From 2bb9ea37d61dbbb27f5ea3909cac788fe09944f4 Mon Sep 17 00:00:00 2001 From: hengboy Date: Wed, 22 Jul 2020 15:11:42 +0800 Subject: [PATCH] [#42] Adapt "minbox-security" component --- .../api-boot-autoconfigure/pom.xml | 5 + ...piBootResourceServerAutoConfiguration.java | 2 +- .../security/ApiBootSecurityProperties.java | 5 +- .../ApiBootWebSecurityAutoConfiguration.java | 12 +- ...iBootWebSecurityJdbcAutoConfiguration.java | 18 +- ...ootWebSecurityMemoryAutoConfiguration.java | 6 +- .../api/boot/common/event/LoadUserEvent.java | 45 ---- .../api-boot-dependencies/pom.xml | 6 + .../pom.xml | 9 +- .../ApiBootWebSecurityConfiguration.java | 142 ------------ .../api/boot/secuirty/SecurityUser.java | 41 ---- .../delegate/ApiBootDefaultStoreDelegate.java | 213 ------------------ .../delegate/ApiBootStoreDelegate.java | 49 ---- .../ApiBootDefaultAccessDeniedHandler.java | 40 ---- .../jdbc/ApiBootDefaultUserEntity.java | 75 ------ ...piBootDefaultAuthenticationEntryPoint.java | 39 ---- .../ApiBootDefaultUserDetails.java | 75 ------ .../ApiBootUserDetailsService.java | 70 ------ .../DisableDefaultUserTableStoreDelegate.java | 4 +- 19 files changed, 38 insertions(+), 818 deletions(-) delete mode 100644 api-boot-project/api-boot-common/src/main/java/org/minbox/framework/api/boot/common/event/LoadUserEvent.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/ApiBootWebSecurityConfiguration.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/SecurityUser.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootDefaultStoreDelegate.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootStoreDelegate.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/handler/ApiBootDefaultAccessDeniedHandler.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/jdbc/ApiBootDefaultUserEntity.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/point/ApiBootDefaultAuthenticationEntryPoint.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootDefaultUserDetails.java delete mode 100644 api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootUserDetailsService.java diff --git a/api-boot-project/api-boot-autoconfigure/pom.xml b/api-boot-project/api-boot-autoconfigure/pom.xml index 851b1822..411b7c74 100644 --- a/api-boot-project/api-boot-autoconfigure/pom.xml +++ b/api-boot-project/api-boot-autoconfigure/pom.xml @@ -151,6 +151,11 @@ minbox-oauth true + + org.minbox.framework + minbox-security + true + diff --git a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootResourceServerAutoConfiguration.java b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootResourceServerAutoConfiguration.java index 1f914145..a8c672bc 100644 --- a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootResourceServerAutoConfiguration.java +++ b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootResourceServerAutoConfiguration.java @@ -17,7 +17,7 @@ package org.minbox.framework.api.boot.autoconfigure.oauth; import org.minbox.framework.api.boot.autoconfigure.security.ApiBootSecurityProperties; -import org.minbox.framework.api.boot.secuirty.SecurityUser; +import org.minbox.framework.security.SecurityUser; import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Configuration; diff --git a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootSecurityProperties.java b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootSecurityProperties.java index a40181cb..e9ef1441 100644 --- a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootSecurityProperties.java +++ b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootSecurityProperties.java @@ -17,10 +17,9 @@ package org.minbox.framework.api.boot.autoconfigure.security; import lombok.Data; -import org.minbox.framework.api.boot.secuirty.SecurityUser; +import org.minbox.framework.security.SecurityUser; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Configuration; -import org.minbox.framework.api.boot.secuirty.delegate.ApiBootStoreDelegate; import java.util.ArrayList; import java.util.List; @@ -86,7 +85,7 @@ public class ApiBootSecurityProperties { * the data in the "api_boot_user_info" table will be read by default for authentication *

