From 6fb14149d62199cfcc0448c82eb2f51f9c5181de Mon Sep 17 00:00:00 2001
From: luliqiang <kidgrow>
Date: Thu, 31 Dec 2020 16:55:30 +0800
Subject: [PATCH] Merge branch 'dev' of http://192.168.2.240:7070/r/kidgrow-microservices-platform into parter

---
 kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java |   47 +++++++++++++++++++++++++++++++++++++++++------
 1 files changed, 41 insertions(+), 6 deletions(-)

diff --git a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java
index aca478e..70df892 100644
--- a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java
+++ b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java
@@ -6,16 +6,24 @@
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Lazy;
 import org.springframework.context.annotation.Primary;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.ProviderManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.code.RandomValueAuthorizationCodeServices;
 import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
@@ -42,8 +50,9 @@
     /**
      * 注入authenticationManager 来支持 password grant type
      */
-    @Autowired
-    private AuthenticationManager authenticationManager;
+//   @Autowired
+//    private AuthenticationManager authenticationManager;
+
 
     @Resource
     private UserDetailsService userDetailsService;
@@ -69,6 +78,11 @@
 
     @Autowired
     private RandomValueAuthorizationCodeServices authorizationCodeServices;
+    @Autowired
+    private AuthenticationProvider daoAuhthenticationOauthProvider;
+//    @Autowired
+//    private SingleTokenServices tokenServices;
+
 
     /**
      * 配置身份认证器，配置认证方式，TokenStore，TokenGranter，OAuth2RequestFactory
@@ -88,18 +102,39 @@
         }
         endpoints
                 //扩展tokenServices
-//                .tokenServices(tokenServices(endpoints))
                 .tokenServices(KidgrowTokenServices())
-                .authenticationManager(authenticationManager)
+                .authenticationManager(new AuthenticationManager(){
+                    @Override
+                    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+                        String token = (String) authentication.getPrincipal();
+                        OAuth2Authentication auth = KidgrowTokenServices().loadAuthentication(token);
+                        if (auth == null) {
+                            throw new InvalidTokenException("Invalid token: " + token);
+                        }
+                        return daoAuhthenticationOauthProvider.authenticate(authentication);
+                    }
+                })
                 .userDetailsService(userDetailsService)
-//                .tokenStore(tokenStore)
                 .authorizationCodeServices(authorizationCodeServices)
                 .exceptionTranslator(webResponseExceptionTranslator);
-    }
 
+    }
+    @Bean
+    DaoAuthenticationProvider daoAuthenticationProvider(){
+
+        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
+
+        daoAuthenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder());
+
+        daoAuthenticationProvider.setUserDetailsService(userDetailsService);
+
+        return daoAuthenticationProvider;
+
+    }
 
     @Bean
     @Primary
+    @Lazy
     public SingleTokenServices KidgrowTokenServices(){
         SingleTokenServices tokenServices = new SingleTokenServices();
         tokenServices.setTokenStore(tokenStore);

--
Gitblit v1.8.0