diff --git a/.idea/xm-backend.iml b/.idea/xm-backend.iml
index 6f2d6c42..961243e4 100644
--- a/.idea/xm-backend.iml
+++ b/.idea/xm-backend.iml
@@ -56,6 +56,7 @@
+
@@ -93,7 +94,6 @@
-
@@ -112,13 +112,14 @@
-
+
+
diff --git a/xm-bootstrap/src/main/java/com/xm/AutoConfig.java b/xm-bootstrap/src/main/java/com/xm/AutoConfig.java
new file mode 100644
index 00000000..4c86f2ce
--- /dev/null
+++ b/xm-bootstrap/src/main/java/com/xm/AutoConfig.java
@@ -0,0 +1,13 @@
+package com.xm;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 要使用mdp平台功能,必须 扫码com.mdp包
+ * 一些默认公共配置
+ */
+@ComponentScan(basePackages={"com.mdp"})
+@Configuration
+public class AutoConfig {
+}
diff --git a/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java b/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java
index 7b3e06b9..d6245595 100644
--- a/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java
+++ b/xm-bootstrap/src/main/java/com/xm/WebSecurityConfig.java
@@ -2,10 +2,13 @@ package com.xm;
import com.mdp.oauth2.client.resource.MdpJwtAuthenticationConverter;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.web.client.RestOperations;
/**
* com.qqkj.WebSecurityConfig
@@ -16,9 +19,15 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
@Autowired
MdpJwtAuthenticationConverter jwtConverter;
+ @Autowired
+ RestOperations restOperations;
+
+ @Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri:}")
+ String jwkSetUri="";
@Override
public void configure(WebSecurity web) throws Exception {
@@ -32,10 +41,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests().mvcMatchers("/authorize","/authorized","/","/index","/oauth2/login/token","/oauth2/login/token/web").permitAll().and().oauth2Client().and().logout().disable();
+ http.authorizeRequests().anyRequest().authenticated();
+ http.oauth2Client().and().logout().disable();
http.formLogin().usernameParameter("userloginid");
http.oauth2Login();
- http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtConverter);
+ http.oauth2ResourceServer().jwt().decoder(NimbusJwtDecoder.withJwkSetUri(jwkSetUri).restOperations(restOperations).build()).jwtAuthenticationConverter(jwtConverter);
http.csrf().disable();
}
diff --git a/xm-bootstrap/src/main/java/com/xm/XmApplication.java b/xm-bootstrap/src/main/java/com/xm/XmApplication.java
index caf74912..3ba22042 100644
--- a/xm-bootstrap/src/main/java/com/xm/XmApplication.java
+++ b/xm-bootstrap/src/main/java/com/xm/XmApplication.java
@@ -8,7 +8,6 @@ import org.springframework.stereotype.Component;
@SpringCloudApplication
@EnableRedisHttpSession
-@ComponentScan(basePackages={"com.mdp","com.xm"})
public class XmApplication {
diff --git a/xm-bootstrap/src/main/resources/application-dev.properties b/xm-bootstrap/src/main/resources/application-dev.properties
index 33c546fb..4f110ed5 100644
--- a/xm-bootstrap/src/main/resources/application-dev.properties
+++ b/xm-bootstrap/src/main/resources/application-dev.properties
@@ -42,27 +42,45 @@ mdp.arc.file-upload-root-path=E:/arc/files
spring.http.multipart.maxFileSize=10Mb
spring.http.multipart.maxRequestSize=10Mb
-
-# mdp平台授权验证服务器访问地址 cloud环境下换成 http://gate,本地调试如果不起验证服务器,可改为 https://www.qingqinkj.com/api/m1/oauth2/oauth2
