Spring Boot + security + 定制 userDetailsService

问题：

解决：

demo 定制 UserDetailsService

package demo.securityud;

import demo.securityud.entity.Role;
import demo.securityud.entity.User;
import demo.securityud.repository.RoleRepo;
import demo.securityud.repository.UserRepo;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;&nbsp; 

@Component
public class CustomeUserDetailsService implements UserDetailsService {

    @Autowired
    UserRepo userRepo;
    @Autowired
    RoleRepo roleRepo;

    public static class CustomeAuthority implements GrantedAuthority {

        private final String authority;

        public CustomeAuthority(String authority) {
            this.authority = authority;
        }

        @Override
        public String getAuthority() {
            return authority;
        }

        @Override
        public String toString() {
            return "CustomeAuthority{" + "authority=" + authority + '}';
        }
        
    }

    public static class CustomeUserDetails implements UserDetails {

        private final User user;
        private final List<Role> roleList;

        public CustomeUserDetails(User user1, List<Role> roleList) {
            this.user = user1;
            this.roleList = roleList;
        }

        @Override
        public Collection<? extends GrantedAuthority> getAuthorities() {
            final List<String> authList = new ArrayList<>();
            if (this.roleList != null) {
                for (Role r : roleList) {
                    final String auth = r.getAuthrities();
                    if (!StringUtils.isEmpty(auth)) {
                        final String[] auths = auth.split(",");
                        for (String s : auths) {
                            final String ts = s.trim();
                            if (!StringUtils.isEmpty(ts) && !authList.contains(ts)) {
                                authList.add(ts);
                            }
                        }
                    }
                }
            }
            final List<GrantedAuthority> ret = authList.stream().map(auth -> new CustomeAuthority(auth)).collect(Collectors.toList());
            return ret;
        }

        @Override
        public String getPassword() {
            return user.getPassword();
        }

        @Override
        public String getUsername() {
            return user.getUsername();
        }

        @Override
        public boolean isAccountNonExpired() {
            return true;
        }

        @Override
        public boolean isAccountNonLocked() {
            return user.getStatus() == 1;
        }

        @Override
        public boolean isCredentialsNonExpired() {
            return true;
        }

        @Override
        public boolean isEnabled() {
            return user.getStatus() == 1;
        }

    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        final User user = userRepo.getByUsername(username);
        if (user == null) {
            throw new UsernameNotFoundException("username:" + username);
        }
        final List<Role> roleList = roleRepo.findByUserId(user.getId());
        CustomeUserDetails ret = new CustomeUserDetails(user, roleList);
        return ret;
    }

}

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

package demo.securityud;

import demo.securityud.entity.Role;

import demo.securityud.entity.User;

import demo.securityud.repository.RoleRepo;

import demo.securityud.repository.UserRepo;

import java.util.ArrayList;

import java.util.Collection;

import java.util.List;

import java.util.stream.Collectors;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;

import org.springframework.security.core.userdetails.UserDetailsService;

import org.springframework.security.core.userdetails.UsernameNotFoundException;

import org.springframework.stereotype.Component;

import org.springframework.util.StringUtils; 

@Component

public class CustomeUserDetailsService implements UserDetailsService {

@Autowired

UserRepo userRepo;

@Autowired

RoleRepo roleRepo;

public static class CustomeAuthority implements GrantedAuthority {

private final String authority;

public CustomeAuthority(String authority) {

this.authority = authority;

}

@Override

public String getAuthority() {

return authority;

}

@Override

public String toString() {

return "CustomeAuthority{" + "authority=" + authority + '}';

}

public static class CustomeUserDetails implements UserDetails {

private final User user;

private final List<Role> roleList;

public CustomeUserDetails(User user1, List<Role> roleList) {

this.user = user1;

this.roleList = roleList;

}

@Override

public Collection<? extends GrantedAuthority> getAuthorities() {

final List<String> authList = new ArrayList<>();

if (this.roleList != null) {

for (Role r : roleList) {

final String auth = r.getAuthrities();

if (!StringUtils.isEmpty(auth)) {

final String[] auths = auth.split(",");

for (String s : auths) {

final String ts = s.trim();

if (!StringUtils.isEmpty(ts) && !authList.contains(ts)) {

authList.add(ts);

}

final List<GrantedAuthority> ret = authList.stream().map(auth -> new CustomeAuthority(auth)).collect(Collectors.toList());

return ret;

}

@Override

public String getPassword() {

return user.getPassword();

}

@Override

public String getUsername() {

return user.getUsername();

}

@Override

public boolean isAccountNonExpired() {

return true;

}

@Override

public boolean isAccountNonLocked() {

return user.getStatus() == 1;

}

@Override

public boolean isCredentialsNonExpired() {

return true;

}

@Override

public boolean isEnabled() {

return user.getStatus() == 1;

}

@Override

public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

final User user = userRepo.getByUsername(username);

if (user == null) {

throw new UsernameNotFoundException("username:" + username);

}

final List<Role> roleList = roleRepo.findByUserId(user.getId());

CustomeUserDetails ret = new CustomeUserDetails(user, roleList);

return ret;

}

package demo.securityud;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().ignoringAntMatchers("/logout")
                .and().logout().invalidateHttpSession(true)
                .and()
                .authorizeRequests()
                .antMatchers("/").permitAll()
                .antMatchers("/user").authenticated()
                .and().formLogin().permitAll()
                .and().logout().permitAll();
    }
}

package demo.securityud;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

@EnableWebSecurity

public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override

protected void configure(HttpSecurity http) throws Exception {

http.csrf().ignoringAntMatchers("/logout")

.and().logout().invalidateHttpSession(true)

.and()

.authorizeRequests()

.antMatchers("/").permitAll()

.antMatchers("/user").authenticated()

.and().formLogin().permitAll()

.and().logout().permitAll();

}

package demo.securityud;

import java.util.Objects;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Component;

@Component
public class SHA256PasswordEncoder implements PasswordEncoder {

    private static final Logger LOG = Logger.getLogger(SHA256PasswordEncoder.class.getName());

    @Override
    public String encode(CharSequence rawPassword) {
        final String ret = DigestUtils.sha256Hex(((String) rawPassword));
        return ret;
    }

    @Override
    public boolean matches(CharSequence rawPassword, String encodedPassword) {
        final String ep = encode(rawPassword);
        LOG.log(Level.INFO, "rawPassword: {0}\t ep:{1}\t encodedPassword:{2}", new Object[]{rawPassword, ep, encodedPassword});
        return Objects.equals(encodedPassword, ep);
    }

}

package demo.securityud;

import java.util.Objects;

import java.util.logging.Level;

import java.util.logging.Logger;

import org.apache.commons.codec.digest.DigestUtils;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.stereotype.Component;

@Component

public class SHA256PasswordEncoder implements PasswordEncoder {

private static final Logger LOG = Logger.getLogger(SHA256PasswordEncoder.class.getName());

@Override

public String encode(CharSequence rawPassword) {

final String ret = DigestUtils.sha256Hex(((String) rawPassword));

return ret;

}

@Override

public boolean matches(CharSequence rawPassword, String encodedPassword) {

final String ep = encode(rawPassword);

LOG.log(Level.INFO, "rawPassword: {0}\t ep:{1}\t encodedPassword:{2}", new Object[]{rawPassword, ep, encodedPassword});

return Objects.equals(encodedPassword, ep);

}

参考：

IT问题

程序员的疑难杂症录

Spring Boot + security + 定制 userDetailsService

发表评论取消回复

发表评论 取消回复

发表评论取消回复