<?xml version="
1.0" encoding="UTF-8"?>
<project xmlns="ht
tp://maven
.apache
.org/POM/4
.0
.0" xmlns:xsi="ht
tp://www
.w3
.org/200
1/XMLSchema-instance"
xsi:schemaLocation="ht
tp://maven
.apache
.org/POM/4
.0
.0 ht
tps://maven
.apache
.org/xsd/maven-4
.0
.0
.xsd">
<modelVersion>4
.0
.0</modelVersion>
<!-- 继承Spring Boot父工程(已定义Spring Boot 2
.3
.12
.RELEASE版本) -->
<parent>
<groupId>org
.springframework
.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2
.3
.12
.RELEASE</version>
<relativePath/>
</parent>
<groupId>com
.example</groupId>
<artifactId>auth-service</artifactId>
<version>0
.0
.1-SNAPSHOT</version>
<name>auth-service</name>
<description>OAuth2认证授权服务</description>
<properties>
<java
.version>
1.8</java
.version>
<project
.build
.sourceEncoding>UTF-8</project
.build
.sourceEncoding>
<project
.reporting
.ou
tputEncoding>UTF-8</project
.reporting
.ou
tputEncoding>
<spring-cloud
.version>Hoxton
.SR
12</spring-cloud
.version> <!-- 兼容Spring Boot 2
.3
.x的Spring Cloud版本 -->
</properties>
<!-- Maven仓库配置(加速依赖下载) -->
<repositories>
<repository>
<id>central</id>
<
url>ht
tps://repo
1.maven
.org/maven2</
url>
<snapshots><enabled>false</enabled></snapshots>
</repository>
<repository>
<id>aliyun</id>
<
url>ht
tps://maven
.aliyun
.com/repository/
public</
url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>false</enabled></snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>central</id>
<
url>ht
tps://repo
1.maven
.org/maven2</
url>
<snapshots><enabled>false</enabled></snapshots>
</pluginRepository>
<pluginRepository>
<id>aliyun</id>
<
url>ht
tps://maven
.aliyun
.com/repository/
public</
url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>false</enabled></snapshots>
</pluginRepository>
</pluginRepositories>
<dependencies>
<!-- Spring Boot Web依赖 -->
<dependency>
<groupId>org
.springframework
.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- Spring Boot Security依赖(基础安全框架) -->
<dependency>
<groupId>org
.springframework
.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<!-- OAuth2自动配置依赖(支持Password模式等旧版特性) -->
<!-- 测试依赖 -->
<dependency>
<groupId>org
.springframework
.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org
.springframework
.security</groupId>
<artifactId>spring-security-oauth2-authorization-server</artifactId>
<version>
1.2
.0</version> <!-- 最新稳定版 -->
</dependency>
</dependencies>
<!-- 依赖管理(统一Spring Cloud版本) -->
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org
.springframework
.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud
.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<!-- Java编译插件 -->
<plugin>
<groupId>org
.apache
.maven
.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3
.8
.1</version>
<configuration>
<source>
1.8</source> <!-- 源码Java版本 -->
<target>
1.8</target> <!-- 目标Java版本 -->
<encoding>UTF-8</encoding>
</configuration>
</plugin>
<!-- Spring Boot打包插件 -->
<plugin>
<groupId>org
.springframework
.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
<!-- 无需指定version,继承父工程的Spring Boot版本 -->
<configuration>
<mainClass>com
.example
.authservice
.AuthServiceApplication</mainClass> <!-- 主类全路径 -->
<skip>false</skip> <!-- 允许打包(默认值,可
省略) -->
</configuration>
<executions>
<execution>
<id>repackage</id>
<goals>
<goal>repackage</goal> <!-- 生成可执行JAR -->
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>package com
.example;
import org
.springframework
.security
.core
.Authentication;
import org
.springframework
.security
.core
.context
.SecurityContextHolder;
import org
.springframework
.web
.bind
.annotation
.GetMapping;
import org
.springframework
.web
.bind
.annotation
.RequestMapping;
import org
.springframework
.web
.bind
.annotation
.RestController;
import java
.util
.HashMap;
import java
.util
.Map;
@RestController
@RequestMapping("/api/auth")
public class UserInfoController {
@GetMapping("/userinfo")
public Map<String, Object> getUserInfo() {
Authentication authentication = SecurityContextHolder
.getContext()
.getAuthentication();
Map<String, Object> userInfo = new HashMap<>();
userInfo
.put("username", authentication
.getName());
userInfo
.put("authorities", authentication
.getAuthorities());
return userInfo;
}
}package com
.example;
import org
.springframework
.context
.annotation
.Bean;
import org
.springframework
.context
.annotation
.Configuration;
import org
.springframework
.security
.authentication
.AuthenticationManager;
import org
.springframework
.security
.authentication
.ProviderManager;
import org
.springframework
.security
.authentication
.dao
.DaoAuthenticationProvider;
import org
.springframework
.security
.config
.annotation
.authentication
.builders
.AuthenticationManagerBuilder;