-mdp.oauth2.server.uri=http://134.175.57.249:7000
+mdp.api-gate=http://134.175.57.249:7015
+mdp.platform-branch-id=platform-branch-001
+
+# 权限自动注册接口,云环境下 http://微服务名称/sys/qx/autoRegist,本地调试 http://ip:port/sys/qx/autoRegist
+mdp.auth.qx-regist-url=${mdp.api-gate}/sys/sys/qx/autoRegist
+# 审计日志收集,云环境下 http://微服务名称/audit/base/operLog/add,本地调试 http://ip:port/audit/base/operLog/add
+mdp.audit.audit-log-url=${mdp.api-gate}/audit/audit/base/operLog/add
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/itemOption/list/byItemCode,本地调试 http://ip:port/meta/itemOption/list/byItemCode
+mdp.meta.item-options-query-uri= ${mdp.api-gate}/sys/meta/itemOption/list/byItemCode
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/item/list,本地调试 http://ip:port/meta/item/list
+mdp.meta.items-query-uri= ${mdp.api-gate}//sys/meta/item/list
+# 第三方授权登陆参数配置数据访问接口 云环境下 http://微服务名称/app/appTpAuth/list,本地调试 http://ip:port/app/appTpAuth/list
+mdp.tpa.app-tp-auth-query-uri= ${mdp.api-gate}/sys/app/appTpAuth/list
+# 第三方授权支付参数配置数据访问接口 云环境下 http://微服务名称/app/appTpPay/list,本地调试 http://ip:port/app/appTpPay/list
+mdp.tpa.app-tp-pay-query-uri= ${mdp.api-gate}/sys/app/appTpPay/list
+# 第三方授权登陆登陆用户查询接口 云环境下 http://微服务名称/sys/userTpa/list,本地调试 http://ip:port/sys/userTpa/list
+mdp.tpa.user-tpa-query-uri= ${mdp.api-gate}/sys/sys/userTpa/list
+
+
+# mdp平台授权验证服务器访问地址 cloud环境下换成 http://oauth2server,本地调试http://127.0.0.1:7000,本地如果不起验证服务器,可改为 https://www.qingqinkj.com/api/m1/oauth2server
+mdp.oauth2.server.uri=http://oauth2server
# 客户端必须在数据库表adm.oauth_client_details中配置,否则无法访问
# 下面配置 password 模式
-spring.security.oauth2.client.registration.password-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.password-client.provider=oauth2server
spring.security.oauth2.client.registration.password-client.client-id=${spring.application.name}
spring.security.oauth2.client.registration.password-client.client-secret= ${spring.application.name}-8888
spring.security.oauth2.client.registration.password-client.authorization-grant-type= password
spring.security.oauth2.client.registration.password-client.scope= all
# 下面配置 client_credentials 模式
-spring.security.oauth2.client.registration.def-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.def-client.provider=oauth2server
spring.security.oauth2.client.registration.def-client.client-id=${spring.application.name}
spring.security.oauth2.client.registration.def-client.client-secret= ${spring.application.name}-8888
spring.security.oauth2.client.registration.def-client.authorization-grant-type= client_credentials
spring.security.oauth2.client.registration.def-client.scope= all
# 下面配置authorization_code模式
-spring.security.oauth2.client.registration.code-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.code-client.provider=oauth2server
spring.security.oauth2.client.registration.code-client.client-id=${spring.application.name}
spring.security.oauth2.client.registration.code-client.client-secret= ${spring.application.name}-8888
spring.security.oauth2.client.registration.code-client.authorization-grant-type= authorization_code
@@ -71,9 +89,9 @@ spring.security.oauth2.client.registration.code-client.redirect-uri= ${messages.