* If the value is set to false, - * you need to implement the {@link ApiBootStoreDelegate} interface to complete the custom method of reading user data + * you need to implement the {@link org.minbox.framework.security.delegate.SecurityStoreDelegate} interface to complete the custom method of reading user data */ private boolean enableDefaultStoreDelegate = true; /** diff --git a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityAutoConfiguration.java b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityAutoConfiguration.java index f1eb19c1..7cf8907f 100644 --- a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityAutoConfiguration.java +++ b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityAutoConfiguration.java @@ -16,9 +16,9 @@ package org.minbox.framework.api.boot.autoconfigure.security; -import org.minbox.framework.api.boot.secuirty.ApiBootWebSecurityConfiguration; -import org.minbox.framework.api.boot.secuirty.handler.ApiBootDefaultAccessDeniedHandler; -import org.minbox.framework.api.boot.secuirty.point.ApiBootDefaultAuthenticationEntryPoint; +import org.minbox.framework.security.WebSecurityConfiguration; +import org.minbox.framework.security.handler.DefaultSecurityAccessDeniedHandler; +import org.minbox.framework.security.point.DefaultSecurityAuthenticationEntryPoint; import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.access.AccessDeniedHandler; import org.springframework.util.ObjectUtils; @@ -33,7 +33,7 @@ * @see ApiBootWebSecurityMemoryAutoConfiguration * @see ApiBootWebSecurityJdbcAutoConfiguration */ -public class ApiBootWebSecurityAutoConfiguration extends ApiBootWebSecurityConfiguration { +public class ApiBootWebSecurityAutoConfiguration extends WebSecurityConfiguration { protected ApiBootSecurityProperties apiBootSecurityProperties; private AccessDeniedHandler accessDeniedHandler; @@ -63,12 +63,12 @@ protected List configureIgnoreUrls() { @Override protected AccessDeniedHandler getAccessDeniedHandler() { - return ObjectUtils.isEmpty(this.accessDeniedHandler) ? new ApiBootDefaultAccessDeniedHandler() : this.accessDeniedHandler; + return ObjectUtils.isEmpty(this.accessDeniedHandler) ? new DefaultSecurityAccessDeniedHandler() : this.accessDeniedHandler; } @Override protected AuthenticationEntryPoint getAuthenticationEntryPoint() { - return ObjectUtils.isEmpty(this.authenticationEntryPoint) ? new ApiBootDefaultAuthenticationEntryPoint() : this.authenticationEntryPoint; + return ObjectUtils.isEmpty(this.authenticationEntryPoint) ? new DefaultSecurityAuthenticationEntryPoint() : this.authenticationEntryPoint; } @Override diff --git a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityJdbcAutoConfiguration.java b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityJdbcAutoConfiguration.java index fbeea89f..9c918fe6 100644 --- a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityJdbcAutoConfiguration.java +++ b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityJdbcAutoConfiguration.java @@ -16,10 +16,10 @@ package org.minbox.framework.api.boot.autoconfigure.security; -import org.minbox.framework.api.boot.secuirty.ApiBootWebSecurityConfiguration; -import org.minbox.framework.api.boot.secuirty.delegate.ApiBootDefaultStoreDelegate; -import org.minbox.framework.api.boot.secuirty.delegate.ApiBootStoreDelegate; -import org.minbox.framework.api.boot.secuirty.userdetails.ApiBootUserDetailsService; +import org.minbox.framework.security.WebSecurityConfiguration; +import org.minbox.framework.security.delegate.DefaultSecurityStoreDelegate; +import org.minbox.framework.security.delegate.SecurityStoreDelegate; +import org.minbox.framework.security.userdetails.SecurityUserDetailsService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.ObjectProvider; @@ -50,7 +50,7 @@ @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) @EnableConfigurationProperties(ApiBootSecurityProperties.class) -@ConditionalOnClass(ApiBootWebSecurityConfiguration.class) +@ConditionalOnClass(WebSecurityConfiguration.class) @ConditionalOnBean(DataSource.class) @ConditionalOnProperty(prefix = API_BOOT_SECURITY_PREFIX, name = "away", havingValue = "jdbc") @AutoConfigureAfter(DataSourceAutoConfiguration.class) @@ -68,18 +68,18 @@ public ApiBootWebSecurityJdbcAutoConfiguration(ApiBootSecurityProperties apiBoot @Override @Bean protected UserDetailsService userDetailsService() { - return new ApiBootUserDetailsService(); + return new SecurityUserDetailsService(); } /** * Use the default user authentication storage delegate class * * @param dataSource DataSource - * @return The default {@link ApiBootStoreDelegate} + * @return The default {@link SecurityStoreDelegate} */ @Bean @ConditionalOnProperty(prefix = API_BOOT_SECURITY_PREFIX, name = "enable-default-store-delegate", havingValue = "true", matchIfMissing = true) - public ApiBootStoreDelegate apiBootStoreDelegate(DataSource dataSource) { - return new ApiBootDefaultStoreDelegate(dataSource); + public SecurityStoreDelegate apiBootStoreDelegate(DataSource dataSource) { + return new DefaultSecurityStoreDelegate(dataSource); } } diff --git a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityMemoryAutoConfiguration.java b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityMemoryAutoConfiguration.java index cca502dc..f71b7693 100644 --- a/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityMemoryAutoConfiguration.java +++ b/api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/ApiBootWebSecurityMemoryAutoConfiguration.java @@ -16,8 +16,8 @@ package org.minbox.framework.api.boot.autoconfigure.security; -import org.minbox.framework.api.boot.secuirty.ApiBootWebSecurityConfiguration; -import org.minbox.framework.api.boot.secuirty.SecurityUser; +import org.minbox.framework.security.SecurityUser; +import org.minbox.framework.security.WebSecurityConfiguration; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.ObjectProvider; @@ -49,7 +49,7 @@ @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true) @EnableConfigurationProperties(ApiBootSecurityProperties.class) -@ConditionalOnClass(ApiBootWebSecurityConfiguration.class) +@ConditionalOnClass(WebSecurityConfiguration.class) @ConditionalOnProperty(prefix = API_BOOT_SECURITY_PREFIX, name = "away", havingValue = "memory", matchIfMissing = true) public class ApiBootWebSecurityMemoryAutoConfiguration extends ApiBootWebSecurityAutoConfiguration { /** diff --git a/api-boot-project/api-boot-common/src/main/java/org/minbox/framework/api/boot/common/event/LoadUserEvent.java b/api-boot-project/api-boot-common/src/main/java/org/minbox/framework/api/boot/common/event/LoadUserEvent.java deleted file mode 100644 index 0d8c58c1..00000000 --- a/api-boot-project/api-boot-common/src/main/java/org/minbox/framework/api/boot/common/event/LoadUserEvent.java +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.common.event; - - -import lombok.Getter; -import org.springframework.context.ApplicationEvent; - -/** - * 加载用户信息事件 - * - * @author:恒宇少年 - 于起宇 - *

