用github做oauth2认证

spring5-auth/README.md

@@ -0,0 +1,10 @@
+# spring5_oauth2.0
+
+## github 认证
+1. [https://www.baeldung.com/spring-oauth-login-webflux](https://www.baeldung.com/spring-oauth-login-webflux)
+
+
+
+
+
+

spring5-auth/pom.xml

@@ -15,7 +15,49 @@
     </parent>
     
 	<dependencies>
-	   
+	    <!--oauth2认证-->
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-security</artifactId>
+        </dependency>
+<!--         <dependency> -->
+<!--             <groupId>org.springframework.security.oauth</groupId> -->
+<!--             <artifactId>spring-security-oauth2</artifactId> -->
+<!--             <version>[2.2.4,)</version> -->
+<!--         </dependency> -->
+<!--         <dependency> -->
+<!--             <groupId>org.springframework.security</groupId> -->
+<!--             <artifactId>spring-security-jwt</artifactId> -->
+<!--             <version>RELEASE</version> -->
+<!--         </dependency> -->
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-oauth2-client</artifactId>
+        </dependency>
+<!--         <dependency> -->
+<!--             <groupId>org.springframework.security</groupId> -->
+<!--             <artifactId>spring-security-oauth2-jose</artifactId> -->
+<!--         </dependency> -->
+<!--         <dependency> -->
+<!--             <groupId>org.springframework.security</groupId> -->
+<!--             <artifactId>spring-security-config</artifactId> -->
+<!--         </dependency> -->
+        
+        <!-- Spring Boot Web 依赖 -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.thymeleaf.extras</groupId>
+            <artifactId>thymeleaf-extras-springsecurity5</artifactId>
+        </dependency>
 		
 	</dependencies>
 </project>

spring5-auth/src/main/java/com/yaozhitech/spring5/Oauth2Application.java

@@ -0,0 +1,12 @@
+package com.yaozhitech.spring5;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+
+@SpringBootApplication
+public class Oauth2Application {
+    public static void main(String[] args) {
+        SpringApplication.run(Oauth2Application.class, args);
+    }
+}

spring5-auth/src/main/java/com/yaozhitech/spring5/config/AuthorizationServerConfig.java

@@ -0,0 +1,145 @@
+package com.yaozhitech.spring5.config;
+
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class AuthorizationServerConfig {
+	
+//	@Bean
+//	SecurityWebFilterChain configure(ServerHttpSecurity http) throws Exception {
+//	    http
+//	        // ...
+//	        .oauth2Client(withDefaults());
+//	    return http.build();
+//	}
+
+//    @Autowired
+//    @Qualifier("authenticationManagerBean")
+//    private AuthenticationManager authenticationManager;
+//
+//    @Qualifier("dataSource")
+//    @Autowired
+//    DataSource dataSource;
+//
+//    @Autowired
+//    @Qualifier("userDetailsService")
+//    UserDetailsService userDetailsService;
+//
+//    /**
+//     * jwt 对称加密密钥
+//     */
+//    @Value("${spring.security.oauth2.jwt.signingKey}")
+//    private String signingKey;
+//
+//    @Override
+//    public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
+//        // 支持将client参数放在header或body中
+//        oauthServer.allowFormAuthenticationForClients();
+//        oauthServer.tokenKeyAccess("isAuthenticated()")
+//                .checkTokenAccess("permitAll()");
+//    }
+//
+//    @Override
+//    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+//        // 配置客户端信息，从数据库中读取，对应oauth_client_details表
+//        clients.jdbc(dataSource);
+//    }
+//
+//    @Override
+//    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
+//        // 配置token的数据源、自定义的tokenServices等信息,配置身份认证器，配置认证方式，TokenStore，TokenGranter，OAuth2RequestFactory
+//        endpoints.tokenStore(tokenStore())
+//                .authorizationCodeServices(authorizationCodeServices())
+//                .approvalStore(approvalStore())
+//                .exceptionTranslator(customExceptionTranslator())
+//                .tokenEnhancer(tokenEnhancerChain())
+//                .authenticationManager(authenticationManager)
+//                .userDetailsService(userDetailsService)
+//                //update by joe_chen add  granter
+//                .tokenGranter(tokenGranter(endpoints));
+//
+//    }
+//
+//    /**
+//     * 自定义OAuth2异常处理
+//     *
+//     * @return CustomWebResponseExceptionTranslator
+//     */
+//    @Bean
+//    public WebResponseExceptionTranslator<OAuth2Exception> customExceptionTranslator() {
+//        return new CustomWebResponseExceptionTranslator();
+//    }
+//
+//    /**
+//     * 授权信息持久化实现
+//     *
+//     * @return JdbcApprovalStore
+//     */
+//    @Bean
+//    public ApprovalStore approvalStore() {
+//        return new JdbcApprovalStore(dataSource);
+//    }
+//
+//    /**
+//     * 授权码模式持久化授权码code
+//     *
+//     * @return JdbcAuthorizationCodeServices
+//     */
+//    @Bean
+//    protected AuthorizationCodeServices authorizationCodeServices() {
+//        // 授权码存储等处理方式类，使用jdbc，操作oauth_code表
+//        return new JdbcAuthorizationCodeServices(dataSource);
+//    }
+//
+//    /**
+//     * token的持久化
+//     *
+//     * @return JwtTokenStore
+//     */
+//    @Bean
+//    public TokenStore tokenStore() {
+//        return new JwtTokenStore(accessTokenConverter());
+//    }
+//
+//    /**
+//     * 自定义token
+//     *
+//     * @return tokenEnhancerChain
+//     */
+//    @Bean
+//    public TokenEnhancerChain tokenEnhancerChain() {
+//        TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
+//        tokenEnhancerChain.setTokenEnhancers(Arrays.asList(new CustomTokenEnhancer(), accessTokenConverter()));
+//        return tokenEnhancerChain;
+//    }
+//
+//    /**
+//     * jwt token的生成配置
+//     *
+//     * @return
+//     */
+//    @Bean
+//    public JwtAccessTokenConverter accessTokenConverter() {
+//        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
+//        converter.setSigningKey(signingKey);
+//        return converter;
+//    }
+//
+//    /**
+//     * 配置自定义的granter,手机号验证码登陆
+//     *
+//     * @param endpoints
+//     * @return
+//     * @auth joe_chen
+//     */
+//    public TokenGranter tokenGranter(final AuthorizationServerEndpointsConfigurer endpoints) {
+//        List<TokenGranter> granters = Lists.newArrayList(endpoints.getTokenGranter());
+//        granters.add(new MobileTokenGranter(
+//                authenticationManager,
+//                endpoints.getTokenServices(),
+//                endpoints.getClientDetailsService(),
+//                endpoints.getOAuth2RequestFactory()));
+//        return new CompositeTokenGranter(granters);
+//    }
+
+}

