add spring cloud eureka support

melthaw · Jan 12, 2018 · d0597de · d0597de
1 parent 10a2a05
commit d0597de
Show file tree

Hide file tree

Showing 14 changed files with 477 additions and 67 deletions.
diff --git a/README.zh_CN.md b/README.zh_CN.md
@@ -29,7 +29,7 @@
 
 ## 代码构建
 
-目前支持支持gradle
+目前只支持gradle
 
 ```
 gradle clean build

diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle
@@ -1,5 +1,6 @@
 ext {
-    version_spring_boot = "1.3.3.RELEASE";
+    springBootVersion = "1.3.5.RELEASE"
+    springCloudVersion = "Brixton.RELEASE"
 
     libs = [
             commons          : [
@@ -37,30 +38,30 @@ ext {
                     "com.aliyun:aliyun-java-sdk-sms:3.0.0-rc1"
             ],
             springBoot       : [
-                    "org.springframework.boot:spring-boot-starter:${version_spring_boot}",
-                    "org.springframework.boot:spring-boot-starter-web:${version_spring_boot}",
-                    "org.springframework.boot:spring-boot-starter-mail:${version_spring_boot}",
-                    "org.springframework.boot:spring-boot-starter-aop:${version_spring_boot}",
-                    "org.springframework.boot:spring-boot-devtools:${version_spring_boot}"
+                    "org.springframework.boot:spring-boot-starter:${springBootVersion}",
+                    "org.springframework.boot:spring-boot-starter-web:${springBootVersion}",
+                    "org.springframework.boot:spring-boot-starter-mail:${springBootVersion}",
+                    "org.springframework.boot:spring-boot-starter-aop:${springBootVersion}",
+                    "org.springframework.boot:spring-boot-devtools:${springBootVersion}"
             ],
             springThymeleaf  : [
-                    "org.springframework.boot:spring-boot-starter-thymeleaf:${version_spring_boot}",
+                    "org.springframework.boot:spring-boot-starter-thymeleaf:${springBootVersion}",
                     "org.thymeleaf.extras:thymeleaf-extras-springsecurity3:2.1.2.RELEASE"
             ],
             springDataMongodb: [
-                    "org.springframework.boot:spring-boot-starter-data-mongodb:${version_spring_boot}",
+                    "org.springframework.boot:spring-boot-starter-data-mongodb:${springBootVersion}",
             ],
             springSecurity   : [
-                    "org.springframework.boot:spring-boot-starter-security:${version_spring_boot}"
+                    "org.springframework.boot:spring-boot-starter-security:${springBootVersion}"
             ],
             springOAuth2     : [
                     "org.springframework.security.oauth:spring-security-oauth2:2.0.7.RELEASE"
             ],
             springRedis      : [
-                    "org.springframework.boot:spring-boot-starter-redis:${version_spring_boot}"
+                    "org.springframework.boot:spring-boot-starter-redis:${springBootVersion}"
             ],
             springBootTomcat : [
-                    "org.springframework.boot:spring-boot-starter-tomcat:${version_spring_boot}"
+                    "org.springframework.boot:spring-boot-starter-tomcat:${springBootVersion}"
             ],
             jackson2         : [
                     "com.fasterxml.jackson.core:jackson-annotations:2.4.0",
@@ -76,7 +77,7 @@ ext {
             ],
             test             : [
                     "junit:junit:4.11",
-                    "org.springframework.boot:spring-boot-starter-test:${version_spring_boot}",
+                    "org.springframework.boot:spring-boot-starter-test:${springBootVersion}",
                     "org.springframework.security:spring-security-test:4.0.1.RELEASE",
                     "com.github.fakemongo:fongo:1.6.5"
             ]

diff --git a/message/sms/aliyun/src/test/java/in/clouthink/daas/sbb/sms/AliyunTestCase.java b/message/sms/aliyun/src/test/java/in/clouthink/daas/sbb/sms/AliyunTestCase.java
diff --git a/openapi/doc/build.gradle b/openapi/doc/build.gradle
@@ -8,7 +8,7 @@ buildscript {
     }
 
     dependencies {
-        classpath("org.springframework.boot:spring-boot-gradle-plugin:${version_spring_boot}")
+        classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
     }
 }
 

diff --git a/openapi/eureka/build.gradle b/openapi/eureka/build.gradle
@@ -0,0 +1,53 @@
+buildscript {
+    repositories {
+        mavenCentral()
+    }
+    dependencies {
+        classpath "org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}"
+    }
+}
+
+apply plugin: "io.spring.dependency-management"
+
+dependencyManagement {
+    imports {