- * DateTime:2019-03-14 16:13 - * Blog:http://blog.yuqiyu.com - * WebSite:http://www.jianshu.com/u/092df3f77bca - * Gitee:https://gitee.com/hengboy - * GitHub:https://github.com/hengboy - */ -@Getter -public class LoadUserEvent extends ApplicationEvent { - /** - * 获取用户信息的用户名 - */ - private String username; - - public LoadUserEvent(Object source, String username) { - super(source); - this.username = username; - } -} diff --git a/api-boot-project/api-boot-dependencies/pom.xml b/api-boot-project/api-boot-dependencies/pom.xml index 55336b10..15a6105f 100644 --- a/api-boot-project/api-boot-dependencies/pom.xml +++ b/api-boot-project/api-boot-dependencies/pom.xml @@ -30,6 +30,7 @@ 1.0.0.RELEASE 1.0.0.RELEASE 1.0.0.RELEASE + 1.0.0.RELEASE 1.0.0.RELEASE 1.0.5.RELEASE 1.1.3.RELEASE @@ -194,6 +195,11 @@ minbox-oauth ${minbox-oauth.version} + + org.minbox.framework + minbox-security + ${minbox-security.version} + diff --git a/api-boot-project/api-boot-starters/api-boot-starter-security-oauth-jwt/pom.xml b/api-boot-project/api-boot-starters/api-boot-starter-security-oauth-jwt/pom.xml index 9fa3ca76..797e0fe1 100644 --- a/api-boot-project/api-boot-starters/api-boot-starter-security-oauth-jwt/pom.xml +++ b/api-boot-project/api-boot-starters/api-boot-starter-security-oauth-jwt/pom.xml @@ -31,11 +31,6 @@ org.minbox.framework api-boot-starter - - - org.springframework.boot - spring-boot-starter-security - org.springframework.security.oauth @@ -58,6 +53,10 @@ org.minbox.framework minbox-oauth + + org.minbox.framework + minbox-security + diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/ApiBootWebSecurityConfiguration.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/ApiBootWebSecurityConfiguration.java deleted file mode 100644 index 9aeac850..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/ApiBootWebSecurityConfiguration.java +++ /dev/null @@ -1,142 +0,0 @@ -package org.minbox.framework.api.boot.secuirty; - -import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; -import org.springframework.context.annotation.Bean; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.crypto.password.PasswordEncoder; -import org.springframework.security.web.AuthenticationEntryPoint; -import org.springframework.security.web.access.AccessDeniedHandler; - -import java.util.Collections; -import java.util.List; - -/** - * ApiBoot integrates SpringSecurity configuration class - * - * @author 恒宇少年 - */ -public abstract class ApiBootWebSecurityConfiguration extends WebSecurityConfigurerAdapter { - /** - * Configure Excluded Path List - * - * @return Path list - */ - protected List configureIgnoreUrls() { - return Collections.emptyList(); - } - - /** - * Configure SpringSecurity Web - *

