package com.gk.firework.Config.Oauth2;
|
|
import com.gk.firework.Domain.Utils.Base64Encrypt;
|
import com.gk.firework.Domain.Utils.StringUtils;
|
import org.apache.tomcat.util.security.MD5Encoder;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
@Configuration
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
|
|
@Autowired
|
private UserServiceDetail userServiceDetail;
|
|
@Override
|
@Bean
|
public AuthenticationManager authenticationManagerBean() throws Exception {
|
return super.authenticationManagerBean();
|
}
|
|
@Override
|
protected void configure(HttpSecurity http) throws Exception {
|
//CSRF:因为不再依赖于Cookie,所以你就不需要考虑对CSRF(跨站请求伪造)的防范
|
http
|
.csrf().disable()
|
.exceptionHandling()
|
.authenticationEntryPoint((request, response, authException) -> response.sendError(HttpServletResponse.SC_UNAUTHORIZED))
|
.and()
|
.logout().disable()
|
// .addFilter(loginAuthenticationFilter)
|
.authorizeRequests()
|
.regexMatchers("/actuator.*").permitAll()
|
.antMatchers("/**").authenticated()
|
.and()
|
.httpBasic();
|
|
}
|
|
@Override
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
auth
|
.userDetailsService(userServiceDetail)
|
.passwordEncoder(new PasswordEncoder() {
|
@Override
|
public String encode(CharSequence rawPassword) {
|
return Base64Encrypt.encode(rawPassword.toString().getBytes());
|
}
|
|
@Override
|
public boolean matches(CharSequence rawPassword, String encodedPassword) {
|
return encodedPassword.equals(Base64Encrypt.encode(rawPassword.toString().getBytes()));
|
}
|
});
|
}
|
|
/**
|
* Configuration password encryption
|
* @return
|
*/
|
@Bean
|
PasswordEncoder passwordEncoder() {
|
return new PasswordEncoder() {
|
@Override
|
public String encode(CharSequence charSequence) {
|
return charSequence.toString();
|
}
|
|
@Override
|
public boolean matches(CharSequence charSequence, String s) {
|
return s.equals(charSequence.toString());
|
}
|
};
|
}
|
|
}
|