spring.security.oauth2.client.registration.code-client.scope= all
# 授权码方式获取code
-spring.security.oauth2.client.provider.def-oauth-server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
+spring.security.oauth2.client.provider.oauth2server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
# 获取token接口
-spring.security.oauth2.client.provider.def-oauth-server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
+spring.security.oauth2.client.provider.oauth2server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
# 资源服务器
spring.security.oauth2.resourceserver.jwt.jwk-set-uri= ${mdp.oauth2.server.uri}/oauth2/jwks
diff --git a/xm-bootstrap/src/main/resources/application-m1prod.properties b/xm-bootstrap/src/main/resources/application-m1prod.properties
index 761e7ce0..3ec0781b 100644
--- a/xm-bootstrap/src/main/resources/application-m1prod.properties
+++ b/xm-bootstrap/src/main/resources/application-m1prod.properties
@@ -30,7 +30,9 @@ spring.jackson.serialization.indent_output=true
spring.jackson.serialization.fail_on_empty_beans=false
spring.jackson.deserialization.fail_on_unknown_properties=false
spring.jackson.parser.allow_unquoted_control_chars=true
-spring.jackson.parser.allow_single_quotes=true
+spring.jackson.parser.allow_single_quotes=true#限制文件上传大小
+spring.http.multipart.maxFileSize=10Mb
+spring.http.multipart.maxRequestSize=10Mb
#配置图片文件上传下载的相关参数,如果此次配置将覆盖数据库系统参数中的 arcImageUploadRootPath 及 arcImageDownloadBaseUri两个参数
@@ -40,19 +42,30 @@ spring.jackson.parser.allow_single_quotes=true
#mdp.auth.ips=ip1,ip2,ip3,授权ip地址列表,如果非授权ip应用只允许使用24小时
mdp.auth.ips=172.18.153.152
-mdp.auth.qx-regist-url=/sys/sys/sys/qx/autoRegist
-mdp.audit.audit-log-url=/audit/audit/audit/base/operLog/add
+
+mdp.api-gate=http://gate
mdp.platform-branch-id=platform-branch-001
-#限制文件上传大小
-spring.http.multipart.maxFileSize=10Mb
-spring.http.multipart.maxRequestSize=10Mb
+# 权限自动注册接口,云环境下 http://微服务名称/sys/qx/autoRegist,本地调试 http://ip:port/sys/qx/autoRegist
+mdp.auth.qx-regist-url=http://sys/sys/qx/autoRegist
+# 审计日志收集,云环境下 http://微服务名称/audit/base/operLog/add,本地调试 http://ip:port/audit/base/operLog/add
+mdp.audit.audit-log-url=http://audit/audit/base/operLog/add
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/itemOption/list/byItemCode,本地调试 http://ip:port/meta/itemOption/list/byItemCode
+mdp.meta.item-options-query-uri= http://sys/meta/itemOption/list/byItemCode
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/item/list,本地调试 http://ip:port/meta/item/list
+mdp.meta.items-query-uri= http://sys/meta/item/list
+# 第三方授权登陆参数配置数据访问接口 云环境下 http://微服务名称/app/appTpAuth/list,本地调试 http://ip:port/app/appTpAuth/list
+mdp.tpa.app-tp-auth-query-uri= http://sys/app/appTpAuth/list
+# 第三方授权支付参数配置数据访问接口 云环境下 http://微服务名称/app/appTpPay/list,本地调试 http://ip:port/app/appTpPay/list
+mdp.tpa.app-tp-pay-query-uri= http://sys/app/appTpPay/list
+# 第三方授权登陆登陆用户查询接口 云环境下 http://微服务名称/sys/userTpa/list,本地调试 http://ip:port/sys/userTpa/list
+mdp.tpa.user-tpa-query-uri= http://sys/sys/userTpa/list
-# mdp平台授权验证服务器访问地址 cloud环境下换成 http://gate,本地调试如果不起验证服务器,可改为 https://www.qingqinkj.com/api/m1/oauth2/oauth2
-mdp.oauth2.server.uri=http://172.16.16.16:7000
-# 客户端必须在数据库表adm.oauth_client_details中配置,否则无法访问
+# mdp平台授权验证服务器访问地址 cloud环境下换成 http://oauth2server,本地调试如果不起验证服务器,可改为 https://www.qingqinkj.com/api/m1/oauth2server
+# oauth2client服务比较特殊,oauth2client工程访问oauth2server要通过非cloud方式访问。即http://ip:port/的方式,或者https://www.qingqinkj.com/api/m1/oauth2server
+mdp.oauth2.server.uri= http://oauth2server
# 下面配置 password 模式
spring.security.oauth2.client.registration.password-client.provider=def-oauth-server
@@ -85,14 +98,6 @@ spring.security.oauth2.client.provider.def-oauth-server.token-uri= ${mdp.oauth2.
