liuyueyi#79 spring security demo

Author: liuyueyi

pom.xml

@@ -11,6 +11,7 @@
         <module>spring-boot</module>
         <module>spring-case</module>
         <module>spring</module>
+        <module>spring-security</module>
     </modules>
     <packaging>pom</packaging>
 

spring-security/000-basic-demo/pom.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>spring-security</artifactId>
+        <groupId>com.git.hui.boot</groupId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>000-basic-demo</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>

spring-security/000-basic-demo/src/main/java/com/git/hui/boot/security/Application.java

@@ -0,0 +1,15 @@
+package com.git.hui.boot.security;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * Created by @author yihui in 20:29 19/12/22.
+ */
+@SpringBootApplication
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+}

spring-security/000-basic-demo/src/main/java/com/git/hui/boot/security/rest/IndexRest.java

@@ -0,0 +1,42 @@
+package com.git.hui.boot.security.rest;
+
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+/**
+ * Created by @author yihui in 20:30 19/12/22.
+ */
+@RestController
+public class IndexRest {
+
+    public String getUser() {
+        return ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest().getRemoteUser();
+    }
+
+    public String getUserV2() {
+        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+
+        String userName;
+        if (principal instanceof UserDetails) {
+            userName = ((UserDetails) principal).getUsername();
+        } else {
+            userName = principal.toString();
+        }
+        return userName;
+    }
+
+    @GetMapping(path = {"/", "/index"})
+    public String index() {
+        return "hello this is index! welcome " + getUser();
+    }
+
+    @GetMapping(path = "hello")
+    public String hello(String name) {
+        return getUserV2() + " welcome " + name;
+    }
+
+}

spring-security/000-basic-demo/src/main/resources/application.yml

@@ -0,0 +1,5 @@
+spring:
+  security:
+    user:
+      name: yihuihui
+      password: 123456

spring-security/001-authentication-mem/pom.xml

@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>spring-security</artifactId>
+        <groupId>com.git.hui.boot</groupId>
+        <version>0.0.1-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>001-authentication-mem</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>

spring-security/001-authentication-mem/src/main/java/com/git/hui/boot/security/Application.java

@@ -0,0 +1,22 @@
+package com.git.hui.boot.security;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+
+/**
+ * - prePostEnabled :决定Spring Security的前注解是否可用 [@PreAuthorize,@PostAuthorize,..]
+ * - secureEnabled : 决定是否Spring Security的保障注解 [@Secured] 是否可用。
+ * - jsr250Enabled ：决定 JSR-250 annotations 注解[@RolesAllowed..] 是否可用。
+ *
+ * Created by @author yihui in 14:54 19/12/23.
+ */
+@EnableGlobalMethodSecurity(prePostEnabled=true)
+@SpringBootApplication
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+
+}

spring-security/001-authentication-mem/src/main/java/com/git/hui/boot/security/SecurityAdapterConfig.java

@@ -0,0 +1,26 @@
+package com.git.hui.boot.security;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+/**
+ * Created by @author yihui in 15:41 19/12/23.
+ */
+@Configuration
+@EnableWebSecurity
+public class SecurityAdapterConfig extends WebSecurityConfigurerAdapter {
+    /**
+     * 指定首页所有人可访问；其他url需要
+     *
+     * @param http
+     * @throws Exception
+     */
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests().antMatchers("/").permitAll().antMatchers("/index").permitAll().anyRequest()
+                .authenticated().and().formLogin().and().httpBasic();
+    }
+
+}

spring-security/001-authentication-mem/src/main/java/com/git/hui/boot/security/SecurityAutoConfig.java

@@ -0,0 +1,37 @@
+package com.git.hui.boot.security;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+
+/**
+ * Created by @author yihui in 14:54 19/12/23.
+ */
+@Configuration
+public class SecurityAutoConfig {
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+
+    /**
+     * 基于内存的认证方式
+     *
+     * @param passwordEncoder
+     * @return
+     */
+    @Bean
+    public UserDetailsService userDetailsService(PasswordEncoder passwordEncoder) {
+        User.UserBuilder users = User.builder().passwordEncoder(passwordEncoder::encode);
+        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
+        manager.createUser(users.username("1hui").password("123456").roles("guest").build());
+        manager.createUser(users.username("2hui").password("666666").roles("manager").build());
+        manager.createUser(users.username("3hui").password("root").roles("admin").build());
+        return manager;
+    }
+}

spring-security/001-authentication-mem/src/main/java/com/git/hui/boot/security/rest/IndexRest.java

@@ -0,0 +1,59 @@
+package com.git.hui.boot.security.rest;
+
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * Created by @author yihui in 20:30 19/12/22.
+ */
+@RestController
+public class IndexRest {
+
+    public String getUserV2() {
+        Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+
+        String userName;
+        if (principal instanceof UserDetails) {
+            userName = ((UserDetails) principal).getUsername();
+        } else {
+            userName = principal.toString();
+        }
+        return userName;
+    }
+
+    /**
+     * 全部都可以访问
+     *
+     * @return
+     */
+    @GetMapping(path = {"/"})
+    public String index() {
+        return "hello this is index! welcome " + getUserV2();
+    }
+
+    /**
+     * 要求登录，且属于三个角色之一的才能访问
+     *
+     * @return
+     */
+    @GetMapping(path = "guest")
+    @PreAuthorize("hasAnyRole('guest', 'admin', 'manager')")
+    public String guestHello() {
+        return "guest hello: " + getUserV2();
+    }
+
+    @GetMapping(path = "manager")
+    @PreAuthorize("hasAnyRole('admin', 'manager')")
+    public String managerHello() {
+        return "manager hello: " + getUserV2();
+    }
+
+    @GetMapping(path = "admin")
+    @PreAuthorize("hasAnyRole('admin')")
+    public String adminHello() {
+        return "admin hello: " + getUserV2();
+    }
+}