From 88b335cf1352479a5ffdb6305ce42b32e0122622 Mon Sep 17 00:00:00 2001
From: luliqiang <kidgrow>
Date: Tue, 11 Aug 2020 09:45:14 +0800
Subject: [PATCH] Merge branch 'dev' of http://192.168.2.240:7070/r/kidgrow-microservices-platform into dev

---
 kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java |   46 ++++++++++++++++++++++++++++++++++++++++------
 1 files changed, 40 insertions(+), 6 deletions(-)

diff --git a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java
index aca478e..84121f2 100644
--- a/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java
+++ b/kidgrow-uaa/kidgrow-uaa-server/src/main/java/com/kidgrow/oauth2/config/AuthorizationServerConfig.java
@@ -3,19 +3,27 @@
 import com.kidgrow.oauth2.handler.SingleTokenServices;
 import com.kidgrow.oauth2.service.impl.RedisClientDetailsService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.boot.autoconfigure.AutoConfigureAfter;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Primary;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.ProviderManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
 import org.springframework.security.oauth2.provider.code.RandomValueAuthorizationCodeServices;
 import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
@@ -42,8 +50,9 @@
     /**
      * 注入authenticationManager 来支持 password grant type
      */
-    @Autowired
-    private AuthenticationManager authenticationManager;
+//   @Autowired
+//    private AuthenticationManager authenticationManager;
+
 
     @Resource
     private UserDetailsService userDetailsService;
@@ -69,6 +78,11 @@
 
     @Autowired
     private RandomValueAuthorizationCodeServices authorizationCodeServices;
+    @Autowired
+    private AuthenticationProvider daoAuhthenticationOauthProvider;
+    @Autowired
+    private SingleTokenServices tokenServices;
+
 
     /**
      * 配置身份认证器，配置认证方式，TokenStore，TokenGranter，OAuth2RequestFactory
@@ -88,15 +102,35 @@
         }
         endpoints
                 //扩展tokenServices
-//                .tokenServices(tokenServices(endpoints))
                 .tokenServices(KidgrowTokenServices())
-                .authenticationManager(authenticationManager)
+                .authenticationManager(new AuthenticationManager(){
+                    @Override
+                    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+                        String token = (String) authentication.getPrincipal();
+                        OAuth2Authentication auth = tokenServices.loadAuthentication(token);
+                        if (auth == null) {
+                            throw new InvalidTokenException("Invalid token: " + token);
+                        }
+                        return daoAuhthenticationOauthProvider.authenticate(authentication);
+                    }
+                })
                 .userDetailsService(userDetailsService)
-//                .tokenStore(tokenStore)
                 .authorizationCodeServices(authorizationCodeServices)
                 .exceptionTranslator(webResponseExceptionTranslator);
-    }
 
+    }
+    @Bean
+    DaoAuthenticationProvider daoAuthenticationProvider(){
+
+        DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
+
+        daoAuthenticationProvider.setPasswordEncoder(new BCryptPasswordEncoder());
+
+        daoAuthenticationProvider.setUserDetailsService(userDetailsService);
+
+        return daoAuthenticationProvider;
+
+    }
 
     @Bean
     @Primary

--
Gitblit v1.8.0