spring5-auth/src/main/java/com/yaozhitech/spring5/controller/LoginController.java

@@ -0,0 +1,19 @@
+package com.yaozhitech.spring5.controller;
+
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.security.oauth2.core.user.OAuth2User;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class LoginController {
+
+	@GetMapping("/")
+	public String index(Model model,
+						@AuthenticationPrincipal OAuth2User oauth2User) {
+		model.addAttribute("userName", oauth2User.getName());
+		model.addAttribute("userAttributes", oauth2User.getAttributes());
+		return "index";
+	}
+}

spring5-auth/src/main/resources/application.yml

@@ -0,0 +1,22 @@
+server:
+  port: 8080
+
+logging:
+  level:
+    root: INFO
+    org.springframework.web: INFO
+    org.springframework.security: INFO
+#    org.springframework.boot.autoconfigure: DEBUG
+
+spring:
+  thymeleaf:
+    cache: false
+  security:
+    oauth2:
+      client:
+        registration:
+          github:
+            client-id: 7b9c752378a3d95a4529
+            client-secret: f635d8c7d44a50bdf12f2055e7e44b2bbc9c1043
+            authorization-grant-type: authorization_code
+            scope: read:user,public_repo

spring5-auth/src/main/resources/templates/index.html

@@ -0,0 +1,34 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="https://www.thymeleaf.org" xmlns:sec="https://www.thymeleaf.org/thymeleaf-extras-springsecurity5">
+<head>
+    <title>Spring Security - OAuth 2.0 Login</title>
+    <meta charset="utf-8" />
+</head>
+<body>
+<div style="float: right" th:fragment="logout" sec:authorize="isAuthenticated()">
+    <div style="float:left">
+        <span style="font-weight:bold">User: </span><span sec:authentication="name"></span>
+    </div>
+    <div style="float:none">&nbsp;</div>
+    <div style="float:right">
+        <form action="#" th:action="@{/logout}" method="post">
+            <input type="submit" value="Logout" />
+        </form>
+    </div>
+</div>
+<h1>OAuth 2.0 Login with Spring Security</h1>
+<div>
+    You are successfully logged in <span style="font-weight:bold" th:text="${userName}"></span>
+    via the OAuth 2.0 Client <span style="font-weight:bold" th:text="${clientName}"></span>
+</div>
+<div>&nbsp;</div>
+<div>
+    <span style="font-weight:bold">User Attributes:</span>
+    <ul>
+        <li th:each="userAttribute : ${userAttributes}">
+            <span style="font-weight:bold" th:text="${userAttribute.key}"></span>: <span th:text="${userAttribute.value}"></span>
+        </li>
+    </ul>
+</div>
+</body>
+</html>

spring5-gateway/README.md

@@ -0,0 +1,55 @@
+# spring5_demo1
+
+spring5_demo
+
+
+spring5 -> webflux ->spring gateway
+
+## 版本
+* 2.2.* -> Hoxton
+* 2.1.* -> Greenwich
+* 2.0.* -> Finchley
+
+## 路由配置参考
+1. [https://www.jianshu.com/p/86660b8b24c4](https://www.jianshu.com/p/86660b8b24c4)
+2. [https://www.jdon.com/51642](https://www.jdon.com/51642)
+3.  
+
+## gateway filter
+1. AddRequestHeader 添加header给下流接口
+2. AddRequestParameter 
+3. AddResponseHeader 
+4. DedupeResponseHeader 剔除重复的响应头
+5. Hystrix 未来，Hystrix会被Spring Cloud移除掉，取而代之的是Alibaba Sentinel/Resilience4J
+6. PrefixPath 为匹配的路由添加前缀
+7. PreserveHostHeader
+8. RequestRateLimiter
+9. RedirectTo
+10. RemoveRequestHeader
+11. RemoveResponseHeader
+12. RewritePath
+13. RewriteResponseHeader
+14. SaveSession 
+15. RequestSize 为后端服务设置收到的最大请求包大小
+16. CircuitBreaker
+17. ...
+
+## 全局过滤器
+1. ReactiveLoadBalancerClientFilter
+2. Gateway Metrics
+3. 
+
+## 单元测试
+1. wiremock
+2. [https://www.infoq.com/articles/stubbing-mocking-service-virtualization-differences](https://www.infoq.com/articles/stubbing-mocking-service-virtualization-differences/)
+
+## 其他
+1. spring.cloud.gateway.discovery.locator.enabled=true
+2. actuator 配置
+3. 
+
+
+
+
+
+