springboot版本改为了2.1.5

lab01/authcode-server/pom.xml

@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 	<modelVersion>4.0.0</modelVersion>
 
@@ -14,14 +15,15 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.10.RELEASE</version>
+		<version>2.1.5.RELEASE</version>
 		<relativePath /> <!-- lookup parent from repository -->
 	</parent>
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 		<java.version>1.8</java.version>
+		<oauth2.version>2.3.6.RELEASE</oauth2.version>
 	</properties>
 
 	<dependencies>
@@ -38,8 +40,8 @@
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
+			<version>${oauth2.version}</version>
 		</dependency>
-
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-test</artifactId>

lab01/authcode-server/src/main/java/io/spring2go/authcodeserver/config/OAuth2AuthorizationServer.java

@@ -1,26 +1,26 @@
 package io.spring2go.authcodeserver.config;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 
 //授权服务器配置
 @Configuration
 @EnableAuthorizationServer
-public class OAuth2AuthorizationServer extends
-        AuthorizationServerConfigurerAdapter {
+public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {
 
-    @Override
-    public void configure(ClientDetailsServiceConfigurer clients)
-            throws Exception {
-        clients.inMemory()
-            .withClient("clientapp")
-            .secret("112233")
-            .redirectUris("http://localhost:9001/callback")
-            // 授权码模式
-            .authorizedGrantTypes("authorization_code")
-            .scopes("read_userinfo", "read_contacts");
-    }
+	@Autowired
+	private BCryptPasswordEncoder passwordEncoder;
+
+	@Override
+	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+		clients.inMemory().withClient("clientapp").secret(passwordEncoder.encode("112233"))
+				.redirectUris("http://localhost:9001/callback")
+				// 授权码模式
+				.authorizedGrantTypes("authorization_code").scopes("read_userinfo", "read_contacts");
+	}
 
 }

lab01/authcode-server/src/main/java/io/spring2go/authcodeserver/config/SecurityConfig.java

@@ -0,0 +1,27 @@
+package io.spring2go.authcodeserver.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+	@Override
+	protected void configure(HttpSecurity http) throws Exception { // @formatter:off
+		http.requestMatchers().antMatchers("/login", "/oauth/authorize").and().authorizeRequests().anyRequest()
+				.authenticated().and().formLogin().permitAll().and().csrf().disable();
+	} // @formatter:on
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception { // @formatter:off
+		auth.inMemoryAuthentication().withUser("heshi").password(passwordEncoder().encode("1")).roles("USER");
+	} // @formatter:on
+//
+	@Bean
+	public BCryptPasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+}

lab01/authcode-server/src/main/resources/application.properties

@@ -1,3 +1,4 @@
 # Spring Security Setting
-security.user.name=bobo
-security.user.password=xyz
+spring.security.user.name=heshi
+spring.security.user.password=1
+#server.port=8001

lab01/client-server/pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.10.RELEASE</version>
+		<version>2.1.5.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 
@@ -38,6 +38,7 @@
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
+			<version>2.3.6.RELEASE</version>
 		</dependency>
 
 		<dependency>

lab01/client-server/src/main/java/io/spring2go/clientserver/config/OAuth2AuthorizationServer.java

@@ -1,25 +1,25 @@
 package io.spring2go.clientserver.config;
 
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 
 // 授权服务器配置
 @Configuration
 @EnableAuthorizationServer
-public class OAuth2AuthorizationServer extends
-        AuthorizationServerConfigurerAdapter {
+public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {
 
-    @Override
-    public void configure(ClientDetailsServiceConfigurer clients)
-            throws Exception {
-        clients.inMemory()
-            .withClient("clientdevops")
-            // 密码模式
-            .secret("789")
-            .authorizedGrantTypes("client_credentials")
-            .scopes("devops");
-    }
+	@Autowired
+	private BCryptPasswordEncoder passwordEncoder;
+
+	@Override
+	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+		clients.inMemory().withClient("clientdevops")
+				// 密码模式
+				.secret(passwordEncoder.encode("789")).authorizedGrantTypes("client_credentials").scopes("devops");
+	}
 
 }

lab01/client-server/src/main/java/io/spring2go/clientserver/config/SecurityConfig.java

@@ -0,0 +1,14 @@
+package io.spring2go.clientserver.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+	@Bean
+	public BCryptPasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+}

lab01/implicit-server/pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.10.RELEASE</version>
+		<version>2.1.5.RELEASE</version>
 		<relativePath /> <!-- lookup parent from repository -->
 	</parent>
 
@@ -38,6 +38,7 @@
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
+			<version>2.3.6.RELEASE</version>
 		</dependency>
 
 		<dependency>

lab01/implicit-server/src/main/java/io/spring2go/implicitserver/config/SecurityConfig.java

