From d2dbddb9d20e591299ee9967282ee4d905190da4 Mon Sep 17 00:00:00 2001 From: liquidjoo Date: Wed, 10 Jul 2019 15:26:23 +0900 Subject: [PATCH] resourceServer config, websecurity config setting --- .../AuthorizationServer2Application.java | 2 +- .../config/ResourceServerConfig.java | 12 ++++-- .../config/WebSecurity2Config.java | 27 ++++++++++++- .../controller/AuthController.java | 35 ++++++++++++++++- test-service/build.gradle | 1 + .../testservice/TestServiceApplication.java | 1 - .../config/ResourceServerConfig.java | 26 +++++++++++++ .../testservice/config/WebMvcConfig.java | 1 + .../testservice/config/WebSecurityConfig.java | 6 ++- .../controller/SignController.java | 37 ++++++++++++++++-- .../testservice/domain/oauth/OAuthUser.java | 1 - .../testservice/domain/user/User.java | 8 ++-- .../service/user/UserEventListener.java | 12 +++++- .../service/user/UserServiceImpl.java | 19 +++++++-- .../testservice/utils/APIRequest.java | 4 +- .../src/main/resources/application.properties | 18 ++++++++- .../src/main/resources/templates/signIn.html | 2 +- .../src/main/resources/templates/signUp.html | 39 +++++++++++++++++++ 18 files changed, 224 insertions(+), 27 deletions(-) rename test-service/src/main/java/io/bluemoon/testservice/ResourceServiceConfig.java => authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/ResourceServerConfig.java (54%) create mode 100644 test-service/src/main/java/io/bluemoon/testservice/config/ResourceServerConfig.java create mode 100644 test-service/src/main/resources/templates/signUp.html diff --git a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/AuthorizationServer2Application.java b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/AuthorizationServer2Application.java index 59ca2c3..b5df6b9 100644 --- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/AuthorizationServer2Application.java +++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/AuthorizationServer2Application.java @@ -4,7 +4,7 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; -@EnableResourceServer +//@EnableResourceServer @SpringBootApplication public class AuthorizationServer2Application { diff --git a/test-service/src/main/java/io/bluemoon/testservice/ResourceServiceConfig.java b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/ResourceServerConfig.java similarity index 54% rename from test-service/src/main/java/io/bluemoon/testservice/ResourceServiceConfig.java rename to authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/ResourceServerConfig.java index 82d729c..eff04f2 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/ResourceServiceConfig.java +++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/ResourceServerConfig.java @@ -1,18 +1,24 @@ -package io.bluemoon.testservice; +package io.bluemoon.authorizationserver2.config; +import org.springframework.boot.autoconfigure.security.SecurityProperties; import org.springframework.context.annotation.Configuration; +import org.springframework.core.annotation.Order; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; -import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher; @Configuration -public class ResourceServiceConfig extends ResourceServerConfigurerAdapter { +//@Order(SecurityProperties.BASIC_AUTH_ORDER) +@EnableResourceServer +public class ResourceServerConfig extends ResourceServerConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { http +// .requestMatchers().antMatchers("/createOAuthUser") +// .and() .authorizeRequests() + .antMatchers("/createOAuthUser").permitAll() .anyRequest() .authenticated(); } diff --git a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/WebSecurity2Config.java b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/WebSecurity2Config.java index 861e830..d35a490 100644 --- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/WebSecurity2Config.java +++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/WebSecurity2Config.java @@ -8,13 +8,22 @@ import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.factory.PasswordEncoderFactories; import org.springframework.security.crypto.password.NoOpPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.util.matcher.AnyRequestMatcher; +import org.springframework.security.web.util.matcher.RequestMatcher; @Configuration -@Order(SecurityProperties.BASIC_AUTH_ORDER) +@EnableWebSecurity +//@Order(SecurityProperties.BASIC_AUTH_ORDER -1) +//@Order(-1) public class WebSecurity2Config extends WebSecurityConfigurerAdapter { private CustomUserDetailsServiceImpl customUserDetailsService; +// private PasswordEncoder passwordEncoder; public WebSecurity2Config( CustomUserDetailsServiceImpl customUserDetailsService @@ -33,8 +42,18 @@ public class WebSecurity2Config extends WebSecurityConfigurerAdapter { auth.authenticationProvider(daoAuthenticationProvider()); } + // allow controller uri + + @Override protected void configure(HttpSecurity http) throws Exception { + http +// .requestMatchers().antMatchers("/createOAuthUser") +// .and() + .authorizeRequests() +// .antMatchers("/createOAuthUser").permitAll() + .anyRequest() + .authenticated(); } @@ -47,6 +66,12 @@ public class WebSecurity2Config extends WebSecurityConfigurerAdapter { } // 패스워드 인코딩 수정 +// @Bean +// public static PasswordEncoder passwordEncoder() { +// return new BCryptPasswordEncoder(); +// } + + @Bean @SuppressWarnings("deprecation") public static NoOpPasswordEncoder passwordEncoder() { diff --git a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/controller/AuthController.java b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/controller/AuthController.java index 38ef477..2aa62b6 100644 --- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/controller/AuthController.java +++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/controller/AuthController.java @@ -1,17 +1,48 @@ package io.bluemoon.authorizationserver2.controller; +import io.bluemoon.authorizationserver2.domain.user.User; +import io.bluemoon.authorizationserver2.service.user.UserService; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.validation.Errors; +import org.springframework.web.bind.annotation.*; +import javax.validation.constraints.NotNull; import java.security.Principal; +import java.util.Map; @RestController public class AuthController { + private UserService userService; + + public AuthController( + UserService userService + ) { + this.userService = userService; + } + + @RequestMapping(value = "/user") public Principal getUser(Principal user) { return user; } + + @RequestMapping(value = "/createOAuthUser", method = RequestMethod.POST) + public User createOAuthUser(@RequestBody @NotNull User user, @RequestHeader Map header, Errors errors) { + System.out.println(errors.toString()); + System.out.println(user); + System.out.println(header); + + return user; + } + + @PutMapping(value = "/updateOAuthUser") + public User updateOAuthUser(@RequestBody User user, @RequestHeader Map header) { + System.out.println(user); + System.out.println(header); + + return user; + } + } diff --git a/test-service/build.gradle b/test-service/build.gradle index 3577ca4..f2d9538 100644 --- a/test-service/build.gradle +++ b/test-service/build.gradle @@ -31,6 +31,7 @@ dependencies { implementation 'com.squareup.okhttp3:okhttp:3.9.1' implementation 'com.google.code.gson:gson' compileOnly 'org.projectlombok:lombok' + runtimeOnly 'mysql:mysql-connector-java' annotationProcessor 'org.projectlombok:lombok' testImplementation 'org.springframework.boot:spring-boot-starter-test' } diff --git a/test-service/src/main/java/io/bluemoon/testservice/TestServiceApplication.java b/test-service/src/main/java/io/bluemoon/testservice/TestServiceApplication.java index 37bca4e..4049723 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/TestServiceApplication.java +++ b/test-service/src/main/java/io/bluemoon/testservice/TestServiceApplication.java @@ -14,7 +14,6 @@ import org.springframework.web.bind.annotation.SessionAttributes; import java.security.Principal; @SpringBootApplication -@EnableResourceServer public class TestServiceApplication { diff --git a/test-service/src/main/java/io/bluemoon/testservice/config/ResourceServerConfig.java b/test-service/src/main/java/io/bluemoon/testservice/config/ResourceServerConfig.java new file mode 100644 index 0000000..adc9487 --- /dev/null +++ b/test-service/src/main/java/io/bluemoon/testservice/config/ResourceServerConfig.java @@ -0,0 +1,26 @@ +package io.bluemoon.testservice.config; + +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; +import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; +import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; + +@Configuration +@EnableResourceServer +public class ResourceServerConfig extends ResourceServerConfigurerAdapter { + + + @Override + public void configure(HttpSecurity http) throws Exception { + http + .authorizeRequests() + .antMatchers("/signIn").permitAll() + .antMatchers("/signUp").permitAll() + .antMatchers("/signInMiddleWare").permitAll() + .antMatchers("/signUpMiddleWare").permitAll() + .anyRequest() + .authenticated(); + } +} diff --git a/test-service/src/main/java/io/bluemoon/testservice/config/WebMvcConfig.java b/test-service/src/main/java/io/bluemoon/testservice/config/WebMvcConfig.java index 163c259..981232d 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/config/WebMvcConfig.java +++ b/test-service/src/main/java/io/bluemoon/testservice/config/WebMvcConfig.java @@ -12,5 +12,6 @@ public class WebMvcConfig implements WebMvcConfigurer { @Override public void addViewControllers(ViewControllerRegistry registry) { registry.addViewController("/signIn").setViewName("signIn"); + registry.addViewController("/signUp").setViewName("signUp"); } } diff --git a/test-service/src/main/java/io/bluemoon/testservice/config/WebSecurityConfig.java b/test-service/src/main/java/io/bluemoon/testservice/config/WebSecurityConfig.java index da50d60..f3f4cef 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/config/WebSecurityConfig.java +++ b/test-service/src/main/java/io/bluemoon/testservice/config/WebSecurityConfig.java @@ -9,7 +9,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; @Configuration -@Order(-1) +//@Order(-1) public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override @@ -17,7 +17,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { http .authorizeRequests() .antMatchers("/signIn").permitAll() - .antMatchers("/signInAfter").permitAll() + .antMatchers("/signUp").permitAll() + .antMatchers("/signInMiddleWare").permitAll() + .antMatchers("/signUpMiddleWare").permitAll() .anyRequest() .authenticated(); diff --git a/test-service/src/main/java/io/bluemoon/testservice/controller/SignController.java b/test-service/src/main/java/io/bluemoon/testservice/controller/SignController.java index 4881fb7..27068bf 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/controller/SignController.java +++ b/test-service/src/main/java/io/bluemoon/testservice/controller/SignController.java @@ -1,6 +1,8 @@ package io.bluemoon.testservice.controller; import io.bluemoon.testservice.domain.user.User; +import io.bluemoon.testservice.service.user.UserService; +import org.springframework.boot.autoconfigure.security.SecurityProperties; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; @@ -9,8 +11,17 @@ import java.util.Map; @RestController public class SignController { - @PostMapping("/signInAfter") - private String signIn(HttpServletRequest request) { + + private UserService userService; + + public SignController( + UserService userService + ) { + this.userService = userService; + } + + @PostMapping("/signInMiddleWare") + public String signInMiddleWare(HttpServletRequest request) { System.out.println(request); System.out.println(request.getAuthType()); System.out.println(request.getSession()); @@ -19,11 +30,29 @@ public class SignController { return "aaaa"; } + @PostMapping("/signUpMiddleWare") + public User signUpMiddleWare(HttpServletRequest request) { + + User user = requestToUser(request); + + return userService.createUser(user); + + } + @PostMapping("/createOAuthUser") public String creatOAuthUser(@RequestBody @Valid User user, @RequestHeader Map header) { - - return ""; } + + + private User requestToUser(HttpServletRequest request) { + User user = new User(); + user.setUsername(request.getParameter("username")); + user.setPassword(request.getParameter("password")); + + + return user; + } + } diff --git a/test-service/src/main/java/io/bluemoon/testservice/domain/oauth/OAuthUser.java b/test-service/src/main/java/io/bluemoon/testservice/domain/oauth/OAuthUser.java index 2e44835..4787172 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/domain/oauth/OAuthUser.java +++ b/test-service/src/main/java/io/bluemoon/testservice/domain/oauth/OAuthUser.java @@ -1,7 +1,6 @@ package io.bluemoon.testservice.domain.oauth; import lombok.Data; -import java.time.LocalDateTime; @Data public class OAuthUser { diff --git a/test-service/src/main/java/io/bluemoon/testservice/domain/user/User.java b/test-service/src/main/java/io/bluemoon/testservice/domain/user/User.java index b1186ce..7e1c7dd 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/domain/user/User.java +++ b/test-service/src/main/java/io/bluemoon/testservice/domain/user/User.java @@ -2,15 +2,17 @@ package io.bluemoon.testservice.domain.user; import lombok.Data; -import javax.persistence.GeneratedValue; -import javax.persistence.GenerationType; -import javax.persistence.Id; +import javax.persistence.*; @Data +@Entity public class User { @Id @GeneratedValue(strategy = GenerationType.IDENTITY) private int id; + + @Column private String username; + @Column private String password; } diff --git a/test-service/src/main/java/io/bluemoon/testservice/service/user/UserEventListener.java b/test-service/src/main/java/io/bluemoon/testservice/service/user/UserEventListener.java index 6d92160..c45b120 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/service/user/UserEventListener.java +++ b/test-service/src/main/java/io/bluemoon/testservice/service/user/UserEventListener.java @@ -1,6 +1,7 @@ package io.bluemoon.testservice.service.user; import io.bluemoon.testservice.domain.user.User; +import io.bluemoon.testservice.utils.APIRequest; import org.springframework.scheduling.annotation.Async; import org.springframework.stereotype.Component; import org.springframework.transaction.event.TransactionPhase; @@ -13,8 +14,14 @@ public class UserEventListener { @Async @TransactionalEventListener(phase = TransactionPhase.AFTER_COMMIT, classes = UserServiceImpl.UserCreateEvent.class) - public void createUserHandle(UserServiceImpl.UserCreateEvent event) throws IOException { + public void handle(UserServiceImpl.UserCreateEvent event) throws IOException { User user = event.getUser(); + System.out.println("----------handler"); + System.out.println(user); + APIRequest.ResponseWrapper responseWrapper = APIRequest.getIRequestExecutor().createOAuthUser(user); + System.out.println(responseWrapper.getHeader()); + System.out.println(responseWrapper.getBody()); + // oauth @@ -22,7 +29,8 @@ public class UserEventListener { @Async @TransactionalEventListener(phase = TransactionPhase.AFTER_COMMIT, classes = UserServiceImpl.UserUpdateEvent.class) - public void updateUserHandle(UserServiceImpl.UserUpdateEvent event) throws IOException { + public void handle(UserServiceImpl.UserUpdateEvent event) throws IOException { + System.out.println("----------handler"); User user = event.getUser(); // oauth diff --git a/test-service/src/main/java/io/bluemoon/testservice/service/user/UserServiceImpl.java b/test-service/src/main/java/io/bluemoon/testservice/service/user/UserServiceImpl.java index 9c84dd6..b49f027 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/service/user/UserServiceImpl.java +++ b/test-service/src/main/java/io/bluemoon/testservice/service/user/UserServiceImpl.java @@ -6,11 +6,16 @@ import lombok.Getter; import lombok.NonNull; import org.springframework.context.ApplicationEventPublisher; import org.springframework.context.ApplicationEventPublisherAware; +import org.springframework.context.annotation.Bean; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import java.util.Optional; @Service +@Transactional public class UserServiceImpl implements UserService, ApplicationEventPublisherAware { private UserRepository userRepository; @@ -25,12 +30,15 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw @Override public User createUser(User user) { - + System.out.println(passwordEncoder().encode(user.getPassword())); + user.setPassword(passwordEncoder().encode(user.getPassword())); + System.out.println(passwordEncoder().matches("1234", user.getPassword())); userRepository.save(user); eventPublisher.publishEvent(new UserCreateEvent(user)); - return null; + return user; } + // update password는 별로의 로직으로? @Override public User updateUser(User user) { Optional optionalUser = userRepository.findById(user.getId()); @@ -39,7 +47,7 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw userRepository.save(user); eventPublisher.publishEvent(new UserUpdateEvent(user)); } - return null; + return user; } @Override @@ -64,4 +72,9 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw this.user = user; } } + + @Bean + public PasswordEncoder passwordEncoder() { + return new BCryptPasswordEncoder(); + } } diff --git a/test-service/src/main/java/io/bluemoon/testservice/utils/APIRequest.java b/test-service/src/main/java/io/bluemoon/testservice/utils/APIRequest.java index 1f2d634..c45c790 100644 --- a/test-service/src/main/java/io/bluemoon/testservice/utils/APIRequest.java +++ b/test-service/src/main/java/io/bluemoon/testservice/utils/APIRequest.java @@ -39,7 +39,7 @@ public class APIRequest { @Override public ResponseWrapper createOAuthUser(User user) throws IOException { - String url = ""; + String url = "http://localhost:8081/auth/createOAuthUser"; Gson gson = new GsonBuilder().setPrettyPrinting().create(); String jsonString = gson.toJson(user); @@ -55,7 +55,7 @@ public class APIRequest { Response response = call.execute(); ResponseWrapper result = new ResponseWrapper(response.body().string(), convertToString(response.headers())); - return null; + return result; } @Override diff --git a/test-service/src/main/resources/application.properties b/test-service/src/main/resources/application.properties index 5003d30..fc5c686 100644 --- a/test-service/src/main/resources/application.properties +++ b/test-service/src/main/resources/application.properties @@ -8,4 +8,20 @@ server.servlet.context-path=/api #security.oauth2.client.client-id=system1 #security.oauth2.client.client-secret=1234 #security.oauth2.resource.token-info-uri=http://127.0.0.1:8081/mk-auth/oauth/check_token -security.oauth2.resource.user-info-uri=http://127.0.0.1:8765/auth/check_token \ No newline at end of file +security.oauth2.resource.user-info-uri=http://127.0.0.1:8765/auth/check_token + +spring.main.allow-bean-definition-overriding=true +spring.datasource.url=jdbc:mysql://127.0.0.1/local_keepgrow?useUnicode=true&characterEncoding=utf-8&zeroDateTimeBehavior=convertToNull&serverTimezone=UTC +spring.datasource.username=root +spring.datasource.password=bluemoon +spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver +spring.datasource.platform=schema +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDB53Dialect + +spring.jpa.database = MYSQL +spring.jpa.hibernate.ddl-auto=update +spring.jpa.generate-ddl=true +spring.jpa.show-sql=true + +logging.level.web=debug +spring.http.log-request-details=true \ No newline at end of file diff --git a/test-service/src/main/resources/templates/signIn.html b/test-service/src/main/resources/templates/signIn.html index 9869906..45feb81 100644 --- a/test-service/src/main/resources/templates/signIn.html +++ b/test-service/src/main/resources/templates/signIn.html @@ -5,7 +5,7 @@
-
+
diff --git a/test-service/src/main/resources/templates/signUp.html b/test-service/src/main/resources/templates/signUp.html new file mode 100644 index 0000000..1cd5b46 --- /dev/null +++ b/test-service/src/main/resources/templates/signUp.html @@ -0,0 +1,39 @@ + + + + + + +
+ +
+ +
+ +
+
+ + +
+ +
+ +
+
+ + + + +
+ + + + + + + + + + + + \ No newline at end of file