- * Set a list of paths to exclude security intercepts - *

- * - * @param web {@link WebSecurity} - */ - @Override - public void configure(WebSecurity web) { - WebSecurity.IgnoredRequestConfigurer ignoredRequestConfigurer = web.ignoring(); - configureIgnoreUrls().forEach(url -> ignoredRequestConfigurer.antMatchers(url)); - } - - /** - * Configure user authentication management - *

- * Password encryption method {@link #passwordEncoder()} - *

- * - * @param auth {@link AuthenticationManagerBuilder} - * @throws Exception exception - */ - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception { - auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder()); - } - - /** - * Authorized manager - * - * @return {@link AuthenticationManager} - * @throws Exception exception - */ - @Override - @Bean - public AuthenticationManager authenticationManagerBean() throws Exception { - return super.authenticationManagerBean(); - } - - /** - * Disable basic http - * - * @param http {@link HttpSecurity} - * @throws Exception exception - */ - @Override - protected void configure(HttpSecurity http) throws Exception { - if (disableHttpBasic()) { - http.httpBasic().disable(); - } - if (disableCsrf()) { - http.csrf().disable(); - } - http.exceptionHandling().accessDeniedHandler(getAccessDeniedHandler()); - http.exceptionHandling().authenticationEntryPoint(getAuthenticationEntryPoint()); - } - - /** - * Password encryption method - * - * @return {@link BCryptPasswordEncoder} - * @see PasswordEncoder - */ - @Bean - @ConditionalOnMissingBean - public PasswordEncoder passwordEncoder() { - return new BCryptPasswordEncoder(); - } - - /** - * Get spring security exception handler - *

- * This method is left to the implementation class to obtain the customized {@link AccessDeniedHandler} implementation class IOC instance from the project - * If the implementation class does not return an instance, - * the default {@link org.minbox.framework.api.boot.plugin.security.handler.ApiBootDefaultAccessDeniedHandler} is used to return - *

- * - * @return {@link AccessDeniedHandler} - */ - protected abstract AccessDeniedHandler getAccessDeniedHandler(); - - /** - * Get authentication endpoint processing - * - * @return {@link AuthenticationEntryPoint} - */ - protected abstract AuthenticationEntryPoint getAuthenticationEntryPoint(); - - /** - * Disable basic http - *

- * This method is an abstract method, and the logic is implemented by subclasses - *

- * - * @return Disable HttpBasic or not - * @see ApiBootWebSecurityConfiguration#configure(HttpSecurity) - */ - protected abstract boolean disableHttpBasic(); - - /** - * Disable csrf - *

- * This method is an abstract method, and the logic is implemented by subclasses - *

