update

imooc-security-app/src/main/java/com/imooc/security/app/AppSecretException.java

@@ -9,6 +9,11 @@
  */
 public class AppSecretException extends RuntimeException {
 
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = -1629364510827838114L;
+
 	public AppSecretException(String msg){
 		super(msg);
 	}

imooc-security-app/src/main/java/com/imooc/security/app/AppSecurityController.java

@@ -15,34 +15,34 @@
 import org.springframework.web.context.request.ServletWebRequest;
 
 import com.imooc.security.app.social.AppSingUpUtils;
-import com.imooc.security.core.support.SocialUserInfo;
+import com.imooc.security.core.properties.SecurityConstants;
+import com.imooc.security.core.social.SocialController;
+import com.imooc.security.core.social.support.SocialUserInfo;
 
 /**
  * @author zhailiang
  *
  */
 @RestController
-public class AppSecurityController {
+public class AppSecurityController extends SocialController {
 
 	@Autowired
 	private ProviderSignInUtils providerSignInUtils;
 
 	@Autowired
 	private AppSingUpUtils appSingUpUtils;
 
-	@GetMapping("/social/signUp")
+	/**
+	 * 需要注册时跳到这里，返回401和用户信息给前端
+	 * @param request
+	 * @return
+	 */
+	@GetMapping(SecurityConstants.DEFAULT_SOCIAL_USER_INFO_URL)
 	@ResponseStatus(HttpStatus.UNAUTHORIZED)
 	public SocialUserInfo getSocialUserInfo(HttpServletRequest request) {
-		SocialUserInfo userInfo = new SocialUserInfo();
 		Connection<?> connection = providerSignInUtils.getConnectionFromSession(new ServletWebRequest(request));
-		userInfo.setProviderId(connection.getKey().getProviderId());
-		userInfo.setProviderUserId(connection.getKey().getProviderUserId());
-		userInfo.setNickname(connection.getDisplayName());
-		userInfo.setHeadimg(connection.getImageUrl());
-
 		appSingUpUtils.saveConnectionData(new ServletWebRequest(request), connection.createData());
-
-		return userInfo;
+		return buildSocialUserInfo(connection);
 	}
 
 }

imooc-security-app/src/main/java/com/imooc/security/app/authentication/ImoocAuthenctiationFailureHandler.java

@@ -18,11 +18,11 @@
 import org.springframework.stereotype.Component;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.imooc.security.core.properties.LoginResponseType;
-import com.imooc.security.core.properties.SecurityProperties;
 import com.imooc.security.core.support.SimpleResponse;
 
 /**
+ * APP环境下认证失败处理器
+ * 
  * @author zhailiang
  *
  */
@@ -34,10 +34,6 @@ public class ImoocAuthenctiationFailureHandler extends SimpleUrlAuthenticationFa
 	@Autowired
 	private ObjectMapper objectMapper;
 
-	@Autowired
-	private SecurityProperties securityProperties;
-
-
 	/* (non-Javadoc)
 	 * @see org.springframework.security.web.authentication.AuthenticationFailureHandler#onAuthenticationFailure(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, org.springframework.security.core.AuthenticationException)
 	 */
@@ -47,14 +43,9 @@ public void onAuthenticationFailure(HttpServletRequest request, HttpServletRespo
 
 		logger.info("登录失败");
 
-		if (LoginResponseType.JSON.equals(securityProperties.getBrowser().getLoginType())) {
-			response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
-			response.setContentType("application/json;charset=UTF-8");
-			response.getWriter().write(objectMapper.writeValueAsString(new SimpleResponse(exception.getMessage())));
-		}else{
-			super.onAuthenticationFailure(request, response, exception);
-		}
-
+		response.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+		response.setContentType("application/json;charset=UTF-8");
+		response.getWriter().write(objectMapper.writeValueAsString(new SimpleResponse(exception.getMessage())));
 
 	}
 

imooc-security-app/src/main/java/com/imooc/security/app/authentication/ImoocAuthenticationSuccessHandler.java

@@ -29,9 +29,10 @@
 import org.springframework.stereotype.Component;
 
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.imooc.security.core.properties.SecurityProperties;
 
