mindol1004/spring-cloud-oauth2-sso-mk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

chore: 사용하지 않는 패키지 정리

Browse Source
This commit is contained in:
liquidjoo
2020-08-04 14:10:10 +09:00
parent 6457af3084
commit f83a3ab606
15 changed files with 49 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
authorization-server/src/main/java/io/bluemoon/authorizationserver/AuthorizationServerApplication.java
View File

@@ -2,10 +2,6 @@ package io.bluemoon.authorizationserver;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.format.annotation.DateTimeFormat;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import java.util.Date;
@SpringBootApplication
public class AuthorizationServerApplication {

18
authorization-server/src/main/java/io/bluemoon/authorizationserver/config/OAuth2SsoServerConfig.java
View File

@@ -1,11 +1,10 @@
package io.bluemoon.authorizationserver.config;
import io.bluemoon.authorizationserver.service.user.CustomUserDetailsServiceImpl;
import io.bluemoon.authorizationserver.service.user.CustomUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
@@ -21,10 +20,8 @@ import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeSe
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
import javax.sql.DataSource;
import java.security.KeyPair;
@@ -47,7 +44,7 @@ public class OAuth2SsoServerConfig extends AuthorizationServerConfigurerAdapter
private ClientDetailsService clientDetailsService;
private AuthenticationManager authenticationManager;
private DataSource dataSource;
private CustomUserDetailsServiceImpl customUserDetailsService;
private CustomUserDetailsService customUserDetailsService;
public OAuth2SsoServerConfig(
// AuthorizationCodeServices authorizationCodeServices,
@@ -55,7 +52,7 @@ public class OAuth2SsoServerConfig extends AuthorizationServerConfigurerAdapter
ClientDetailsService clientDetailsService,
AuthenticationManager authenticationManager,
DataSource dataSource,
CustomUserDetailsServiceImpl customUserDetailsService
CustomUserDetailsService customUserDetailsService
) {
// this.authorizationCodeServices = authorizationCodeServices;
// this.approvalStore = approvalStore;
@@ -75,9 +72,10 @@ public class OAuth2SsoServerConfig extends AuthorizationServerConfigurerAdapter
}
/**
* OAuth2 서버가 작동하기 위한 Endpoint에 대한 정보를 설정
* 권한 부여 및 토큰 엔드 포인트와 토큰 서비스를 설정.
* AuhorizationEndpoint가 지원하는 부여 유형을 정할 수 있음.
* OAuth2 서버가 작동하기 위한 Endpoint에 대한 정보를 설정
* 권한 부여 및 토큰 엔드 포인트와 토큰 서비스를 설정.
* AuhorizationEndpoint가 지원하는 부여 유형을 정할 수 있음.
*
* @param endpoints
* @throws Exception
*/
@@ -108,6 +106,7 @@ public class OAuth2SsoServerConfig extends AuthorizationServerConfigurerAdapter
* 클라리언트 세부 사항 서비스의 메모리 내 or JDBC구현을 정의
* JdbcClientDetailsService를 활용해 데이터베이스 테이블로 세부 정보를 업데이트 가능
* AuthorizationServerConfigurer의 콜백
*
* @param clients
* @throws Exception
*/
@@ -123,6 +122,7 @@ public class OAuth2SsoServerConfig extends AuthorizationServerConfigurerAdapter
* 액세스 토큰을 만들 때 액세스 토콘을 수락하는 리소스가 나중에 참조 할 수 있도록 인증을 저장해야함
* 액세스 토콘을 생성 권한 부여에 사용 된 인증을 로드하는데 사용됨.
* 서버간에 데이터베이스를 공유 할 수 있는 경우!!
*
* @param dataSource
* @return
*/

1
authorization-server/src/main/java/io/bluemoon/authorizationserver/config/ResourceServerConfiguration.java
View File

@@ -4,7 +4,6 @@ package io.bluemoon.authorizationserver.config;
import io.bluemoon.authorizationserver.config.handler.CustomAccessDeniedHandler;
import io.bluemoon.authorizationserver.config.handler.CustomHttp403ForbiddenEntryPoint;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

1
authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebMvcConfig.java
View File

@@ -6,7 +6,6 @@ import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.web.filter.ForwardedHeaderFilter;
import org.springframework.web.method.support.HandlerMethodArgumentResolver;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;

42
authorization-server/src/main/java/io/bluemoon/authorizationserver/config/WebSecurityConfig.java
View File

