项目初始化

datax-auth/src/main/java/cn/datax/auth/config/AuthorizationServerConfig.java

@@ -20,9 +20,7 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Aut
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
-import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
-import org.springframework.security.oauth2.provider.token.TokenEnhancer;
-import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.*;
 
 import javax.sql.DataSource;
 import java.util.HashMap;
@@ -69,8 +67,9 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
      * @throws Exception
      */
     @Override
-    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
-        security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()")
+    public void configure(AuthorizationServerSecurityConfigurer security) {
+        security.tokenKeyAccess("permitAll()")
+                .checkTokenAccess("isAuthenticated()")
                 .allowFormAuthenticationForClients()
                 .authenticationEntryPoint(exceptionEntryPoint)
                 .accessDeniedHandler(accessDeniedHandler);
@@ -82,7 +81,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
      * @throws Exception
      */
     @Override
-    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
         endpoints.tokenStore(tokenStore())
                 .tokenServices(tokenServices())
                 .userDetailsService(userDetailService)

datax-auth/src/main/java/cn/datax/auth/translator/DataWebResponseExceptionTranslator.java

@@ -26,7 +26,7 @@ public class DataWebResponseExceptionTranslator implements WebResponseExceptionT
     }
 
     @Override
-    public ResponseEntity<OAuth2Exception> translate(Exception e) throws Exception {
+    public ResponseEntity<OAuth2Exception> translate(Exception e) {
         log.error(e.getMessage(), e);
 
         // Try to extract a SpringSecurityException from the stacktrace

datax-common/datax-common-core/src/main/java/cn/datax/common/utils/RequestHolder.java

@@ -4,6 +4,7 @@ import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 /**
  * 获取 HttpServletRequest
@@ -14,4 +15,8 @@ public class RequestHolder {
     public static HttpServletRequest getHttpServletRequest() {
         return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
     }
+
+    public static HttpServletResponse getHttpServletResponse() {
+        return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getResponse();
+    }
 }

datax-common/datax-common-security/src/main/java/cn/datax/common/security/utils/DataRedisTokenServices.java

+package cn.datax.common.security.utils;
+
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.token.*;
+
+import java.util.Map;
+
+@Slf4j
+public class DataRedisTokenServices implements ResourceServerTokenServices {
+    @Setter
+    private TokenStore tokenStore;
+
+    @Override
+    public OAuth2Authentication loadAuthentication(String accessToken) throws AuthenticationException, InvalidTokenException {
+        OAuth2Authentication authentication = tokenStore.readAuthentication(accessToken);
+        OAuth2AccessToken token = readAccessToken(accessToken);
+        if(null == authentication || null == token){
+            throw new InvalidTokenException(accessToken);
+        }
+        DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
+        UserAuthenticationConverter userTokenConverter = new DataUserAuthenticationConverter();
+        accessTokenConverter.setUserTokenConverter(userTokenConverter);
+        Map<String, ?> map = accessTokenConverter.convertAccessToken(token, authentication);
+        if (map.containsKey("error")) {
+            if (this.log.isDebugEnabled()) {
+                this.log.debug("check_token returned error: " + map.get("error"));
+            }
+            throw new InvalidTokenException(accessToken);
+        } else {
+            return accessTokenConverter.extractAuthentication(map);
+        }
+    }
+
+    @Override
+    public OAuth2AccessToken readAccessToken(String accessToken) {
+        return tokenStore.readAccessToken(accessToken);
+    }
+}

datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/config/ResourceServerConfig.java → datax-modules/system-service-parent/system-service/src/main/java/cn/datax/service/system/config/DataResourceServerConfig.java

 package cn.datax.service.system.config;
 
-import cn.datax.common.security.utils.DataUserAuthenticationConverter;
+import cn.datax.common.security.utils.DataRedisTokenServices;
 import cn.datax.common.security.handler.DataAccessDeniedHandler;
 import cn.datax.common.security.handler.DataAuthExceptionEntryPoint;
 import cn.datax.common.security.utils.RedisTokenStore;
@@ -14,12 +14,11 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.E
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.*;
-import org.springframework.web.client.RestTemplate;
 
 @Configuration
 @EnableResourceServer
 @EnableGlobalMethodSecurity(prePostEnabled = true)
-public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
+public class DataResourceServerConfig extends ResourceServerConfigurerAdapter {
 
     @Autowired
     private DataAccessDeniedHandler accessDeniedHandler;
@@ -30,12 +29,6 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
     @Autowired
     private RedisConnectionFactory redisConnectionFactory;
 
-//    @Autowired
-//    private RemoteTokenServices remoteTokenServices;
-//
-//    @Autowired
-//    private RestTemplate restTemplate;
-
     @Bean
     public TokenStore redisTokenStore() {
         return new RedisTokenStore(redisConnectionFactory);
@@ -43,17 +36,12 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 
     @Override
     public void configure(ResourceServerSecurityConfigurer resources) {
-        //token不对的时候验证返还不了信息
-//        DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter();
-//        UserAuthenticationConverter userAuthenticationConverter = new DataUserAuthenticationConverter();
-//        accessTokenConverter.setUserTokenConverter(userAuthenticationConverter);
-//
-//        remoteTokenServices.setRestTemplate(restTemplate);
-//        remoteTokenServices.setAccessTokenConverter(accessTokenConverter);
+        DataRedisTokenServices dataTokenServices = new DataRedisTokenServices();
+        dataTokenServices.setTokenStore(redisTokenStore());
 
         resources
                 .tokenStore(redisTokenStore())
-//                .tokenServices(remoteTokenServices)
+                .tokenServices(dataTokenServices)
                 .authenticationEntryPoint(exceptionEntryPoint)
                 .accessDeniedHandler(accessDeniedHandler);
     }