@@ -0,0 +1,28 @@
+package io.spring2go.implicitserver.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+	@Override
+	protected void configure(HttpSecurity http) throws Exception { // @formatter:off
+		http.requestMatchers().antMatchers("/login", "/oauth/authorize").and().authorizeRequests().anyRequest()
+				.authenticated().and().formLogin().permitAll().and().csrf().disable();
+	} // @formatter:on
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception { // @formatter:off
+		auth.inMemoryAuthentication().withUser("heshi").password(passwordEncoder().encode("1")).roles("USER");
+	} // @formatter:on
+//
+
+	@Bean
+	public BCryptPasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+}

lab01/implicit-server/src/main/resources/application.properties

@@ -1,3 +1,3 @@
 # Spring Security Setting
-security.user.name=bobo
-security.user.password=xyz
+spring.security.user.name=heshi
+spring.security.user.password=1

lab01/password-server/pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.10.RELEASE</version>
+		<version>2.1.5.RELEASE</version>
 		<relativePath /> <!-- lookup parent from repository -->
 	</parent>
 
@@ -38,6 +38,7 @@
 		<dependency>
 			<groupId>org.springframework.security.oauth</groupId>
 			<artifactId>spring-security-oauth2</artifactId>
+			<version>2.3.6.RELEASE</version>
 		</dependency>
 
 		<dependency>

lab01/password-server/src/main/java/io/spring2go/passwordserver/config/OAuth2AuthorizationServer.java

@@ -3,6 +3,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -11,28 +12,23 @@
 // 授权服务器配置
 @Configuration
 @EnableAuthorizationServer
-public class OAuth2AuthorizationServer extends
-        AuthorizationServerConfigurerAdapter {
-
+public class OAuth2AuthorizationServer extends AuthorizationServerConfigurerAdapter {
+	@Autowired
+	private BCryptPasswordEncoder passwordEncoder;
 	// 用户认证
-    @Autowired
-    private AuthenticationManager authenticationManager;
+	@Autowired
+	private AuthenticationManager authenticationManager;
 
-    @Override
-    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
-            throws Exception {
-        endpoints.authenticationManager(authenticationManager);
-    }
+	@Override
+	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+		endpoints.authenticationManager(authenticationManager);
+	}
 
-    @Override
-    public void configure(ClientDetailsServiceConfigurer clients)
-            throws Exception {
-        clients.inMemory()
-            .withClient("clientapp")
-            .secret("112233")
-            // 密码模式
-            .authorizedGrantTypes("password")
-            .scopes("read_userinfo", "read_contacts");
-    }
+	@Override
+	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+		clients.inMemory().withClient("clientapp").secret(passwordEncoder.encode("112233"))
+				// 密码模式
+				.authorizedGrantTypes("password").scopes("read_userinfo", "read_contacts");
+	}
 
 }

lab01/password-server/src/main/java/io/spring2go/passwordserver/config/SecurityConfig.java

@@ -0,0 +1,35 @@
+package io.spring2go.passwordserver.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+	@Override
+	protected void configure(HttpSecurity http) throws Exception { // @formatter:off
+		http.requestMatchers().antMatchers("/login", "/oauth/authorize").and().authorizeRequests().anyRequest()
+				.authenticated().and().formLogin().permitAll().and().csrf().disable();
+	} // @formatter:on
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception { // @formatter:off
+		auth.inMemoryAuthentication().withUser("heshi").password(passwordEncoder().encode("1")).roles("USER");
+	} // @formatter:on
+//
+
+	@Bean
+	@Override
+	public AuthenticationManager authenticationManagerBean() throws Exception {
+		return super.authenticationManagerBean();
+	}
+
+	@Bean
+	public BCryptPasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+}

lab01/password-server/src/main/resources/application.properties

@@ -1,3 +1,3 @@
 # Spring Security Setting
-security.user.name=bobo
-security.user.password=xyz
+spring.security.user.name=heshi
+spring.security.user.password=1

lab02/client-resttemplate/pom.xml

@@ -14,7 +14,7 @@
 	<parent>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-parent</artifactId>
-		<version>1.5.10.RELEASE</version>
+		<version>2.1.5.RELEASE</version>
 		<relativePath/> <!-- lookup parent from repository -->
 	</parent>
 

lab02/client-resttemplate/src/main/java/io/spring2go/clientresttemplate/ClientRestTemplateApplication.java

@@ -10,13 +10,13 @@
 @SpringBootApplication
 public class ClientRestTemplateApplication implements ServletContextInitializer {
 
-    public static void main(String[] args) {
-        SpringApplication.run(ClientRestTemplateApplication.class, args);
-    }
+	public static void main(String[] args) {
+		SpringApplication.run(ClientRestTemplateApplication.class, args);
+	}
 
-    @Override
-    public void onStartup(ServletContext context) throws ServletException {
-        context.getSessionCookieConfig().setName("client-session");
-    }
+	@Override
+	public void onStartup(ServletContext context) throws ServletException {
+		context.getSessionCookieConfig().setName("client-session");
+	}
 
 }