 /**
+ * APP环境下认证成功处理器
+ * 
  * @author zhailiang
  *
  */
@@ -43,9 +44,6 @@ public class ImoocAuthenticationSuccessHandler extends SavedRequestAwareAuthenti
 	@Autowired
 	private ObjectMapper objectMapper;
 
-	@Autowired
-	private SecurityProperties securityProperties;
-
 	@Autowired
 	private ClientDetailsService clientDetailsService;
 

imooc-security-app/src/main/java/com/imooc/security/app/authentication/openid/OpenIdAuthenticationFilter.java

@@ -16,6 +16,8 @@
 import com.imooc.security.core.properties.SecurityConstants;
 
 /**
+ * openId
+ * 
  * @author zhailiang
  *
  */
@@ -31,7 +33,7 @@ public class OpenIdAuthenticationFilter extends AbstractAuthenticationProcessing
 	// ===================================================================================================
 
 	public OpenIdAuthenticationFilter() {
-		super(new AntPathRequestMatcher(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_OPENID, "POST"));
+		super(new AntPathRequestMatcher(SecurityConstants.DEFAULT_SIGN_IN_PROCESSING_URL_OPENID, "POST"));
 	}
 
 	// ~ Methods

imooc-security-app/src/main/java/com/imooc/security/app/social/AppSingUpUtils.java

@@ -18,6 +18,8 @@
 import com.imooc.security.app.AppSecretException;
 
 /**
+ * app环境下替换providerSignInUtils，避免由于没有session导致读不到社交用户信息的问题
+ * 
  * @author zhailiang
  *
  */

imooc-security-app/src/main/java/com/imooc/security/app/SpringSocialConfigurerPostProcessor.java → imooc-security-app/src/main/java/com/imooc/security/app/social/SpringSocialConfigurerPostProcessor.java

@@ -1,14 +1,15 @@
 /**
  * 
  */
-package com.imooc.security.app;
+package com.imooc.security.app.social;
 
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.BeansException;
 import org.springframework.beans.factory.config.BeanPostProcessor;
 import org.springframework.stereotype.Component;
 
-import com.imooc.security.core.social.ImoocSpringSocialConfigurer;
+import com.imooc.security.core.properties.SecurityConstants;
+import com.imooc.security.core.social.support.ImoocSpringSocialConfigurer;
 
 /**
  * @author zhailiang
@@ -32,7 +33,7 @@ public Object postProcessBeforeInitialization(Object bean, String beanName) thro
 	public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
 		if(StringUtils.equals(beanName, "imoocSocialSecurityConfig")){
 			ImoocSpringSocialConfigurer config = (ImoocSpringSocialConfigurer)bean;
-			config.signupUrl("/social/signUp");
+			config.signupUrl(SecurityConstants.DEFAULT_SOCIAL_USER_INFO_URL);
 			return config;
 		}
 		return bean;

imooc-security-app/src/main/java/com/imooc/security/app/validate/code/impl/RedisValidateCodeRepository.java

@@ -17,6 +17,8 @@
 import com.imooc.security.core.validate.code.ValidateCodeType;
 
 /**
+ * 基于redis的验证码存取器，避免由于没有session导致无法存取验证码的问题
+ * 
  * @author zhailiang
  *
  */

imooc-security-app/src/main/java/com/imooc/security/app/ImoocAuthorizationServerConfig.java → imooc-security-app/src/main/java/com/imooc/security/server/ImoocAuthorizationServerConfig.java

@@ -1,7 +1,7 @@
 /**
  * 
  */
-package com.imooc.security.app;
+package com.imooc.security.server;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -26,6 +26,8 @@
 import com.imooc.security.core.properties.SecurityProperties;
 
 /**
+ * 认证服务器配置
+ * 
  * @author zhailiang
  *
  */
@@ -51,9 +53,13 @@ public class ImoocAuthorizationServerConfig extends AuthorizationServerConfigure
 	@Autowired
 	private SecurityProperties securityProperties;
 
+	/**
+	 * 认证及token配置
+	 */
 	@Override
 	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
-		endpoints.tokenStore(tokenStore).authenticationManager(authenticationManager)
+		endpoints.tokenStore(tokenStore)
+				.authenticationManager(authenticationManager)
 				.userDetailsService(userDetailsService);
 
 		if (jwtAccessTokenConverter != null && jwtTokenEnhancer != null) {
@@ -62,27 +68,32 @@ public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws E
 			enhancers.add(jwtTokenEnhancer);
 			enhancers.add(jwtAccessTokenConverter);
 			enhancerChain.setTokenEnhancers(enhancers);
-
 			endpoints.tokenEnhancer(enhancerChain).accessTokenConverter(jwtAccessTokenConverter);
 		}
 