- * - * @return Disable Csrf or not - */ - protected abstract boolean disableCsrf(); -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/SecurityUser.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/SecurityUser.java deleted file mode 100644 index 1bac4f38..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/SecurityUser.java +++ /dev/null @@ -1,41 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.secuirty; - -import lombok.Data; - -/** - * Security user - * - * @author 恒宇少年 - */ -@Data -public class SecurityUser { - /** - * Username - */ - private String username; - /** - * Password - */ - private String password; - /** - * User roles - * the default value is "api" - */ - private String[] roles = new String[]{"api"}; -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootDefaultStoreDelegate.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootDefaultStoreDelegate.java deleted file mode 100644 index 9df938ba..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootDefaultStoreDelegate.java +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.secuirty.delegate; - -import com.google.common.base.CaseFormat; -import org.minbox.framework.api.boot.common.exception.ApiBootException; -import org.minbox.framework.api.boot.secuirty.userdetails.ApiBootDefaultUserDetails; -import org.minbox.framework.api.boot.secuirty.jdbc.ApiBootDefaultUserEntity; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.util.ObjectUtils; - -import javax.sql.DataSource; -import java.lang.reflect.Field; -import java.sql.*; - -/** - * The {@link ApiBootStoreDelegate} default implement - *

- * Query {@link UserDetails} according to the agreed default table structure - * - * @author 恒宇少年 - */ -public class ApiBootDefaultStoreDelegate implements ApiBootStoreDelegate { - /** - * logger instance - */ - static Logger logger = LoggerFactory.getLogger(ApiBootDefaultStoreDelegate.class); - /** - * Query {@link UserDetails} SQL by default - * - * @see ApiBootDefaultUserDetails - * @see ApiBootDefaultUserEntity - */ - static String DEFAULT_SELECT_USER_SQL = "SELECT UI_ID, UI_USER_NAME, UI_NICK_NAME, UI_PASSWORD, UI_EMAIL, UI_AGE, UI_ADDRESS, UI_IS_LOCKED, UI_IS_ENABLED, UI_STATUS, UI_CREATE_TIME FROM API_BOOT_USER_INFO WHERE UI_USER_NAME = ?"; - /** - * DataSource Instance - *

- * Get {@link Connection} read {@link UserDetails} - */ - private DataSource dataSource; - - /** - * Initialize {@link DataSource} with constructor - * - * @param dataSource {@link #dataSource} - */ - public ApiBootDefaultStoreDelegate(DataSource dataSource) { - this.dataSource = dataSource; - } - - /** - * Query {@link UserDetails} - *

- * Query the user information in the "api_boot_user_info" table by default - * - * @param username {@link UserDetails#getUsername()} - * @return {@link ApiBootDefaultUserDetails} - * @throws UsernameNotFoundException Throw the exception when the user does not exist - */ - @Override - public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - ApiBootDefaultUserDetails userDetails = findUser(username); - logger.debug("Load user :{} complete.", username); - return userDetails; - } - - /** - * Query User - *

- * Query user information according to database link of data source - * - * @param username {@link UserDetails#getUsername()} - * @return {@link ApiBootDefaultUserDetails} - */ - private ApiBootDefaultUserDetails findUser(String username) { - Connection connection = null; - PreparedStatement ps = null; - ResultSet resultSet = null; - try { - connection = dataSource.getConnection(); - ps = connection.prepareStatement(DEFAULT_SELECT_USER_SQL); - ps.setString(1, username); - resultSet = ps.executeQuery(); - return wrapperOneResult(ApiBootDefaultUserDetails.class, resultSet); - } catch (Exception e) { - throw new UsernameNotFoundException("Username:" + username + ",not found."); - } finally { - closeResultSet(resultSet); - closeStatement(ps); - closeConnection(connection); - } - } - - /** - * Cleanup helper method that closes the given {@link ResultSet} - * while ignoring any errors. - * - * @param connection {@link Connection} - */ - private static void closeConnection(Connection connection) { - if (null != connection) { - try { - connection.close(); - } catch (SQLException ignore) { - } - } - } - - /** - * Cleanup helper method that closes the given {@link ResultSet} - * while ignoring any errors. - * - * @param rs {@link ResultSet} - */ - private static void closeResultSet(ResultSet rs) { - if (null != rs) { - try { - rs.close(); - } catch (SQLException ignore) { - } - } - } - - /** - * Cleanup helper method that closes the given Statement - * while ignoring any errors. - * - * @param statement {@link Statement} - */ - private static void closeStatement(Statement statement) { - if (null != statement) { - try { - statement.close(); - } catch (SQLException ignore) { - } - } - } - - /** - * Encapsulation handles individual results - *