# 资源服务器
spring.security.oauth2.resourceserver.jwt.jwk-set-uri= ${mdp.oauth2.server.uri}/oauth2/jwks
-#配置数据源
-#spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
-#spring.datasource.jdbc-url=jdbc:oracle:thin:@193.112.138.144:1521:KEYUNSITDB
-#spring.datasource.username=root
-#spring.datasource.password=lqaz@WSX
-#spring.datasource.validation-query=select 1
-#spring.datasource.test-on-borrow=true
-#spring.datasource.validation-interval=30000
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
diff --git a/xm-bootstrap/xm-bootstrap.iml b/xm-bootstrap/xm-bootstrap.iml
index cb24a5f4..3f7d25e5 100644
--- a/xm-bootstrap/xm-bootstrap.iml
+++ b/xm-bootstrap/xm-bootstrap.iml
@@ -126,7 +126,6 @@
-
@@ -137,7 +136,6 @@
-
@@ -209,6 +207,8 @@
+
+
diff --git a/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java b/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java
index f350aaa6..73664eaa 100644
--- a/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java
+++ b/xm-core/src/main/java/com/xm/core/ctrl/XmMenuController.java
@@ -82,8 +82,8 @@ public class XmMenuController {
Map m = new HashMap<>();
RequestUtils.transformArray(xmMenu, "menuIds");
PageUtils.startPage(xmMenu);
- Tips tips=new Tips("查询成功");
- List> xmMenuList = xmMenuService.selectListMapByWhereWithState(xmMenu); //列出XmMenu列表
+ Tips tips=new Tips("查询成功");
+ List> xmMenuList = xmMenuService.selectListMapByWhereWithState(xmMenu); //列出XmMenu列表
PageUtils.responePage(m, xmMenuList);
m.put("data",xmMenuList);
m.put("tips", tips);
diff --git a/xm-core/src/main/resources/application-dev.properties b/xm-core/src/main/resources/application-dev.properties
index 08d53e8a..20bcd979 100644
--- a/xm-core/src/main/resources/application-dev.properties
+++ b/xm-core/src/main/resources/application-dev.properties
@@ -1,7 +1,7 @@
#内置服务器的端口
server.port=7067
spring.application.name=xm
-server.context-path=/${spring.application.name}
+#server.context-path=/${spring.application.name}
#session失效时间 秒
server.session.timeout=43200
spring.session.store-type=redis
@@ -16,17 +16,6 @@ spring.sleuth.sampler.percentage=1.0
-#配置数据源
-#spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
-#spring.datasource.jdbc-url=jdbc:mysql://123.207.117.5:3306/adm?useUnicode=true&characterEncoding=utf-8&useSSL=false&allowMultiQueries=true&serverTimezone=CTTin
-#spring.datasource.username=root
-#spring.datasource.password=lqaz@WSX
-#spring.datasource.validation-query=select 1
-#spring.datasource.test-on-borrow=true
-#spring.datasource.validation-interval=30000
-#spring.jpa.properties.hibernate.dialect =org.hibernate.dialect.Oracle10gDialect
-#spring.jpa.database =ORACLE
-
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.jdbc-url=jdbc:mysql://123.207.117.5:3306/xm?useUnicode=true&characterEncoding=utf-8&useSSL=false&allowMultiQueries=true&serverTimezone=CTT&allowPublicKeyRetrieval=true
spring.datasource.username=root
@@ -77,32 +66,47 @@ mdp.ac.account-check-sign=true
###end ac##########
#mdp.auth.ips=ip1,ip2,ip3,授权ip地址列表,如果非授权ip应用只允许使用24小时
mdp.auth.ips=172.18.153.152
-mdp.auth.qx-regist-url=/sys/sys/sys/qx/autoRegist
-mdp.audit.audit-log-url=/audit/audit/audit/base/operLog/add
-mdp.platform-branch-id=platform-branch-001