+        mavenBom "org.springframework.cloud:spring-cloud-starter-parent:${springCloudVersion}"
+        mavenBom "org.springframework.cloud:spring-cloud-dependencies:${springCloudVersion}"
+    }
+}
+
+apply plugin: 'idea'
+apply plugin: 'spring-boot'
+
+dependencies {
+    compile libs.springDataMongodb
+    compile libs.springSecurity
+    compile libs.daas
+
+    compile "org.springframework.boot:spring-boot-starter"
+    compile "org.springframework.boot:spring-boot-starter-web"
+    compile('org.springframework.cloud:spring-cloud-starter-eureka')
+
+    compile project(':shared')
+    compile project(':security/spring')
+    compile project(':account/starter')
+    compile project(':audit/starter')
+    compile project(':menu/starter')
+    compile project(':rbac/starter')
+    compile project(':sample/news/starter')
+    compile project(':sample/attachment/starter')
+    compile project(':sample/setting/starter')
+    compile project(':message/sms/starter')
+    compile project(':storage/starter')
+
+    testCompile "org.springframework.boot:spring-boot-starter-test"
+}
+
+bootRun {
+    if (project.hasProperty('jvmArgs')) {
+        jvmArgs project.jvmArgs.split('\\s+')
+    }
+    if (project.hasProperty('args')) {
+        args project.args.split('\\s+')
+    }
+}
diff --git a/openapi/eureka/gradle.properties b/openapi/eureka/gradle.properties
@@ -0,0 +1,3 @@
+groupId=in.clouthink.daas.sbb
+artifactId=openapi-eurek
+version=1.0.0.SNAPSHOT
diff --git a/openapi/eureka/src/main/java/in/clouthink/daas/sbb/openapi/OpenApiApplication.java b/openapi/eureka/src/main/java/in/clouthink/daas/sbb/openapi/OpenApiApplication.java
@@ -0,0 +1,60 @@
+package in.clouthink.daas.sbb.openapi;
+
+import in.clouthink.daas.audit.annotation.EnableAudit;
+import in.clouthink.daas.audit.configure.AuditConfigurer;
+import in.clouthink.daas.audit.spi.AuditEventPersister;
+import in.clouthink.daas.sbb.openapi.support.EurekaRestController;
+import in.clouthink.daas.sbb.security.impl.audit.AuditEventPersisterImpl;
+import in.clouthink.daas.sbb.security.impl.audit.SecurityContextAuditImpl;
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration;
+import org.springframework.boot.context.web.ErrorPageFilter;
+import org.springframework.boot.context.web.SpringBootServletInitializer;
+import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Import;
+import org.springframework.scheduling.annotation.EnableAsync;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.context.WebApplicationContext;
+
+@SpringBootApplication
+@EnableAutoConfiguration(exclude = SecurityAutoConfiguration.class)
+@Import({OpenApiWebMvcConfigurer.class, OpenApiSecurityConfigurer.class})
+@EnableEurekaClient
+@EnableAsync
+@EnableAudit
+public class OpenApiApplication extends SpringBootServletInitializer {
+
+    @Bean
+    public EurekaRestController eurekaRestController() {
+        return new EurekaRestController();
+    }
+
+    @Bean
+    public AuditEventPersister auditEventPersisterImpl() {
+        return new AuditEventPersisterImpl();
+    }
+
+    @Bean
+    public AuditConfigurer auditConfigurer() {
+        return result -> {
+            result.setSecurityContext(new SecurityContextAuditImpl());
+            result.setAuditEventPersister(auditEventPersisterImpl());
+            result.setErrorDetailRequired(true);
+        };
+    }
+
+    @Override
+    protected WebApplicationContext run(SpringApplication application) {
+        application.getSources().remove(ErrorPageFilter.class);
+        return super.run(application);
+    }
+
+    public static void main(String[] args) {
+        SpringApplication.run(new Object[]{OpenApiApplication.class}, args);
+    }
+
+}
diff --git a/openapi/eureka/src/main/java/in/clouthink/daas/sbb/openapi/OpenApiSecurityConfigurer.java b/openapi/eureka/src/main/java/in/clouthink/daas/sbb/openapi/OpenApiSecurityConfigurer.java
@@ -0,0 +1,153 @@
+package in.clouthink.daas.sbb.openapi;
+
+import in.clouthink.daas.sbb.rbac.impl.spring.security.RbacWebSecurityExpressionHandler;
+import in.clouthink.daas.sbb.security.impl.spring.UserDetailsAuthenticationProviderImpl;
+import in.clouthink.daas.sbb.security.impl.spring.UserDetailsServiceImpl;
+import in.clouthink.daas.sbb.security.impl.spring.rest.*;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.access.AccessDecisionManager;
+import org.springframework.security.access.AccessDecisionVoter;
+import org.springframework.security.access.expression.SecurityExpressionHandler;
+import org.springframework.security.access.vote.AffirmativeBased;
+import org.springframework.security.access.vote.AuthenticatedVoter;
