ApiBoot Oauth 支持Redis存储token，支持多客户端配置，支持配置token过期时间

Author: hengboy

api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationMemoryServerAutoConfiguration.java

@@ -24,6 +24,7 @@
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.provider.token.TokenStore;
@@ -35,7 +36,7 @@
 
 
 /**
- * ApiBoot 授权服务器内存方式实现
+ * ApiBoot OAuth Memory Away Support
  *
  * @author：恒宇少年 - 于起宇
  * <p>
@@ -55,18 +56,25 @@ public ApiBootAuthorizationMemoryServerAutoConfiguration(ObjectProvider<List<Api
         super(objectProvider, apiBootOauthProperties);
     }
 
+    /**
+     * configuration clients
+     *
+     * @param clients client details service configuration
+     * @throws Exception exception
+     */
     @Override
     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
-        clients.inMemory()
-                .withClient(apiBootOauthProperties.getClientId())
-                .authorizedGrantTypes(apiBootOauthProperties.getGrantTypes())
-                .secret(passwordEncoder().encode(apiBootOauthProperties.getClientSecret()))
-                .scopes(apiBootOauthProperties.getScopes())
-                .resourceIds(apiBootOauthProperties.getResourceId());
+        InMemoryClientDetailsServiceBuilder inMemoryClientDetailsServiceBuilder = clients.inMemory();
+        apiBootOauthProperties.getClients().stream().forEach(client -> inMemoryClientDetailsServiceBuilder.withClient(client.getClientId())
+                .secret(passwordEncoder().encode(client.getClientSecret()))
+                .authorizedGrantTypes(client.getGrantTypes())
+                .scopes(client.getScopes())
+                .resourceIds(client.getResourceId())
+                .accessTokenValiditySeconds(client.getAccessTokenValiditySeconds()));
     }
 
     /**
-     * 配置内存方式令牌存储
+     * memory away token store
      *
      * @return TokenStore
      */

api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootAuthorizationServerRedisAutoConfiguration.java

@@ -0,0 +1,107 @@
+/*
+ * Copyright [2019] [恒宇少年 - 于起宇]
+ *
+ *      Licensed under the Apache License, Version 2.0 (the "License");
+ *      you may not use this file except in compliance with the License.
+ *      You may obtain a copy of the License at
+ *
+ *          http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *      Unless required by applicable law or agreed to in writing, software
+ *      distributed under the License is distributed on an "AS IS" BASIS,
+ *      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *      See the License for the specific language governing permissions and
+ *      limitations under the License.
+ *
+ */
+
+package org.minbox.framework.api.boot.autoconfigure.oauth;
+
+import org.minbox.framework.api.boot.plugin.oauth.ApiBootAuthorizationServerConfiguration;
+import org.minbox.framework.api.boot.plugin.oauth.grant.ApiBootOauthTokenGranter;
+import org.springframework.beans.factory.ObjectProvider;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
+import org.springframework.boot.autoconfigure.data.redis.RedisAutoConfiguration;
+import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.connection.RedisConnectionFactory;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
+import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
+import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
+
+import javax.sql.DataSource;
+
+import java.util.List;
+
+import static org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
+
+/**
+ * @author：恒宇少年 - 于起宇
+ * <p>
+ * DateTime：2019-07-13 09:35
+ * Blog：http://blog.yuqiyu.com
+ * WebSite：http://www.jianshu.com/u/092df3f77bca
+ * Gitee：https://gitee.com/hengboy
+ * GitHub：https://github.com/hengboy
+ */
+@Configuration
+@EnableConfigurationProperties(ApiBootOauthProperties.class)
+@EnableAuthorizationServer
+@ConditionalOnBean(RedisConnectionFactory.class)
+@ConditionalOnClass({ApiBootAuthorizationServerConfiguration.class})
+@ConditionalOnProperty(prefix = API_BOOT_OAUTH_PREFIX, name = "away", havingValue = "redis")
+@AutoConfigureAfter(RedisAutoConfiguration.class)
+public class ApiBootAuthorizationServerRedisAutoConfiguration extends ApiBootAuthorizationServerAutoConfiguration {
+    /**
+     * redis connection factory
+     */
+    private RedisConnectionFactory redisConnectionFactory;
+
+    /**
+     * constructor instance redis connection factory
+     *
+     * @param objectProvider         ApiBoot Token Granter
+     * @param apiBootOauthProperties ApiBoot Oauth Properties
+     * @param redisConnectionFactory Redis Connection Factory
+     */
+    public ApiBootAuthorizationServerRedisAutoConfiguration(ObjectProvider<List<ApiBootOauthTokenGranter>> objectProvider, ApiBootOauthProperties apiBootOauthProperties, RedisConnectionFactory redisConnectionFactory) {
+        super(objectProvider, apiBootOauthProperties);
+        this.redisConnectionFactory = redisConnectionFactory;
+    }
+
+    /**
+     * configuration clients
+     *
+     * @param clients client details service configuration
+     * @throws Exception exception
+     */
+    @Override
+    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+        InMemoryClientDetailsServiceBuilder inMemoryClientDetailsServiceBuilder = clients.inMemory();
+        apiBootOauthProperties.getClients().stream().forEach(client -> inMemoryClientDetailsServiceBuilder.withClient(client.getClientId())
+                .secret(passwordEncoder().encode(client.getClientSecret()))
+                .authorizedGrantTypes(client.getGrantTypes())
+                .scopes(client.getScopes())
+                .resourceIds(client.getResourceId())
+                .accessTokenValiditySeconds(client.getAccessTokenValiditySeconds()));
+    }
+
+    /**
+     * Redis Token Store
+     *
+     * @return TokenStore
+     */
+    @Bean
+    public TokenStore redisTokenStore() {
+        return new RedisTokenStore(redisConnectionFactory);
+    }
+}

api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/oauth/ApiBootOauthProperties.java

