package com.mzl.flower.config; import com.fasterxml.jackson.databind.ObjectMapper; import com.mzl.flower.config.security.handler.SelfAuthenticationFailureHandler; import com.mzl.flower.config.security.handler.SelfAuthenticationSuccessHandler; import com.mzl.flower.config.security.provider.*; import com.mzl.flower.service.impl.*; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Lazy; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.provider.ClientDetailsService; import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private ObjectMapper objectMapper; @Autowired private ClientDetailsService clientDetailsService; @Lazy @Autowired private AuthorizationServerTokenServices defaultAuthorizationServerTokenServices; @Autowired private WebUserDetailsService webUserDetailsService; @Autowired private PartnerUserDetailsService partnerUserDetailsService; @Autowired private SupUserDetailsService supUserDetailsService; @Autowired private AdminUserDetailsService adminUserDetailsService; @Autowired private BaseUserDetailsService baseUserDetailsService; @Autowired private PhoneUserDetailsService phoneUserDetailsService; @Autowired private WechatUserDetailsService wechatUserDetailsService; /** * 注入AuthenticationManager接口,启用OAuth2密码模式 * * @return * @throws Exception */ @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { AuthenticationManager manager = super.authenticationManagerBean(); return manager; } /** * 通过HttpSecurity实现Security的自定义过滤配置 * * @param httpSecurity * @throws Exception */ @Override protected void configure(HttpSecurity httpSecurity) throws Exception { httpSecurity .requestMatchers().anyRequest() .and() .authorizeRequests() .antMatchers("/oauth/**").permitAll(); } @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Bean public SelfAuthenticationSuccessHandler selfAuthenticationSuccessHandler() { return SelfAuthenticationSuccessHandler.builder() .objectMapper(objectMapper) .clientDetailsService(clientDetailsService) .passwordEncoder(passwordEncoder()) .authorizationServerTokenServices(defaultAuthorizationServerTokenServices).build(); } @Bean public SelfAuthenticationFailureHandler selfAuthenticationFailureHandler() { return SelfAuthenticationFailureHandler.builder().objectMapper(objectMapper).build(); } @Override public void configure(AuthenticationManagerBuilder auth) { auth.authenticationProvider(webAuthenticationProvider()); auth.authenticationProvider(adminAuthenticationProvider()); auth.authenticationProvider(userIdAuthenticationProvider()); auth.authenticationProvider(partnerAuthenticationProvider()); auth.authenticationProvider(supAuthenticationProvider()); auth.authenticationProvider(phoneAuthenticationProvider()); } @Bean public PartnerAuthenticationProvider partnerAuthenticationProvider() { PartnerAuthenticationProvider provider = new PartnerAuthenticationProvider(); provider.setUserDetailsService(partnerUserDetailsService); provider.setHideUserNotFoundExceptions(false); provider.setPasswordEncoder(passwordEncoder()); return provider; } @Bean public SupAuthenticationProvider supAuthenticationProvider() { SupAuthenticationProvider provider = new SupAuthenticationProvider(); provider.setUserDetailsService(supUserDetailsService); provider.setHideUserNotFoundExceptions(false); provider.setPasswordEncoder(passwordEncoder()); return provider; } /** * 普通登录认证 * * @return */ @Bean public WebAuthenticationProvider webAuthenticationProvider() { WebAuthenticationProvider provider = new WebAuthenticationProvider(); provider.setUserDetailsService(webUserDetailsService); provider.setHideUserNotFoundExceptions(false); provider.setPasswordEncoder(passwordEncoder()); return provider; } /** * 运营登录认证 * * @return */ @Bean public AdminAuthenticationProvider adminAuthenticationProvider() { AdminAuthenticationProvider provider = new AdminAuthenticationProvider(); provider.setUserDetailsService(adminUserDetailsService); provider.setHideUserNotFoundExceptions(false); provider.setPasswordEncoder(passwordEncoder()); return provider; } @Bean public UserIdAuthenticationProvider userIdAuthenticationProvider() { UserIdAuthenticationProvider provider = new UserIdAuthenticationProvider(); provider.setUserDetailsService(wechatUserDetailsService); provider.setHideUserNotFoundExceptions(false); return provider; } /** * 手机验证码登录认证 * * @return */ @Bean public PhoneAuthenticationProvider phoneAuthenticationProvider() { PhoneAuthenticationProvider provider = new PhoneAuthenticationProvider(); provider.setUserDetailsService(phoneUserDetailsService); provider.setHideUserNotFoundExceptions(false); return provider; } }