- * Convention: return the field of the object to follow the rule of lowercase first letter, - * uppercase first letter after '?' (corresponding column name) - * - * @param resultClass Result Object Class - * @param rs {@link ResultSet} - * @param generic types - * @return Result Object Instance - */ - private T wrapperOneResult(Class resultClass, ResultSet rs) throws ApiBootException { - Object resultObj = null; - try { - ResultSetMetaData metaData = rs.getMetaData(); - int columnCount = metaData.getColumnCount(); - - while (rs.next()) { - resultObj = resultClass.newInstance(); - for (int index = 1; index < columnCount + 1; index++) { - String columnName = metaData.getColumnName(index); - Object columnValue = rs.getObject(columnName); - if (columnValue != null) { - String fieldName = columnNameToFieldName(columnName); - Field field; - try { - field = resultClass.getDeclaredField(fieldName); - } catch (NoSuchFieldException e) { - try { - field = resultClass.getSuperclass().getDeclaredField(fieldName); - } catch (NoSuchFieldException e2) { - throw new ApiBootException("No such filed : " + fieldName); - } - } - field.setAccessible(true); - field.set(resultObj, columnValue); - } - } - } - } catch (Exception e) { - throw new ApiBootException("Encapsulation result set object encounters exception information:" + e.getMessage(), e); - } - return ObjectUtils.isEmpty(resultObj) ? null : (T) resultObj; - } - - /** - * Column name converts the name of a field - * for example: - * "user_name" to "userName" - * - * @param columnName The column name - * @return class field name - */ - private String columnNameToFieldName(String columnName) { - String fieldName = columnName.toLowerCase(); - return CaseFormat.LOWER_UNDERSCORE.to(CaseFormat.LOWER_CAMEL, fieldName); - } -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootStoreDelegate.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootStoreDelegate.java deleted file mode 100644 index b08e179f..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/delegate/ApiBootStoreDelegate.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.secuirty.delegate; - -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UsernameNotFoundException; - -import java.io.Serializable; - -/** - * Data storage delegation interface - *

- * To integrate SpringSecurity with ApiBoot, you need to query the agent class of {@link UserDetails} - * Use {@link ApiBootDefaultStoreDelegate} by default - * - * @author 恒宇少年 - */ -public interface ApiBootStoreDelegate extends Serializable { - /** - * Query user - *

- * Users use to authenticate SpringSecurity - * When we use JDBC to store users, we need to query {@link UserDetails} from the database according to the {@link UserDetails#getUsername()} - * If oauth2 is integrated, it corresponds to the {@link UserDetails#getUsername()} and {@link UserDetails#getPassword()} - * of "grant_type=password" authorization mode - *

- * It should be noted that: - * do not use this method in memory mode - * - * @param username {@link UserDetails#getUsername()} - * @return {@link UserDetails} - * @throws UsernameNotFoundException Throw this exception if the user does not exist - */ - UserDetails loadUserByUsername(String username) throws UsernameNotFoundException; -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/handler/ApiBootDefaultAccessDeniedHandler.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/handler/ApiBootDefaultAccessDeniedHandler.java deleted file mode 100644 index 1eff8869..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/handler/ApiBootDefaultAccessDeniedHandler.java +++ /dev/null @@ -1,40 +0,0 @@ -package org.minbox.framework.api.boot.secuirty.handler; - -import com.alibaba.fastjson.JSON; -import org.minbox.framework.api.boot.common.model.ApiBootResult; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.web.access.AccessDeniedHandler; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * {@link AccessDeniedHandler} exception handler - *