+mdp.api-gate=http://134.175.57.249:7015
+mdp.platform-branch-id=platform-branch-001
-# mdp平台授权验证服务器访问地址 cloud环境下换成 http://gate,本地调试如果不起验证服务器,可改为 https://www.qingqinkj.com/api/m1/oauth2/oauth2
+# 权限自动注册接口,云环境下 http://微服务名称/sys/qx/autoRegist,本地调试 http://ip:port/sys/qx/autoRegist
+mdp.auth.qx-regist-url=${mdp.api-gate}/sys/sys/qx/autoRegist
+# 审计日志收集,云环境下 http://微服务名称/audit/base/operLog/add,本地调试 http://ip:port/audit/base/operLog/add
+mdp.audit.audit-log-url=${mdp.api-gate}/audit/audit/base/operLog/add
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/itemOption/list/byItemCode,本地调试 http://ip:port/meta/itemOption/list/byItemCode
+mdp.meta.item-options-query-uri= ${mdp.api-gate}/sys/meta/itemOption/list/byItemCode
+# 元数据/系统参数等接口 云环境下 http://微服务名称/sys/meta/item/list,本地调试 http://ip:port/meta/item/list
+mdp.meta.items-query-uri= ${mdp.api-gate}//sys/meta/item/list
+# 第三方授权登陆参数配置数据访问接口 云环境下 http://微服务名称/app/appTpAuth/list,本地调试 http://ip:port/app/appTpAuth/list
+mdp.tpa.app-tp-auth-query-uri= ${mdp.api-gate}/sys/app/appTpAuth/list
+# 第三方授权支付参数配置数据访问接口 云环境下 http://微服务名称/app/appTpPay/list,本地调试 http://ip:port/app/appTpPay/list
+mdp.tpa.app-tp-pay-query-uri= ${mdp.api-gate}/sys/app/appTpPay/list
+# 第三方授权登陆登陆用户查询接口 云环境下 http://微服务名称/sys/userTpa/list,本地调试 http://ip:port/sys/userTpa/list
+mdp.tpa.user-tpa-query-uri= ${mdp.api-gate}/sys/sys/userTpa/list
+
+
+# mdp平台授权验证服务器访问地址 cloud环境下换成 http://oauth2server,本地调试http://127.0.0.1:7000,本地如果不起验证服务器,可改为 https://www.qingqinkj.com/api/m1/oauth2server
mdp.oauth2.server.uri=http://134.175.57.249:7000
# 客户端必须在数据库表adm.oauth_client_details中配置,否则无法访问
# 下面配置 password 模式
-spring.security.oauth2.client.registration.password-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.password-client.provider=oauth2server
spring.security.oauth2.client.registration.password-client.client-id=${spring.application.name}
spring.security.oauth2.client.registration.password-client.client-secret= ${spring.application.name}-8888
spring.security.oauth2.client.registration.password-client.authorization-grant-type= password
spring.security.oauth2.client.registration.password-client.scope= all
# 下面配置 client_credentials 模式
-spring.security.oauth2.client.registration.def-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.def-client.provider=oauth2server
spring.security.oauth2.client.registration.def-client.client-id=${spring.application.name}
spring.security.oauth2.client.registration.def-client.client-secret= ${spring.application.name}-8888
spring.security.oauth2.client.registration.def-client.authorization-grant-type= client_credentials
spring.security.oauth2.client.registration.def-client.scope= all
# 下面配置authorization_code模式
-spring.security.oauth2.client.registration.code-client.provider=def-oauth-server
+spring.security.oauth2.client.registration.code-client.provider=oauth2server
spring.security.oauth2.client.registration.code-client.client-id=${spring.application.name}
spring.security.oauth2.client.registration.code-client.client-secret= ${spring.application.name}-8888
spring.security.oauth2.client.registration.code-client.authorization-grant-type= authorization_code
@@ -111,9 +115,9 @@ spring.security.oauth2.client.registration.code-client.redirect-uri= ${messages.
