增加了oauth 配置
diff --git a/build.gradle b/build.gradle
index 5af099d..d9303c5 100644
--- a/build.gradle
+++ b/build.gradle
@@ -30,6 +30,8 @@
implementation 'org.springframework.boot:spring-boot-starter-security'
implementation 'org.springframework.security:spring-security-oauth2-client'
implementation 'org.springframework.security:spring-security-oauth2-jose'
+ implementation 'org.springframework.security.oauth.boot:spring-security-oauth2-autoconfigure:2.0.1.RELEASE'
+// implementation 'org.springframework.security.oauth:spring-security-oauth2'
implementation 'org.springframework.boot:spring-boot-starter-thymeleaf'
implementation 'org.springframework.session:spring-session-data-redis'
implementation 'org.springframework.social:spring-social-web:1.1.6.RELEASE'
diff --git a/src/main/kotlin/com/supwisdom/dlpay/oauth.kt b/src/main/kotlin/com/supwisdom/dlpay/oauth.kt
new file mode 100644
index 0000000..6f310a5
--- /dev/null
+++ b/src/main/kotlin/com/supwisdom/dlpay/oauth.kt
@@ -0,0 +1,60 @@
+package com.supwisdom.dlpay
+
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.context.annotation.Configuration
+import org.springframework.data.redis.connection.RedisConnectionFactory
+import org.springframework.security.authentication.AuthenticationManager
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer
+import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer
+import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer
+import org.springframework.security.oauth2.provider.ClientDetails
+import org.springframework.security.oauth2.provider.ClientDetailsService
+import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore
+
+
+class OAuthDetailService : ClientDetailsService {
+
+ override fun loadClientByClientId(clientId: String?): ClientDetails {
+ TODO("not implemented") //To change body of created functions use File | Settings | File Templates.
+ }
+}
+
+@Configuration
+class OAuth2Config {
+ @Configuration
+ @EnableResourceServer
+ class ResourceServerConfiguration : ResourceServerConfigurerAdapter() {
+ override fun configure(resources: ResourceServerSecurityConfigurer?) {
+ resources?.resourceId("payapi")?.stateless(true)
+ }
+ }
+
+ @Configuration
+ @EnableAuthorizationServer
+ class AuthorizationServerConfigure : AuthorizationServerConfigurerAdapter() {
+
+ @Autowired
+ private lateinit var redisConnectionFactory: RedisConnectionFactory
+
+ @Autowired
+ private lateinit var authenticationManager: AuthenticationManager
+
+ override fun configure(security: AuthorizationServerSecurityConfigurer?) {
+ security?.allowFormAuthenticationForClients()
+ }
+
+ override fun configure(clients: ClientDetailsServiceConfigurer?) {
+ clients?.withClientDetails(OAuthDetailService())
+ }
+
+ override fun configure(endpoints: AuthorizationServerEndpointsConfigurer?) {
+ endpoints?.tokenStore(RedisTokenStore(redisConnectionFactory))
+ ?.authenticationManager(authenticationManager)
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 4392fa6..e0c5833 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -15,6 +15,7 @@
import org.springframework.context.annotation.Configuration
import org.springframework.core.annotation.Order
import org.springframework.http.HttpStatus
+import org.springframework.security.authentication.AuthenticationManager
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.authentication.dao.DaoAuthenticationProvider
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
@@ -131,6 +132,11 @@
.and()
.csrf().ignoringAntMatchers("/api/**")
}
+
+ @Bean
+ override fun authenticationManager(): AuthenticationManager {
+ return super.authenticationManagerBean()
+ }
}
@Configuration