- * Implement authentication exception custom return format content to front end - * - * @author 恒宇少年 - */ -public class ApiBootDefaultAccessDeniedHandler implements AccessDeniedHandler { - /** - * logger instance - */ - static Logger logger = LoggerFactory.getLogger(ApiBootDefaultAccessDeniedHandler.class); - - @Override - public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException { - logger.error("ApiBoot Default AccessDeniedHandler.", e); - response.setContentType(MediaType.APPLICATION_JSON_VALUE); - response.setStatus(HttpStatus.OK.value()); - // ApiBoot Result - ApiBootResult result = ApiBootResult.builder().errorMessage(HttpStatus.FORBIDDEN.getReasonPhrase()).errorCode(String.valueOf(HttpStatus.FORBIDDEN.value())).build(); - // return json - response.getWriter().write(JSON.toJSONString(result)); - } -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/jdbc/ApiBootDefaultUserEntity.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/jdbc/ApiBootDefaultUserEntity.java deleted file mode 100644 index bcf862f6..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/jdbc/ApiBootDefaultUserEntity.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.secuirty.jdbc; - -import lombok.Data; - -import java.sql.Timestamp; - -/** - * Created with Code-Builder. - * 表名: api_boot_user_info - ApiBoot默认的用户信息表 - 数据实体 - * - * @author 恒宇少年 - */ -@Data -public class ApiBootDefaultUserEntity { - /** - * UI_ID - 用户编号,主键自增 - */ - private Integer uiId; - /** - * UI_USER_NAME - 用户名 - */ - private String uiUserName; - /** - * UI_NICK_NAME - 用户昵称 - */ - private String uiNickName; - /** - * UI_PASSWORD - 用户密码 - */ - private String uiPassword; - /** - * UI_EMAIL - 用户邮箱地址 - */ - private String uiEmail; - /** - * UI_AGE - 用户年龄 - */ - private Integer uiAge; - /** - * UI_ADDRESS - 用户地址 - */ - private String uiAddress; - /** - * UI_IS_LOCKED - 是否锁定 - */ - private String uiIsLocked; - /** - * UI_IS_ENABLED - 是否启用 - */ - private String uiIsEnabled; - /** - * UI_STATUS - O:正常,D:已删除 - */ - private String uiStatus; - /** - * UI_CREATE_TIME - 用户创建时间 - */ - private Timestamp uiCreateTime; -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/point/ApiBootDefaultAuthenticationEntryPoint.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/point/ApiBootDefaultAuthenticationEntryPoint.java deleted file mode 100644 index 596b1937..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/point/ApiBootDefaultAuthenticationEntryPoint.java +++ /dev/null @@ -1,39 +0,0 @@ -package org.minbox.framework.api.boot.secuirty.point; - -import com.alibaba.fastjson.JSON; -import org.minbox.framework.api.boot.common.model.ApiBootResult; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.http.HttpStatus; -import org.springframework.http.MediaType; -import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.AuthenticationEntryPoint; - -import javax.servlet.ServletException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; - -/** - * The {@link AuthenticationEntryPoint} implement class - *