@@ -1,7 +1,7 @@
package io.bluemoon.authorizationserver.config;
import io.bluemoon.authorizationserver.config.handler.CustomAuthFailureHandler;
import io.bluemoon.authorizationserver.service.user.CustomUserDetailsServiceImpl;
import io.bluemoon.authorizationserver.service.user.CustomUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.context.annotation.Bean;
@@ -14,15 +14,10 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.security.web.csrf.CsrfFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.web.filter.CharacterEncodingFilter;
//import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client;
@Configuration
@EnableWebSecurity
@@ -32,18 +27,25 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
CustomAuthFailureHandler customAuthFailureHandler;
private CustomUserDetailsServiceImpl customUserDetailsService;
private CustomUserDetailsService customUserDetailsService;
public WebSecurityConfig(
CustomUserDetailsServiceImpl customUserDetailsService
CustomUserDetailsService customUserDetailsService
) {
this.customUserDetailsService = customUserDetailsService;
}
@Bean
public static PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
/**
* authentication processing
* if success -> Authentication in info object return
* els fail -> Exception
* impl 구현체 -> authentication provider 에서 구현해서 authentication object를 던져줌
*
* @return AuthenticationManager
* @throws Exception
*/
@@ -59,7 +61,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// --------------------------------- sso test
http.formLogin().loginPage("/login").permitAll().failureHandler(customAuthFailureHandler)
.and()
.requestMatchers().antMatchers("/login/**","/oauth/authorize")
.requestMatchers().antMatchers("/login/**", "/oauth/authorize")
.and()
.authorizeRequests().anyRequest().authenticated()
.and()
@@ -72,7 +74,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
}
/**
* authentication Object managing
*
@@ -84,6 +85,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
auth.authenticationProvider(daoAuthenticationProvider());
}
// @Bean
// @SuppressWarnings("deprecation")
// public static NoOpPasswordEncoder passwordEncoder() {
// return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
// }
/**
* user info at database for make authentication object
*
@@ -97,17 +104,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
return daoAuthenticationProvider;
}
// @Bean
// @SuppressWarnings("deprecation")
// public static NoOpPasswordEncoder passwordEncoder() {
// return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
// }
@Bean
public static PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
// social login
// @Bean

2
authorization-server/src/main/java/io/bluemoon/authorizationserver/config/handler/CustomOAuthExceptionSerializer.java
View File

@@ -29,6 +29,6 @@ public class CustomOAuthExceptionSerializer extends StdSerializer<CustomOAuthExc
gen.writeStringField(key, add);
}
}
gen.writeEndObject();;
gen.writeEndObject();
}
}

10
authorization-server/src/main/java/io/bluemoon/authorizationserver/controller/sso/SsoController.java
View File

@@ -7,7 +7,10 @@ import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.ConsumerTokenServices;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
@@ -57,7 +60,7 @@ public class SsoController {
httpSession.invalidate();
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie: cookies) {
for (Cookie cookie : cookies) {
cookie.setPath("/");
cookie.setSecure(true);
cookie.setMaxAge(0);
@@ -69,9 +72,6 @@ public class SsoController {
}
// @GetMapping(value = "/{facebook|google|kakao}/complete")
// public String loginComplete(HttpSession session) {
// OAuth2Authentication authentication = (OAuth2Authentication) SecurityContextHolder.getContext().getAuthentication();

1
authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/oauth/accesstoken/AccessTokenRepository.java
View File

@@ -1,7 +1,6 @@
package io.bluemoon.authorizationserver.domain.oauth.accesstoken;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import java.util.List;

4
authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/SocialType.java
View File

@@ -1,8 +1,6 @@
package io.bluemoon.authorizationserver.domain.social;
import lombok.Getter;
public enum SocialType {
public enum SocialType {
FACEBOOK("facebook"),
GOOGLE("google"),
UNEEDCOMMS("uneedcomms");

7
authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/social/UserArgumentResolver.java
View File

