resourceServer config, websecurity config setting

2019-07-10 15:26:23 +09:00
parent 1cad6d916b
commit d2dbddb9d2
18 changed files with 224 additions and 27 deletions
--- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/AuthorizationServer2Application.java
+++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/AuthorizationServer2Application.java
@@ -4,7 +4,7 @@ import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
-@EnableResourceServer
+//@EnableResourceServer
@SpringBootApplication
 public class AuthorizationServer2Application {
--- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/ResourceServerConfig.java
+++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/ResourceServerConfig.java
@@ -1,18 +1,24 @@
-package io.bluemoon.testservice;
+package io.bluemoon.authorizationserver2.config;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.web.util.matcher.RequestHeaderRequestMatcher;
@Configuration
-public class ResourceServiceConfig extends ResourceServerConfigurerAdapter {
+//@Order(SecurityProperties.BASIC_AUTH_ORDER)
@EnableResourceServer
 public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
 //                .requestMatchers().antMatchers("/createOAuthUser")
 //                .and()
                .authorizeRequests()
                .antMatchers("/createOAuthUser").permitAll()
                .anyRequest()
                .authenticated();
    }
--- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/WebSecurity2Config.java
+++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/config/WebSecurity2Config.java
@@ -8,13 +8,22 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.util.matcher.AnyRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
@Configuration
-@Order(SecurityProperties.BASIC_AUTH_ORDER)
+@EnableWebSecurity
 //@Order(SecurityProperties.BASIC_AUTH_ORDER -1)
 //@Order(-1)
 public class WebSecurity2Config extends WebSecurityConfigurerAdapter {
    private CustomUserDetailsServiceImpl customUserDetailsService;
 //    private PasswordEncoder passwordEncoder;
    public WebSecurity2Config(
            CustomUserDetailsServiceImpl customUserDetailsService
@@ -33,8 +42,18 @@ public class WebSecurity2Config extends WebSecurityConfigurerAdapter {
        auth.authenticationProvider(daoAuthenticationProvider());
    }
    // allow controller uri
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
 //                .requestMatchers().antMatchers("/createOAuthUser")
 //                .and()
                .authorizeRequests()
 //                .antMatchers("/createOAuthUser").permitAll()
                .anyRequest()
                .authenticated();
    }
@@ -47,6 +66,12 @@ public class WebSecurity2Config extends WebSecurityConfigurerAdapter {
    }
    // 패스워드 인코딩 수정
 //    @Bean
 //    public static PasswordEncoder passwordEncoder() {
 //        return new BCryptPasswordEncoder();
 //    }
    @Bean
    @SuppressWarnings("deprecation")
    public static NoOpPasswordEncoder passwordEncoder() {
--- a/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/controller/AuthController.java
+++ b/authorization-server2/src/main/java/io/bluemoon/authorizationserver2/controller/AuthController.java
@@ -1,17 +1,48 @@
 package io.bluemoon.authorizationserver2.controller;
 import io.bluemoon.authorizationserver2.domain.user.User;
 import io.bluemoon.authorizationserver2.service.user.UserService;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.validation.Errors;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 import javax.validation.constraints.NotNull;
 import java.security.Principal;
 import java.util.Map;
@RestController
 public class AuthController {
    private UserService userService;
    public AuthController(
            UserService userService
    ) {
        this.userService = userService;
    }
    @RequestMapping(value = "/user")
    public Principal getUser(Principal user) {
        return user;
    }
    @RequestMapping(value = "/createOAuthUser", method = RequestMethod.POST)
    public User createOAuthUser(@RequestBody @NotNull User user, @RequestHeader Map header, Errors errors) {
        System.out.println(errors.toString());
        System.out.println(user);
        System.out.println(header);