import org
.springframework
.security
.config
.annotation
.web
.builders
.Ht
tpSecurity;
import org
.springframework
.security
.config
.annotation
.web
.configuration
.EnableWebSecurity;
import org
.springframework
.security
.config
.annotation
.web
.configuration
.WebSecurityConfigurerAdapter;
import org
.springframework
.security
.core
.userdetails
.User;
import org
.springframework
.security
.core
.userdetails
.UserDetailsService;
import org
.springframework
.security
.crypto
.bcrypt
.BCryp
tPasswordEncoder;
import org
.springframework
.security
.crypto
.password
.PasswordEncoder;
import org
.springframework
.security
.provisioning
.InMemoryUserDetailsManager;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
1. 定义用户详情服务(已
实现,保留)
@Bean
@Override
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(
User
.withUsername("user")
.password(passwordEncoder()
.encode("password"))
.roles("USER")
.build()
);
}
// 2
. 密码编码器(已
实现,保留)
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryp
tPasswordEncoder();
}
// 3
. 关键修复:配置AuthenticationManager使用自定义UserDetailsService
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService()) // 关联用户详情服务
.passwordEncoder(passwordEncoder()); // 关联密码编码器
}
// 4
. 暴露AuthenticationManager Bean(已
实现,保留)
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super
.authenticationManagerBean();
}
//
5. 关闭CSRF(保留)
@Override
protected void configure(Ht
tpSecurity ht
tp) throws Exception {
ht
tp.csrf()
.disable();
}
@Bean
public AuthenticationManager authenticationManager() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider
.setUserDetailsService(userDetailsService());
provider
.se
tPasswordEncoder(passwordEncoder());
return new ProviderManager(provider);
}
}package com
.example;
import org
.springframework
.context
.annotation
.Bean;
import org
.springframework
.context
.annotation
.Configuration;
import org
.springframework
.security
.authentication
.AuthenticationManager;
import org
.springframework
.security
.authentication
.ProviderManager;
import org
.springframework
.security
.authentication
.dao
.DaoAuthenticationProvider;
import org
.springframework
.security
.config
.annotation
.authentication
.builders
.AuthenticationManagerBuilder;
import org
.springframework
.security
.config
.annotation
.web
.builders
.Ht
tpSecurity;
import org
.springframework
.security
.config
.annotation
.web
.configuration
.EnableWebSecurity;
import org
.springframework
.security
.config
.annotation
.web
.configuration
.WebSecurityConfigurerAdapter;
import org
.springframework
.security
.core
.userdetails
.User;
import org
.springframework
.security
.core
.userdetails
.UserDetailsService;
import org
.springframework
.security
.crypto
.bcrypt
.BCryp
tPasswordEncoder;
import org
.springframework
.security
.crypto
.password
.PasswordEncoder;
import org
.springframework
.security
.provisioning
.InMemoryUserDetailsManager;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
1. 定义用户详情服务(已
实现,保留)
@Bean
@Override
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(
User
.withUsername("user")
.password(passwordEncoder()
.encode("password"))
.roles("USER")
.build()
);
}
// 2
. 密码编码器(已
实现,保留)
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryp
tPasswordEncoder();
}
// 3
. 关键修复:配置AuthenticationManager使用自定义UserDetailsService
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService()) // 关联用户详情服务
.passwordEncoder(passwordEncoder()); // 关联密码编码器
}
// 4
. 暴露AuthenticationManager Bean(已
实现,保留)
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super
.authenticationManagerBean();
}
//
5. 关闭CSRF(保留)
@Override
protected void configure(Ht
tpSecurity ht
tp) throws Exception {
ht
tp.csrf()
.disable();
}
@Bean
public AuthenticationManager authenticationManager() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider
.setUserDetailsService(userDetailsService());
provider
.se
tPasswordEncoder(passwordEncoder());
return new ProviderManager(provider);
}
}package com
.example;
import org
.springframework
.context
.annotation
.Bean;
import org
.springframework
.context
.annotation
.Configuration;
import org
.springframework
.security
.authentication
.AuthenticationManager;
import org
.springframework
.security
.authentication
.ProviderManager;
import org
.springframework
.security
.authentication
.dao
.DaoAuthenticationProvider;
import org
.springframework
.security
.config
.annotation
.authentication
.builders
.AuthenticationManagerBuilder;
import org
.springframework
.security
.config
.annotation
.web
.builders
.Ht
tpSecurity;
import org
.springframework
.security
.config
.annotation
.web
.configuration
.EnableWebSecurity;
import org
.springframework
.security
.config
