csrf().requireCsrfProtectionMatcher(csrfRequestMatcher()).csrfTokenRepository(csrfTokenRepository())
 //                .and()

gateway-zuul/src/main/resources/application.properties

@@ -1,14 +1,14 @@
 server.port=8765
 
-zuul.sensitive-headers=Cookie,Set-Cookie
+zuul.sensitive-headers=
 
 zuul.routes.mk2-service.path=/service/**
 zuul.routes.mk2-service.url=http://127.0.0.1:8082
-zuul.routes.mk2-service.sensitive-headers=Cookie,Set-Cookie
+zuul.routes.mk2-service.sensitive-headers=
 
 zuul.routes.mk2-oauth.path=/mk-auth/**
-zuul.routes.mk2-oauth.url=http://127.0.0.1:8081
+zuul.routes.mk2-oauth.url=https://6667b9ff.ngrok.io
-zuul.routes.mk2-oauth.sensitive-headers=Cookie,Set-Cookie
+zuul.routes.mk2-oauth.sensitive-headers=
 #zuul.routes.mk2-oauth.path=/mk2auth/**
 
 zuul.routes.mk2-oauth.strip-prefix=false
@@ -18,13 +18,13 @@ security.oauth2.sso.login-path=/login
 
 
 
-security.oauth2.client.access-token-uri=http://127.0.0.1:8081/mk-auth/oauth/token
+security.oauth2.client.access-token-uri=https://6667b9ff.ngrok.io/mk-auth/oauth/token
 
 # /oauth/authorize 요청은 클라이언트가 리소스 서버의 api를 사용하기 위해 사용자(리소스 소유자)에게
 # 권한 위임 동의를 받기 위한 페이지를 출력하는 기능을 수행
-security.oauth2.client.user-authorization-uri=http://127.0.0.1:8081/mk-auth/oauth/authorize
+security.oauth2.client.user-authorization-uri=https://6667b9ff.ngrok.io/mk-auth/oauth/authorize
 
-security.oauth2.resource.user-info-uri=http://127.0.0.1:8081/mk-auth/user
+security.oauth2.resource.user-info-uri=https://6667b9ff.ngrok.io/mk-auth/user
 #security.oauth2.resource.prefer-token-info=false
 
 security.oauth2.client.client-id=system1
@@ -40,3 +40,5 @@ security.oauth2.client.client-secret=1234
 #management.endpoints.web.exposure.include=routes, health, filter
 #management.endpoint.routes.enabled=true
 #management.endpoint.filters.enabled=true
+logging.level.web=debug
+spring.http.log-request-details=true