        return user;
    }
    @PutMapping(value = "/updateOAuthUser")
    public User updateOAuthUser(@RequestBody User user, @RequestHeader Map header) {
        System.out.println(user);
        System.out.println(header);
        return user;
    }
 }
--- a/test-service/build.gradle
+++ b/test-service/build.gradle
@@ -31,6 +31,7 @@ dependencies {
    implementation 'com.squareup.okhttp3:okhttp:3.9.1'
    implementation 'com.google.code.gson:gson'
    compileOnly 'org.projectlombok:lombok'
    runtimeOnly 'mysql:mysql-connector-java'
    annotationProcessor 'org.projectlombok:lombok'
    testImplementation 'org.springframework.boot:spring-boot-starter-test'
 }
--- a/test-service/src/main/java/io/bluemoon/testservice/TestServiceApplication.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/TestServiceApplication.java
@@ -14,7 +14,6 @@ import org.springframework.web.bind.annotation.SessionAttributes;
 import java.security.Principal;
@SpringBootApplication
@EnableResourceServer
 public class TestServiceApplication {
--- a/test-service/src/main/java/io/bluemoon/testservice/config/ResourceServerConfig.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/config/ResourceServerConfig.java
@@ -0,0 +1,26 @@
 package io.bluemoon.testservice.config;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
@Configuration
@EnableResourceServer
 public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/signIn").permitAll()
                .antMatchers("/signUp").permitAll()
                .antMatchers("/signInMiddleWare").permitAll()
                .antMatchers("/signUpMiddleWare").permitAll()
                .anyRequest()
                .authenticated();
    }
 }
--- a/test-service/src/main/java/io/bluemoon/testservice/config/WebMvcConfig.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/config/WebMvcConfig.java
@@ -12,5 +12,6 @@ public class WebMvcConfig implements WebMvcConfigurer {
    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/signIn").setViewName("signIn");
        registry.addViewController("/signUp").setViewName("signUp");
    }
 }
--- a/test-service/src/main/java/io/bluemoon/testservice/config/WebSecurityConfig.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/config/WebSecurityConfig.java
@@ -9,7 +9,7 @@ import org.springframework.security.config.annotation.web.configuration.EnableWe
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
@Configuration
-@Order(-1)
+//@Order(-1)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
@@ -17,7 +17,9 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        http
                .authorizeRequests()
                .antMatchers("/signIn").permitAll()
-                .antMatchers("/signInAfter").permitAll()
+                .antMatchers("/signUp").permitAll()
                .antMatchers("/signInMiddleWare").permitAll()
                .antMatchers("/signUpMiddleWare").permitAll()
                .anyRequest()
                .authenticated();
--- a/test-service/src/main/java/io/bluemoon/testservice/controller/SignController.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/controller/SignController.java
@@ -1,6 +1,8 @@
 package io.bluemoon.testservice.controller;
 import io.bluemoon.testservice.domain.user.User;
 import io.bluemoon.testservice.service.user.UserService;
 import org.springframework.boot.autoconfigure.security.SecurityProperties;
 import org.springframework.web.bind.annotation.*;
 import javax.servlet.http.HttpServletRequest;
@@ -9,8 +11,17 @@ import java.util.Map;
@RestController
 public class SignController {
-    @PostMapping("/signInAfter")
+
-    private String signIn(HttpServletRequest request) {
+    private UserService userService;
    public SignController(
            UserService userService
    ) {
        this.userService = userService;
    }
    @PostMapping("/signInMiddleWare")
    public String signInMiddleWare(HttpServletRequest request) {
        System.out.println(request);
        System.out.println(request.getAuthType());
        System.out.println(request.getSession());
@@ -19,11 +30,29 @@ public class SignController {
        return "aaaa";
    }
    @PostMapping("/signUpMiddleWare")
    public User signUpMiddleWare(HttpServletRequest request) {