 	}
 
+	/**
+	 * tokenKey的访问权限表达式配置
+	 */
 	public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
-		security.tokenKeyAccess("permitAll()")
-				.checkTokenAccess("isAuthenticated()")
-				.allowFormAuthenticationForClients();
+		security.tokenKeyAccess("permitAll()");
 	}
 
+	/**
+	 * 客户端配置
+	 */
 	@Override
 	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
 		InMemoryClientDetailsServiceBuilder builder = clients.inMemory();
 		if (ArrayUtils.isNotEmpty(securityProperties.getOauth2().getClients())) {
 			for (OAuth2ClientProperties client : securityProperties.getOauth2().getClients()) {
-				builder.withClient(client.getClientId()).secret(client.getClientSecret())
+				builder.withClient(client.getClientId())
+						.secret(client.getClientSecret())
 						.authorizedGrantTypes("refresh_token", "authorization_code", "password")
 						.accessTokenValiditySeconds(client.getAccessTokenValidateSeconds())
-						.refreshTokenValiditySeconds(2592000).scopes("all");
+						.refreshTokenValiditySeconds(2592000)
+						.scopes("all");
 			}
 		}
 	}

imooc-security-app/src/main/java/com/imooc/security/app/ImoocResourceServerConfig.java → imooc-security-app/src/main/java/com/imooc/security/server/ImoocResourceServerConfig.java

@@ -1,7 +1,7 @@
 /**
  * 
  */
-package com.imooc.security.app;
+package com.imooc.security.server;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
@@ -13,13 +13,14 @@
 import org.springframework.social.security.SpringSocialConfigurer;
 
 import com.imooc.security.app.authentication.openid.OpenIdAuthenticationSecurityConfig;
+import com.imooc.security.core.authentication.FormAuthenticationConfig;
 import com.imooc.security.core.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
 import com.imooc.security.core.authorize.AuthorizeConfigManager;
-import com.imooc.security.core.properties.SecurityConstants;
-import com.imooc.security.core.properties.SecurityProperties;
 import com.imooc.security.core.validate.code.ValidateCodeSecurityConfig;
 
 /**
+ * 资源服务器配置
+ * 
  * @author zhailiang
  *
  */
@@ -46,19 +47,15 @@ public class ImoocResourceServerConfig extends ResourceServerConfigurerAdapter {
 	private SpringSocialConfigurer imoocSocialSecurityConfig;
 
 	@Autowired
-	private SecurityProperties securityProperties;
+	private AuthorizeConfigManager authorizeConfigManager;
 
 	@Autowired
-	private AuthorizeConfigManager authorizeConfigManager;
+	private FormAuthenticationConfig formAuthenticationConfig;
 
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
 
-		http.formLogin()
-			.loginPage(SecurityConstants.DEFAULT_UNAUTHENTICATION_URL)
-			.loginProcessingUrl(SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_FORM)
-			.successHandler(imoocAuthenticationSuccessHandler)
-			.failureHandler(imoocAuthenticationFailureHandler);
+		formAuthenticationConfig.configure(http);
 
 		http.apply(validateCodeSecurityConfig)
 				.and()

imooc-security-app/src/main/java/com/imooc/security/app/jwt/ImoocJwtTokenEnhancer.java → imooc-security-app/src/main/java/com/imooc/security/server/TokenJwtEnhancer.java

@@ -1,7 +1,7 @@
 /**
  * 
  */
-package com.imooc.security.app.jwt;
+package com.imooc.security.server;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -15,7 +15,7 @@
  * @author zhailiang
  *
  */
-public class ImoocJwtTokenEnhancer implements TokenEnhancer {
+public class TokenJwtEnhancer implements TokenEnhancer {
 
 	/* (non-Javadoc)
 	 * @see org.springframework.security.oauth2.provider.token.TokenEnhancer#enhance(org.springframework.security.oauth2.common.OAuth2AccessToken, org.springframework.security.oauth2.provider.OAuth2Authentication)