spring.security.oauth2.client.registration.code-client.scope= all
# 授权码方式获取code
-spring.security.oauth2.client.provider.def-oauth-server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
+spring.security.oauth2.client.provider.oauth2server.authorization-uri= ${mdp.oauth2.server.uri}/oauth2/authorize
# 获取token接口
-spring.security.oauth2.client.provider.def-oauth-server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
+spring.security.oauth2.client.provider.oauth2server.token-uri= ${mdp.oauth2.server.uri}/oauth2/token
# 资源服务器
spring.security.oauth2.resourceserver.jwt.jwk-set-uri= ${mdp.oauth2.server.uri}/oauth2/jwks
diff --git a/xm-core/src/test/java/com/xm/AutoConfig.java b/xm-core/src/test/java/com/xm/AutoConfig.java
new file mode 100644
index 00000000..4c86f2ce
--- /dev/null
+++ b/xm-core/src/test/java/com/xm/AutoConfig.java
@@ -0,0 +1,13 @@
+package com.xm;
+
+import org.springframework.context.annotation.ComponentScan;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 要使用mdp平台功能,必须 扫码com.mdp包
+ * 一些默认公共配置
+ */
+@ComponentScan(basePackages={"com.mdp"})
+@Configuration
+public class AutoConfig {
+}
diff --git a/xm-core/src/test/java/com/xm/WebSecurityConfig.java b/xm-core/src/test/java/com/xm/WebSecurityConfig.java
index 7b3e06b9..d6245595 100644
--- a/xm-core/src/test/java/com/xm/WebSecurityConfig.java
+++ b/xm-core/src/test/java/com/xm/WebSecurityConfig.java
@@ -2,10 +2,13 @@ package com.xm;
import com.mdp.oauth2.client.resource.MdpJwtAuthenticationConverter;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
+import org.springframework.web.client.RestOperations;
/**
* com.qqkj.WebSecurityConfig
@@ -16,9 +19,15 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
@Autowired
MdpJwtAuthenticationConverter jwtConverter;
+ @Autowired
+ RestOperations restOperations;
+
+ @Value("${spring.security.oauth2.resourceserver.jwt.jwk-set-uri:}")
+ String jwkSetUri="";
@Override
public void configure(WebSecurity web) throws Exception {
@@ -32,10 +41,11 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
- http.authorizeRequests().mvcMatchers("/authorize","/authorized","/","/index","/oauth2/login/token","/oauth2/login/token/web").permitAll().and().oauth2Client().and().logout().disable();
+ http.authorizeRequests().anyRequest().authenticated();
+ http.oauth2Client().and().logout().disable();
http.formLogin().usernameParameter("userloginid");
http.oauth2Login();
- http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtConverter);
+ http.oauth2ResourceServer().jwt().decoder(NimbusJwtDecoder.withJwkSetUri(jwkSetUri).restOperations(restOperations).build()).jwtAuthenticationConverter(jwtConverter);
http.csrf().disable();
}
diff --git a/xm-core/src/test/java/com/xm/XmApplication.java b/xm-core/src/test/java/com/xm/XmApplication.java
index d92159c8..ba5facb1 100644
--- a/xm-core/src/test/java/com/xm/XmApplication.java
+++ b/xm-core/src/test/java/com/xm/XmApplication.java
@@ -4,7 +4,7 @@ import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
-@ComponentScan(basePackages={"com.mdp","com.xm"})
+//@ComponentScan(basePackages={"com.mdp","com.xm"})
@SpringBootApplication
@EnableRedisHttpSession
public class XmApplication {
diff --git a/xm-core/xm-core.iml b/xm-core/xm-core.iml
index bba16314..65bd7323 100644
--- a/xm-core/xm-core.iml
+++ b/xm-core/xm-core.iml
@@ -16,7 +16,6 @@
-
@@ -35,7 +34,6 @@
-
@@ -123,6 +121,8 @@
+
+