        User user = requestToUser(request);
        return userService.createUser(user);
    }
    @PostMapping("/createOAuthUser")
    public String creatOAuthUser(@RequestBody @Valid User user, @RequestHeader Map header) {
        return "";
    }
    private User requestToUser(HttpServletRequest request) {
        User user = new User();
        user.setUsername(request.getParameter("username"));
        user.setPassword(request.getParameter("password"));
        return user;
    }
 }
--- a/test-service/src/main/java/io/bluemoon/testservice/domain/oauth/OAuthUser.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/domain/oauth/OAuthUser.java
@@ -1,7 +1,6 @@
 package io.bluemoon.testservice.domain.oauth;
 import lombok.Data;
 import java.time.LocalDateTime;
@Data
 public class OAuthUser {
--- a/test-service/src/main/java/io/bluemoon/testservice/domain/user/User.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/domain/user/User.java
@@ -2,15 +2,17 @@ package io.bluemoon.testservice.domain.user;
 import lombok.Data;
-import javax.persistence.GeneratedValue;
+import javax.persistence.*;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
@Data
@Entity
 public class User {
    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private int id;
    @Column
    private String username;
    @Column
    private String password;
 }
--- a/test-service/src/main/java/io/bluemoon/testservice/service/user/UserEventListener.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/service/user/UserEventListener.java
@@ -1,6 +1,7 @@
 package io.bluemoon.testservice.service.user;
 import io.bluemoon.testservice.domain.user.User;
 import io.bluemoon.testservice.utils.APIRequest;
 import org.springframework.scheduling.annotation.Async;
 import org.springframework.stereotype.Component;
 import org.springframework.transaction.event.TransactionPhase;
@@ -13,8 +14,14 @@ public class UserEventListener {
    @Async
    @TransactionalEventListener(phase = TransactionPhase.AFTER_COMMIT, classes = UserServiceImpl.UserCreateEvent.class)
-    public void createUserHandle(UserServiceImpl.UserCreateEvent event) throws IOException {
+    public void handle(UserServiceImpl.UserCreateEvent event) throws IOException {
        User user = event.getUser();
        System.out.println("----------handler");
        System.out.println(user);
        APIRequest.ResponseWrapper responseWrapper = APIRequest.getIRequestExecutor().createOAuthUser(user);
        System.out.println(responseWrapper.getHeader());
        System.out.println(responseWrapper.getBody());
        // oauth
@@ -22,7 +29,8 @@ public class UserEventListener {
    @Async
    @TransactionalEventListener(phase = TransactionPhase.AFTER_COMMIT, classes = UserServiceImpl.UserUpdateEvent.class)
-    public void updateUserHandle(UserServiceImpl.UserUpdateEvent event) throws IOException {
+    public void handle(UserServiceImpl.UserUpdateEvent event) throws IOException {
        System.out.println("----------handler");
        User user = event.getUser();
        // oauth
--- a/test-service/src/main/java/io/bluemoon/testservice/service/user/UserServiceImpl.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/service/user/UserServiceImpl.java
@@ -6,11 +6,16 @@ import lombok.Getter;
 import lombok.NonNull;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.context.ApplicationEventPublisherAware;
 import org.springframework.context.annotation.Bean;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 import java.util.Optional;
@Service
@Transactional
 public class UserServiceImpl implements UserService, ApplicationEventPublisherAware {
    private UserRepository userRepository;
@@ -25,12 +30,15 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
    @Override
    public User createUser(User user) {
-
+        System.out.println(passwordEncoder().encode(user.getPassword()));
        user.setPassword(passwordEncoder().encode(user.getPassword()));
        System.out.println(passwordEncoder().matches("1234", user.getPassword()));
        userRepository.save(user);
        eventPublisher.publishEvent(new UserCreateEvent(user));
-        return null;
+        return user;
    }
    // update password는 별로의 로직으로?