@@ -12,7 +12,6 @@ import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.support.WebDataBinderFactory;
import org.springframework.web.context.request.NativeWebRequest;
@@ -58,6 +57,7 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver {
/**
* 인증된 User 객체를 만드는 메인 메서드
*
* @param user
* @param session
* @return
@@ -92,7 +92,7 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver {
List<UserRole> userRoles = userRoleRepository.findByUser(user);
// role 부여
setRoleIfNotSame(user, authentication, map, userRoles);
setRoleIfNotSame(user, authentication, map, userRoles);
session.setAttribute("user", user);
} catch (ClassCastException e) {
return user;
@@ -104,6 +104,7 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver {
/**
* 사용자의 인증된 소셜 미디어 타입에 따라 빌더를 사용하여 User 객체를 만들어 주는 가교 역할
*
* @param authority
* @param map
* @return
@@ -117,6 +118,7 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver {
/**
* 페이스북이나 구글 같이 공통되는 명명규칙을 가진 그룹을 맵핑
*
* @param socialType
* @param map
* @return
@@ -156,6 +158,7 @@ public class UserArgumentResolver implements HandlerMethodArgumentResolver {
/**
* 인증된 authentication이 권한을 갖고 있는지 체크하는 용도
* 만약 저장된 User 권한이 없으면 SecurityContextHolder를 사용하여 해당 소셜미디어 타입으로 권한을 저장
*
* @param user
* @param authentication
* @param map

3
authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/CustomUserDetails.java
View File

@@ -1,6 +1,5 @@
package io.bluemoon.authorizationserver.domain.user;
import io.bluemoon.authorizationserver.domain.social.SocialType;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -29,7 +28,7 @@ public class CustomUserDetails implements UserDetails {
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<GrantedAuthority> authorities = new ArrayList<>();
for (String role: userRole) {
for (String role : userRole) {
authorities.add(new SimpleGrantedAuthority(role));
}
return authorities;

2
authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/User.java
View File

@@ -6,7 +6,6 @@ import lombok.*;
import javax.persistence.*;
import java.time.LocalDateTime;
import java.util.Collection;
import java.util.Date;
@Entity
@Getter
@@ -47,7 +46,6 @@ public class User {
private LocalDateTime updatedAt;
// //1:수퍼관리자, 2:관리자, 3:사용자
// @Column
// private String userType;

2
authorization-server/src/main/java/io/bluemoon/authorizationserver/domain/user/UserRepository.java
View File

@@ -1,9 +1,9 @@
package io.bluemoon.authorizationserver.domain.user;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
public interface UserRepository extends JpaRepository<User, Long> {
User findByUsername(String username);
User findByEmail(String email);
}

9
authorization-server/src/main/java/io/bluemoon/authorizationserver/service/sso/SsoServiceImpl.java → authorization-server/src/main/java/io/bluemoon/authorizationserver/service/sso/DefaultSsoService.java
View File

@@ -9,6 +9,7 @@ import org.springframework.transaction.annotation.Transactional;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
@@ -17,11 +18,11 @@ import java.util.Map;
import java.util.Optional;
@Service
public class SsoServiceImpl implements SsoService{
public class DefaultSsoService implements SsoService {
private AccessTokenRepository accessTokenRepository;
private ClientRepository clientRepository;
public SsoServiceImpl(
public DefaultSsoService(
AccessTokenRepository accessTokenRepository,
ClientRepository clientRepository
) {
@@ -44,13 +45,11 @@ public class SsoServiceImpl implements SsoService{
try {
MessageDigest digest = MessageDigest.getInstance("MD5");
byte[] bytes = digest.digest(value.getBytes("UTF-8"));
byte[] bytes = digest.digest(value.getBytes(StandardCharsets.UTF_8));
return String.format("%032x", new BigInteger(1, bytes));
} catch (NoSuchAlgorithmException e) {
throw new IllegalStateException("MD5 algorithm not avilable. Fatal (should be in the JDK).");
} catch (UnsupportedEncodingException e) {
throw new IllegalStateException("UTF-8 encoding not available. Fatal (should be in the JDK).");
}
}

7
authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsServiceImpl.java → authorization-server/src/main/java/io/bluemoon/authorizationserver/service/user/CustomUserDetailsService.java
View File

@@ -7,17 +7,16 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
@Service
public class CustomUserDetailsServiceImpl implements UserDetailsService {
public class CustomUserDetailsService implements UserDetailsService {
// User Info
private UserRepository userRepository;
private UserRoleRepository userRoleRepository;
public CustomUserDetailsServiceImpl(
public CustomUserDetailsService(
UserRepository userRepository,
UserRoleRepository userRoleRepository
) {
@@ -27,7 +26,7 @@ public class CustomUserDetailsServiceImpl implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
System.out.println("why?????????????"+username);
System.out.println("why?????????????" + username);
User user = userRepository.findByUsername(username);
System.out.println(user);
List<UserRole> userRole = userRoleRepository.findByUser(user);