- * The default implementation class of {@link AuthenticationEntryPoint} provided by ApiBoot - * @author 恒宇少年 - */ -public class ApiBootDefaultAuthenticationEntryPoint implements AuthenticationEntryPoint { - /** - * logger instance - */ - static Logger logger = LoggerFactory.getLogger(ApiBootDefaultAuthenticationEntryPoint.class); - - @Override - public void commence(HttpServletRequest httpServletRequest, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException { - logger.error("Unauthorized", e); - response.setContentType(MediaType.APPLICATION_JSON_VALUE); - response.setStatus(HttpStatus.FORBIDDEN.value()); - // ApiBoot Result - ApiBootResult result = ApiBootResult.builder().errorMessage(HttpStatus.UNAUTHORIZED.getReasonPhrase()).errorCode(String.valueOf(HttpStatus.UNAUTHORIZED.value())).build(); - // return json - response.getWriter().write(JSON.toJSONString(result)); - } -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootDefaultUserDetails.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootDefaultUserDetails.java deleted file mode 100644 index 40f280cc..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootDefaultUserDetails.java +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.secuirty.userdetails; - -import lombok.Data; -import org.minbox.framework.api.boot.common.enums.YesOrNo; -import org.minbox.framework.api.boot.secuirty.jdbc.ApiBootDefaultUserEntity; -import org.minbox.framework.api.boot.secuirty.delegate.ApiBootDefaultStoreDelegate; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.UserDetails; - -import java.util.ArrayList; -import java.util.Collection; - -/** - * The default {@link UserDetails} implement class - * - * @author 恒宇少年 - * @see ApiBootDefaultStoreDelegate#loadUserByUsername(String) - */ -@Data -public class ApiBootDefaultUserDetails extends ApiBootDefaultUserEntity implements UserDetails { - @Override - public Collection getAuthorities() { - return new ArrayList() { - { - add((GrantedAuthority) () -> "ROLE_USER"); - } - }; - } - - @Override - public String getPassword() { - return super.getUiPassword(); - } - - @Override - public String getUsername() { - return super.getUiUserName(); - } - - @Override - public boolean isAccountNonExpired() { - return true; - } - - @Override - public boolean isAccountNonLocked() { - return YesOrNo.NO.getValue().equals(super.getUiIsLocked()); - } - - @Override - public boolean isCredentialsNonExpired() { - return true; - } - - @Override - public boolean isEnabled() { - return YesOrNo.YES.getValue().equals(super.getUiIsEnabled()); - } -} diff --git a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootUserDetailsService.java b/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootUserDetailsService.java deleted file mode 100644 index 3abd9394..00000000 --- a/api-boot-project/api-boot/src/main/java/org/minbox/framework/api/boot/secuirty/userdetails/ApiBootUserDetailsService.java +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright [2019] [恒宇少年 - 于起宇] - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.minbox.framework.api.boot.secuirty.userdetails; - -import org.minbox.framework.api.boot.common.event.LoadUserEvent; -import org.minbox.framework.api.boot.secuirty.delegate.ApiBootStoreDelegate; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationContext; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; - -/** - * The {@link UserDetailsService} implement class - *

- * ApiBoot integrates spring security user query logic implementation - * - * @author 恒宇少年 - */ -public class ApiBootUserDetailsService implements UserDetailsService { - /** - * logger instance - */ - static Logger logger = LoggerFactory.getLogger(ApiBootUserDetailsService.class); - /** - * Spring {@link ApplicationContext} - */ - @Autowired - private ApplicationContext applicationContext; - - /** - * Query basic user information according to user name - *

- * Publish load user event event event after querying user information - * - * @param username {@link UserDetails#getUsername()} - * @return {@link UserDetails} - * @throws UsernameNotFoundException Throw the exception when the user does not exist - */ - @Override - public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - logger.info("Login user:[{}]", username); - - // find ApiBootStoreDelegate support instance - // default is org.minbox.framework.api.boot.plugin.security.delegate.ApiBootDefaultStoreDelegate - ApiBootStoreDelegate apiBootStoreDelegate = applicationContext.getBean(ApiBootStoreDelegate.class); - UserDetails userDetails = apiBootStoreDelegate.loadUserByUsername(username); - - // publish loadUserEvent - applicationContext.publishEvent(new LoadUserEvent(this, username)); - - return userDetails; - } -} diff --git a/api-boot-samples/api-boot-sample-security-oauth-jwt/src/main/java/org/minbox/framework/api/boot/sample/DisableDefaultUserTableStoreDelegate.java b/api-boot-samples/api-boot-sample-security-oauth-jwt/src/main/java/org/minbox/framework/api/boot/sample/DisableDefaultUserTableStoreDelegate.java index bce3823b..331bf96f 100644 --- a/api-boot-samples/api-boot-sample-security-oauth-jwt/src/main/java/org/minbox/framework/api/boot/sample/DisableDefaultUserTableStoreDelegate.java +++ b/api-boot-samples/api-boot-sample-security-oauth-jwt/src/main/java/org/minbox/framework/api/boot/sample/DisableDefaultUserTableStoreDelegate.java @@ -1,6 +1,6 @@ package org.minbox.framework.api.boot.sample; -import org.minbox.framework.api.boot.secuirty.delegate.ApiBootStoreDelegate; +import org.minbox.framework.security.delegate.SecurityStoreDelegate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; @@ -20,7 +20,7 @@ * GitHub:https://github.com/hengboy */ @Component -public class DisableDefaultUserTableStoreDelegate implements ApiBootStoreDelegate { +public class DisableDefaultUserTableStoreDelegate implements SecurityStoreDelegate { @Autowired private SystemUserMapper systemUserMapper;