.annotation
.web
.configuration
.WebSecurityConfigurerAdapter;
import org
.springframework
.security
.core
.userdetails
.User;
import org
.springframework
.security
.core
.userdetails
.UserDetailsService;
import org
.springframework
.security
.crypto
.bcrypt
.BCryp
tPasswordEncoder;
import org
.springframework
.security
.crypto
.password
.PasswordEncoder;
import org
.springframework
.security
.provisioning
.InMemoryUserDetailsManager;
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
//
1. 定义用户详情服务(已
实现,保留)
@Bean
@Override
public UserDetailsService userDetailsService() {
return new InMemoryUserDetailsManager(
User
.withUsername("user")
.password(passwordEncoder()
.encode("password"))
.roles("USER")
.build()
);
}
// 2
. 密码编码器(已
实现,保留)
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryp
tPasswordEncoder();
}
// 3
. 关键修复:配置AuthenticationManager使用自定义UserDetailsService
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService()) // 关联用户详情服务
.passwordEncoder(passwordEncoder()); // 关联密码编码器
}
// 4
. 暴露AuthenticationManager Bean(已
实现,保留)
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super
.authenticationManagerBean();
}
//
5. 关闭CSRF(保留)
@Override
protected void configure(Ht
tpSecurity ht
tp) throws Exception {
ht
tp.csrf()
.disable();
}
@Bean
public AuthenticationManager authenticationManager() {
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
provider
.setUserDetailsService(userDetailsService());
provider
.se
tPasswordEncoder(passwordEncoder());
return new ProviderManager(provider);
}
}package com
.example;
import org
.springframework
.context
.annotation
.Bean;
import org
.springframework
.context
.annotation
.Configuration;
import org
.springframework
.security
.config
.annotation
.web
.builders
.Ht
tpSecurity;
import org
.springframework
.security
.crypto
.password
.PasswordEncoder;
import org
.springframework
.security
.oauth2
.core
.AuthorizationGrantType;
import org
.springframework
.security
.oauth2
.core
.ClientAuthenticationMethod;
import org
.springframework
.security
.oauth2
.server
.authorization
.client
.InMemoryRegisteredClientRepository;
import org
.springframework
.security
.oauth2
.server
.authorization
.client
.RegisteredClient;
import org
.springframework
.security
.oauth2
.server
.authorization
.client
.RegisteredClientRepository;
import org
.springframework
.security
.oauth2
.server
.authorization
.config
.annotation
.web
.configuration
.OAuth2AuthorizationServerConfiguration;
import org
.springframework
.security
.oauth2
.server
.authorization
.config
.annotation
.web
.configurers
.OAuth2AuthorizationServerConfigurer;
import org
.springframework
.security
.web
.SecurityFilterChain;
import java
.util
.UUID;
import java
.time
.Duration;
import java
.time
.temporal
.ChronoUnit;
@Configuration
public class AuthServerConfig {
@Bean
public SecurityFilterChain authorizationServerSecurityFilterChain(Ht
tpSecurity ht
tp) throws Exception {
OAuth2AuthorizationServerConfiguration
.applyDefaultSecurity(ht
tp);
// 旧版0
.2
.3
.RELEASE无需配置authenticationProviders,删除lambda表达式
ht
tp.getConfigurer(OAuth2AuthorizationServerConfigurer
.class);
return ht
tp.build();
}
@Bean
public RegisteredClientRepository registeredClientRepository(PasswordEncoder passwordEncoder) {
RegisteredClient testClient = RegisteredClient
.withId(UUID
.randomUUID()
.toString())
.clientId("testClient")
.clientSecret(passwordEncoder
.encode("
1234
56"))
.clientAuthenticationMethod(ClientAuthenticationMethod
.CLIENT_SECRET_BASIC)
.authorizationGrantType(AuthorizationGrantType
.PASSWORD)
.authorizationGrantType(AuthorizationGrantType
.REFRESH_TOKEN)
.scope("read")
.scope("write")
.accessTokenTimeToLive(Duration
.of(
1, ChronoUnit
.HOURS)) // JDK 8兼容写法
.refreshTokenTimeToLive(Duration
.of(
1, ChronoUnit
.DAYS)) // JDK 8兼容写法
.build();
return new InMemoryRegisteredClientRepository(testClient);
}
}package com
.example
.authservice;
import org
.springframework
.boot
.SpringApplication;
import org
.springframework
.boot
.autoconfigure
.SpringBootApplication;
import org
.springframework
.context
.annotation
.ComponentScan;
@SpringBootApplication
@ComponentScan(basePackages = {"com
.example", "com
.example"}) // 扫描多个包
public class AuthServiceApplication {
public static void main(String[] args) {
SpringApplication
.run(AuthServiceApplication
.class, args);
}
}
代码报错,怎么修改
本文介绍了如何在ThinkPHP 5.1框架中省略public/index.php,实现更简洁的URL访问。通过复制并修改public目录的index.php和.htaccess文件,然后调整index.php内容,可以将URL从http://127.0.0.1/tp5/public/index.php/index/index/index缩短为http://127.0.0.1/tp5/index/index/index。同时,文章展示了如何访问admin模块下的控制器方法。
最低0.47元/天 解锁文章
扫一扫
9194
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