+import org.springframework.security.access.vote.RoleVoter;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.access.AccessDeniedHandler;
+import org.springframework.security.web.access.expression.WebExpressionVoter;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
+import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
+
+import java.util.ArrayList;
+import java.util.List;
+
+
+@Configuration
+@EnableWebSecurity
+public class OpenApiSecurityConfigurer extends WebSecurityConfigurerAdapter {
+
+    @Bean
+    public AuthenticationProvider authenticationProvider() {
+        return new UserDetailsAuthenticationProviderImpl();
+    }
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        return new UserDetailsServiceImpl();
+    }
+
+    @Bean
+    public AuthenticationSuccessHandler authenticationSuccessHandlerImpl() {
+        return new AuthenticationSuccessHandlerRestImpl();
+    }
+
+    @Bean
+    public AuthenticationFailureHandler authenticationFailureHandlerImpl() {
+        return new AuthenticationFailureHandlerRestImpl();
+    }
+
+    @Bean
+    public AccessDeniedHandler accessDeniedHandlerImpl() {
+        return new AccessDeniedHandlerRestImpl();
+    }
+
+    @Bean
+    public LogoutSuccessHandler logoutSuccessHandlerImpl() {
+        return new LogoutSuccessHandlerRestImpl();
+    }
+
+    @Bean
+    public AuthenticationEntryPoint authenticationEntryPointImpl() {
+        return new AuthenticationEntryPointRestImpl();
+    }
+
+    @Bean
+    public AccessDecisionManager accessDecisionManager() {
+        List<AccessDecisionVoter<? extends Object>> decisionVoters = new ArrayList<>();
+        decisionVoters.add(new RoleVoter());
+        decisionVoters.add(new AuthenticatedVoter());
+        decisionVoters.add(webExpressionVoter());
+        return new AffirmativeBased(decisionVoters);
+    }
+
+    @Bean
+    public WebExpressionVoter webExpressionVoter() {
+        WebExpressionVoter result = new WebExpressionVoter();
+        result.setExpressionHandler(rbacWebSecurityExpressionHandler());
+        return result;
+    }
+
+    @Bean
+    public SecurityExpressionHandler rbacWebSecurityExpressionHandler() {
+        return new RbacWebSecurityExpressionHandler();
+    }
+
+    @Override
+    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.authenticationProvider(authenticationProvider())
+            .eraseCredentials(true)
+            .userDetailsService(userDetailsService());
+    }
+
+    @Override
+    public void configure(WebSecurity web) throws Exception {
+        web.ignoring().antMatchers("/static/**");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        configLogin(http);
+        configAccess(http);
+    }
+
+    private void configLogin(HttpSecurity http) throws Exception {
+        http.csrf()
+            .disable()
+            .formLogin()
+            .loginPage("/login")
+            .permitAll()
+            .successHandler(authenticationSuccessHandlerImpl())
+            .failureHandler(authenticationFailureHandlerImpl())
+            .loginProcessingUrl("/login")
+            .usernameParameter("username")
+            .passwordParameter("password")
+            .and()
+            .logout()
+            .logoutUrl("/logout")
+            .logoutSuccessHandler(logoutSuccessHandlerImpl())
+            .invalidateHttpSession(true)
+            .deleteCookies("JSESSIONID")
+            .permitAll()
+            .and()
+            .rememberMe()
+            .key("SSB#EF871D0AC3C5A2B7DAF6B4DC1E9D119E");
+    }
+
+    private void configAccess(HttpSecurity http) throws Exception {
+        http.headers().frameOptions().disable();
+
+        http.authorizeRequests()
+            .accessDecisionManager(accessDecisionManager())
+            .antMatchers("/", "/static/**", "/login**", "/guest/**", "/info", "/health")
+            .permitAll()
+            .antMatchers("/api/shared/**")
+            .hasRole("USER")
+            .antMatchers("/api/_devops_/**")
+            .hasRole("ADMIN")
+            .antMatchers("/api/**")
+            .access("passRbacCheck")
+            .and()
+            .exceptionHandling()
+            .authenticationEntryPoint(authenticationEntryPointImpl())
+            .accessDeniedHandler(accessDeniedHandlerImpl());
+    }
+
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -8,7 +8,7 @@ buildscript { @@
         }
         dependencies {
-            classpath("org.springframework.boot:spring-boot-gradle-plugin:${version_spring_boot}")
+            classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")
         }
     }
@@ Expand Down @@