    @Override
    public User updateUser(User user) {
        Optional<User> optionalUser = userRepository.findById(user.getId());
@@ -39,7 +47,7 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
            userRepository.save(user);
            eventPublisher.publishEvent(new UserUpdateEvent(user));
        }
-        return null;
+        return user;
    }
    @Override
@@ -64,4 +72,9 @@ public class UserServiceImpl implements UserService, ApplicationEventPublisherAw
            this.user = user;
        }
    }
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
 }
--- a/test-service/src/main/java/io/bluemoon/testservice/utils/APIRequest.java
+++ b/test-service/src/main/java/io/bluemoon/testservice/utils/APIRequest.java
@@ -39,7 +39,7 @@ public class APIRequest {
        @Override
        public ResponseWrapper createOAuthUser(User user) throws IOException {
-            String url = "";
+            String url = "http://localhost:8081/auth/createOAuthUser";
            Gson gson = new GsonBuilder().setPrettyPrinting().create();
            String jsonString = gson.toJson(user);
@@ -55,7 +55,7 @@ public class APIRequest {
            Response response = call.execute();
            ResponseWrapper result = new ResponseWrapper(response.body().string(), convertToString(response.headers()));
-            return null;
+            return result;
        }
        @Override
--- a/test-service/src/main/resources/application.properties
+++ b/test-service/src/main/resources/application.properties
@@ -8,4 +8,20 @@ server.servlet.context-path=/api
 #security.oauth2.client.client-id=system1
 #security.oauth2.client.client-secret=1234
 #security.oauth2.resource.token-info-uri=http://127.0.0.1:8081/mk-auth/oauth/check_token
-security.oauth2.resource.user-info-uri=http://127.0.0.1:8765/auth/check_token
+security.oauth2.resource.user-info-uri=http://127.0.0.1:8765/auth/check_token
 spring.main.allow-bean-definition-overriding=true
 spring.datasource.url=jdbc:mysql://127.0.0.1/local_keepgrow?useUnicode=true&characterEncoding=utf-8&zeroDateTimeBehavior=convertToNull&serverTimezone=UTC
 spring.datasource.username=root
 spring.datasource.password=bluemoon
 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
 spring.datasource.platform=schema
 spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MariaDB53Dialect
 spring.jpa.database = MYSQL
 spring.jpa.hibernate.ddl-auto=update
 spring.jpa.generate-ddl=true
 spring.jpa.show-sql=true
 logging.level.web=debug
 spring.http.log-request-details=true
--- a/test-service/src/main/resources/templates/signIn.html
+++ b/test-service/src/main/resources/templates/signIn.html
@@ -5,7 +5,7 @@
 </head>
 <body>
 <div class="container">
-    <form role="form" th:action="@{/signInAfter}" method="post">
+    <form role="form" th:action="@{/signInMiddleWare}" method="post">
        <div class="form-group row">
            <label for="username" class="col-sm-2 col-form-label">ID</label>
            <div class="col-sm-10">
--- a/test-service/src/main/resources/templates/signUp.html
+++ b/test-service/src/main/resources/templates/signUp.html
@@ -0,0 +1,39 @@
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
 <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
 <head>
 </head>
 <body>
 <div class="container">
    <form role="form" th:action="@{/signUpMiddleWare}" method="post">
        <div class="form-group row">
            <label for="username" class="col-sm-2 col-form-label">ID</label>
            <div class="col-sm-10">
                <input type="text" class="form-control" id="username" placeholder="id" name="username">
            </div>
        </div>
        <div class="form-group row">
            <label for="password" class="col-sm-2 col-form-label">Password</label>
            <div class="col-sm-10">
                <input type="password" class="form-control" id="password" placeholder="password" name="password">
            </div>
        </div>
        <input type="hidden" id="csrf_token" name="${_csrf.parameterName}" value="${_csrf.token}"/>
        <button type="submit" class="btn btn-primary">Sign in</button>
    </form>
 </div>
 </body>
 <script src="https://code.jquery.com/jquery-3.3.1.slim.min.js" integrity="sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo" crossorigin="anonymous"></script>
 <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js" integrity="sha384-UO2eT0CpHqdSJQ6hJty5KVphtPhzWj9WO1clHTMGa3JDZwrnQq4sF86dIHNDz0W1" crossorigin="anonymous"></script>
 <script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js" integrity="sha384-JjSmVgyd0p3pXB1rRibZUAYoIIy6OrQ6VrjIEaFf/nJGzIxFDsf4x0xIM+B07jRM" crossorigin="anonymous"></script>
 </html>