@@ -21,6 +21,9 @@
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
+import java.util.ArrayList;
+import java.util.List;
+
 import static org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootOauthProperties.API_BOOT_OAUTH_PREFIX;
 
 /**
@@ -48,30 +51,84 @@ public class ApiBootOauthProperties {
      * @see SecurityAway
      */
     private SecurityAway away = SecurityAway.memory;
+
     /**
      * Oauth2 clientId
+     * 2.1.1. After the RELEASE version, the attribute is discarded and replaced by clients.
      */
+    @Deprecated
     private String clientId = "ApiBoot";
     /**
      * Oauth2 clientSecret
+     * 2.1.1. After the RELEASE version, the attribute is discarded and replaced by clients.
      */
+    @Deprecated
     private String clientSecret = "ApiBootSecret";
     /**
      * 客户端授权类型集合
+     * 2.1.1. After the RELEASE version, the attribute is discarded and replaced by clients.
      */
+    @Deprecated
     private String[] grantTypes = new String[]{"password", "refresh_token"};
     /**
      * 客户端作用域集合
+     * 2.1.1. After the RELEASE version, the attribute is discarded and replaced by clients.
      */
+    @Deprecated
     private String[] scopes = new String[]{"api"};
     /**
      * 资源编号
+     * 2.1.1. After the RELEASE version, the attribute is discarded and replaced by clients.
      */
+    @Deprecated
     private String resourceId = "api";
+
     /**
      * 配置JWT格式化Oauth2返回的token
      */
     private Jwt jwt = new Jwt();
+    /**
+     * configure multiple clients
+     */
+    private List<Client> clients = new ArrayList() {{
+        add(new Client());
+    }};
+
+    /**
+     * Oauth2 Client
+     * Used to configure multiple clients
+     */
+    @Data
+    public static class Client {
+        /**
+         * oauth2 client id
+         */
+        private String clientId = "ApiBoot";
+        /**
+         * oauth2 client secret
+         */
+        private String clientSecret = "ApiBootSecret";
+        /**
+         * oauth2 client grant types
+         * default value is "password,refresh_token"
+         */
+        private String[] grantTypes = new String[]{"password", "refresh_token"};
+        /**
+         * oauth2 client scope
+         * default value is "api"
+         */
+        private String[] scopes = new String[]{"api"};
+        /**
+         * oauth2 application resource id
+         * default value is "api"
+         */
+        private String[] resourceId = new String[]{"api"};
+        /**
+         * oauth2 access token validity seconds
+         * default value is 7200 second
+         */
+        private int accessTokenValiditySeconds = 7200;
+    }
 
     /**
      * 自定义Jwt相关的配置

api-boot-project/api-boot-autoconfigure/src/main/java/org/minbox/framework/api/boot/autoconfigure/security/SecurityAway.java

@@ -38,5 +38,9 @@ public enum SecurityAway {
     /**
      * jdbc方式
      */
-    jdbc
+    jdbc,
+    /**
+     * redis方式
+     */
+    redis
 }

api-boot-project/api-boot-autoconfigure/src/main/resources/META-INF/spring.factories

@@ -5,6 +5,7 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
   org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootResourceServerAutoConfiguration,\
   org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootAuthorizationMemoryServerAutoConfiguration,\
   org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootAuthorizationServerJdbcAutoConfiguration,\
+  org.minbox.framework.api.boot.autoconfigure.oauth.ApiBootAuthorizationServerRedisAutoConfiguration,\
   org.minbox.framework.api.boot.autoconfigure.converter.HttpMessageConverterAutoConfiguration,\
   org.minbox.framework.api.boot.autoconfigure.oss.ApiBootOssAutoConfiguration,\
   org.minbox.framework.api.boot.autoconfigure.sms.ApiBootSmsAutoConfiguration,\

api-boot-project/api-boot-plugins/api-boot-plugin-security/src/main/java/org/minbox/framework/api/boot/plugin/security/userdetails/ApiBootUserDetailsService.java

@@ -47,11 +47,6 @@ public class ApiBootUserDetailsService implements UserDetailsService {
      */
     @Autowired
     private ApplicationContext applicationContext;
-    /**
-     * ApiBoot数据委托类
-     */
-    @Autowired
-    private ApiBootStoreDelegate apiBootStoreDelegate;
 
     /**
      * 根据用户名读取用户基本信息
@@ -65,6 +60,10 @@ public class ApiBootUserDetailsService implements UserDetailsService {
     @Override
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         logger.info("Login user：[{}]", username);
+
+        // find ApiBootStoreDelegate support instance
+        // default is org.minbox.framework.api.boot.plugin.security.delegate.ApiBootDefaultStoreDelegate
+        ApiBootStoreDelegate apiBootStoreDelegate = applicationContext.getBean(ApiBootStoreDelegate.class);
         UserDetails userDetails = apiBootStoreDelegate.loadUserByUsername(username);
 
         // publish loadUserEvent