diff --git a/authorization-server/build.gradle b/authorization-server/build.gradle index b0b463b..9d534ca 100644 --- a/authorization-server/build.gradle +++ b/authorization-server/build.gradle @@ -29,7 +29,7 @@ dependencies { implementation 'org.springframework.boot:spring-boot-starter-web' implementation 'org.springframework.cloud:spring-cloud-starter-oauth2' implementation 'org.springframework.cloud:spring-cloud-starter-security' - implementation('org.springframework.boot:spring-boot-starter-data-jpa') + implementation 'org.springframework.boot:spring-boot-starter-data-jpa' compileOnly 'org.projectlombok:lombok' runtimeOnly 'mysql:mysql-connector-java' annotationProcessor 'org.projectlombok:lombok' diff --git a/authorization-server/gradle/wrapper/gradle-wrapper.properties b/authorization-server/gradle/wrapper/gradle-wrapper.properties index f4d7b2b..015c797 100644 --- a/authorization-server/gradle/wrapper/gradle-wrapper.properties +++ b/authorization-server/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,6 @@ +#Thu May 16 11:26:19 KST 2019 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-5.4.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-5.4.1-all.zip diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java new file mode 100644 index 0000000..a03dfed --- /dev/null +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/AuthServerConfig.java @@ -0,0 +1,7 @@ +package io.bluemoon.authorizationserver.config; + +import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; + +public class AuthServerConfig extends AuthorizationServerConfigurerAdapter { + +} diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java new file mode 100644 index 0000000..1f5f408 --- /dev/null +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java @@ -0,0 +1,72 @@ +package io.bluemoon.authorizationserver.config; + +import io.bluemoon.authorizationserver.service.user.CustomUserDetailsServiceImpl; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.dao.DaoAuthenticationProvider; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.crypto.password.NoOpPasswordEncoder; + +@Configuration +public class WebSecurityConfig extends WebSecurityConfigurerAdapter { + + private CustomUserDetailsServiceImpl customUserDetailsService; + + public WebSecurityConfig( + CustomUserDetailsServiceImpl customUserDetailsService + ) { + this.customUserDetailsService = customUserDetailsService; + } + + /** + * authentication processing + * if success -> Authentication in info object return + * els fail -> Exception + * impl 구현체 -> authentication provider 에서 구현해서 authentication object를 던져줌 + * @return AuthenticationManager + * @throws Exception + */ + @Bean + @Override + public AuthenticationManager authenticationManagerBean() throws Exception { + return super.authenticationManagerBean(); + } + + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests().antMatchers("/oauth/**", "/test/**").permitAll(); + } + + /** + * authentication Object managing + * + * @param auth + * @throws Exception + */ + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.authenticationProvider(daoAuthenticationProvider()); + } + + /** + * user info at database for make authentication object + * + * @return DaoAuthenticationProvider + */ + @Bean + public DaoAuthenticationProvider daoAuthenticationProvider() { + DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); + daoAuthenticationProvider.setUserDetailsService(customUserDetailsService); + daoAuthenticationProvider.setPasswordEncoder(passwordEncoder()); + return daoAuthenticationProvider; + } + + @Bean + @SuppressWarnings("deprecation") + public static NoOpPasswordEncoder passwordEncoder() { + return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance(); + } +} diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java new file mode 100644 index 0000000..fb1958a --- /dev/null +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java @@ -0,0 +1,28 @@ +package io.bluemoon.authorizationserver.domain.user; + +import lombok.Data; + +import javax.persistence.*; +import java.util.Date; + +@Entity +@Data +public class User { + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private Long id; + + @Column(length = 20, nullable = false, unique = true) + private String userName; + + @Column(length = 100, nullable = false) + private String password; + + //1:수퍼관리자, 2:관리자, 3:사용자 + @Column(length = 1, nullable = false) + private String userType; + + @Column(nullable = false) + @Temporal(TemporalType.TIMESTAMP) + private Date regDate = new Date(); +} diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java new file mode 100644 index 0000000..7fb00ab --- /dev/null +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserDetail.java @@ -0,0 +1,57 @@ +package io.bluemoon.authorizationserver.domain.user; + +import lombok.Data; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.SimpleGrantedAuthority; +import org.springframework.security.core.userdetails.UserDetails; + +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +@Data +public class UserDetail implements UserDetails { + + private static final long serialVersionUID = 6396079419309274853L; + private Long id; + private String username; + private String password; + private String userType; + private List roles; + + public UserDetail(User user) { + this.id = user.getId(); + this.username = user.getUserName(); + this.password = user.getPassword(); + this.userType = user.getUserType(); + } + + @Override + public Collection getAuthorities() { + List authorities = new ArrayList<>(); + for (String role: roles) { + authorities.add(new SimpleGrantedAuthority(role)); + } + return authorities; + } + + @Override + public boolean isAccountNonExpired() { + return true; + } + + @Override + public boolean isAccountNonLocked() { + return true; + } + + @Override + public boolean isCredentialsNonExpired() { + return true; + } + + @Override + public boolean isEnabled() { + return true; + } +} diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRepository.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRepository.java new file mode 100644 index 0000000..dc27504 --- /dev/null +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRepository.java @@ -0,0 +1,7 @@ +package io.bluemoon.authorizationserver.domain.user; + +import org.springframework.data.jpa.repository.JpaRepository; + +public interface UserRepository extends JpaRepository { + User findByUserName(String userName); +} diff --git a/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java b/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java new file mode 100644 index 0000000..e595e98 --- /dev/null +++ b/authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java @@ -0,0 +1,52 @@ +package io.bluemoon.authorizationserver.service.user; + +import io.bluemoon.authorizationserver.domain.user.User; +import io.bluemoon.authorizationserver.domain.user.UserDetail; +import io.bluemoon.authorizationserver.domain.user.UserRepository; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.stereotype.Service; + +import java.util.Arrays; + +@Service +public class CustomUserDetailsServiceImpl implements UserDetailsService { + + // User Info + private UserRepository userRepository; + + public CustomUserDetailsServiceImpl( + UserRepository userRepository + ) { + this.userRepository = userRepository; + } + + @Override + public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { + User user = userRepository.findByUserName(username); + + if (user == null) { + throw new UsernameNotFoundException("UsernameNotFound[" + username + "]"); + } + + UserDetail userDetail = createUser(user); + return userDetail; + } + + /** + * User role check + * @param user + * @return + */ + private UserDetail createUser(User user) { + UserDetail userDetail = new UserDetail(user); + + if (userDetail.getUserType().equals("1")) { + userDetail.setRoles(Arrays.asList("ROLE_ADMIN")); + } else { + userDetail.setRoles(Arrays.asList("ROLE_USER")); + } + return userDetail; + } +}