# spring-authorization-server

**Repository Path**: yyyyjinying/spring-authorization-server

## Basic Information

- **Project Name**: spring-authorization-server
- **Description**: 最新版本的认证授权，认证服务器 资源服务器， 客户端
- **Primary Language**: Unknown
- **License**: Not specified
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2024-12-04
- **Last Updated**: 2025-05-02

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# 登录
Authorization Basic enkxOTA0ODA3ODQ2ODE4NzQ2MzY5OjQ0YWYzOWIxMWU2ZmYwM2UzMDNhMjFhYjJjOTQ2ZmFm
admin
admin

/auth/userinfo
get Authorization Bearer access_token
openid

var code=ke.response.data.code;
if(code==200){
var token=ke.response.data.data.access_token;
ke.global.setAllHeader("token",token);
}

# 修改支持POST和GET请求
```java

@Data
@JsonIgnoreProperties(ignoreUnknown = true) // 标注 UserDetail 类以忽略未知属性
@NoArgsConstructor
public class SysQueryUserDTO extends PageParam {
    private String username;
}

 @RequestMapping(value = "page", method = {RequestMethod.POST, RequestMethod.GET})
    @Operation(summary = "分页")
    public Result<PageData<SysDictDataDTO>> page(@RequestParam Map<String, Object> params) {
        PageData<SysDictDataDTO> page = sysDictDataService.page(params);
        return new Result<PageData<SysDictDataDTO>>().ok(page);
    }
```

# 所有的授权请求都必须是oauth2/token 9526端口，是授权服务器的端口

nacos_host=1.92.142.112;nacos_namespace=local;nacos_group=QAR_CLOUD_GROUP;nacos_port=8848;nacos_username=nacos;nacos_password=nacos
# 本地接口占用
netstat -ano | findstr :8082
关闭指定进程4044
taskkill /f /pid 4044
taskkill /pid 11564 /f

清空java进程 taskkill -f -t -im java.ex
# 新增模块
必须要修改：
gateway-server-local.yaml
spring_common.yaml
```yml
snowflakes:
  lists:
    - host: 192.168.216.1
      port: 9526
      worker-id: 1
      datacenter-id: 2
    - host: 192.168.216.1
      port: 8001
      worker-id: 1
      datacenter-id: 1
    - host: 192.168.216.1
      port: 8002
      worker-id: 1
      datacenter-id: 3
    - host: 192.168.216.1
      port: 8003
      worker-id: 1
      datacenter-id: 4
```
# 本地idea启动服务
nacos_host=node1;nacos_namespace=local;nacos_group=QAR_CLOUD_GROUP;nacos_port=8848;nacos_username=nacos;nacos_password=nacos
# http://localhost:7070/doc.html异常
先启动除去gateway服务的其他服务在启动gateway服务
# 配置swagger
注解
@Schema(description = "")会报错
```java
@ApiOperationSupport(order = 42,includeParameters = {"ignoreP1.ignoreLabels.code","ignoreP1.longUser.ids"})
@ApiOperation(value = "包含参数值-JSON类型1")
@PostMapping("/exc3")
public Rest<IgnoreP1> findAllc3(@RequestBody IgnoreP1 ignoreP1) {
    Rest<IgnoreP1> r=new Rest<>();
    r.setData(ignoreP1);
    return r;
}
过滤掉UptModel的属性id和属性orderDate类中的id属性,不在界面显示.
@ApiOperationSupport(ignoreParameters = {"id","orderDate.id"})

@ApiOperationSupport(order = 40,includeParameters = {"ignoreLabels","longUser.ids"})

@PostMapping("/createOrder426")
@ApiOperation(value = "jdk-HashMap-动态创建显示参数-无@RequestBody")
@DynamicParameters(name = "CreateOrderHashMapModel",properties = {
        @DynamicParameter(name = "",value = "注解id",example = "X000111",required = true,dataTypeClass = Integer.class),
        @DynamicParameter(name = "name3",value = "订单编号-gson"),
        @DynamicParameter(name = "name1",value = "订单编号1-gson"),
})

@DynamicResponseParameters(name = "CreateOrderHashMapModel",properties = {
        @DynamicParameter(name = "",value = "注解id",example = "X000111",required = true,dataTypeClass = Integer.class),
        @DynamicParameter(name = "name3",value = "订单编号-gson"),
        @DynamicParameter(name = "name1",value = "订单编号1-gson"),
})

@Tag(name = "one")
@Operation(summary = "普通abc请求")
@Hidden

@Data
@AllArgsConstructor
@NoArgsConstructor
public static class AdminLoginDTO {

    @Schema(description = "用户名", required = true, example = "admin")
    @NotBlank(message="{sysuser.username.require}")
    private String username;

    @Schema(description = "密码", required = true, example = "admin")
    @NotBlank(message="{sysuser.password.require}")
    private String password;
}
```

# 如何启动工程
1. 导入表
```sql
-- mydb.oauth2_authorization definition

CREATE TABLE `oauth2_authorization` (
  `id` varchar(100) NOT NULL,
  `registered_client_id` varchar(100) NOT NULL,
  `principal_name` varchar(200) NOT NULL,
  `authorization_grant_type` varchar(100) NOT NULL,
  `authorized_scopes` varchar(1000) DEFAULT NULL,
  `attributes` blob,
  `state` varchar(500) DEFAULT NULL,
  `authorization_code_value` blob,
  `authorization_code_issued_at` timestamp NULL DEFAULT NULL,
  `authorization_code_expires_at` timestamp NULL DEFAULT NULL,
  `authorization_code_metadata` blob,
  `access_token_value` blob,
  `access_token_issued_at` timestamp NULL DEFAULT NULL,
  `access_token_expires_at` timestamp NULL DEFAULT NULL,
  `access_token_metadata` blob,
  `access_token_type` varchar(100) DEFAULT NULL,
  `access_token_scopes` varchar(1000) DEFAULT NULL,
  `oidc_id_token_value` blob,
  `oidc_id_token_issued_at` timestamp NULL DEFAULT NULL,
  `oidc_id_token_expires_at` timestamp NULL DEFAULT NULL,
  `oidc_id_token_metadata` blob,
  `refresh_token_value` blob,
  `refresh_token_issued_at` timestamp NULL DEFAULT NULL,
  `refresh_token_expires_at` timestamp NULL DEFAULT NULL,
  `refresh_token_metadata` blob,
  `user_code_value` blob,
  `user_code_issued_at` timestamp NULL DEFAULT NULL,
  `user_code_expires_at` timestamp NULL DEFAULT NULL,
  `user_code_metadata` blob,
  `device_code_value` blob,
  `device_code_issued_at` timestamp NULL DEFAULT NULL,
  `device_code_expires_at` timestamp NULL DEFAULT NULL,
  `device_code_metadata` blob,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3;


-- mydb.oauth2_authorization_consent definition

CREATE TABLE `oauth2_authorization_consent` (
  `registered_client_id` varchar(100) NOT NULL,
  `principal_name` varchar(200) NOT NULL,
  `authorities` varchar(1000) NOT NULL,
  PRIMARY KEY (`registered_client_id`,`principal_name`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3;


-- mydb.oauth2_registered_client definition

CREATE TABLE `oauth2_registered_client` (
  `id` varchar(100) NOT NULL,
  `client_id` varchar(100) NOT NULL,
  `client_id_issued_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
  `client_secret` varchar(200) DEFAULT NULL,
  `client_secret_expires_at` timestamp NULL DEFAULT NULL,
  `client_name` varchar(200) NOT NULL,
  `client_authentication_methods` varchar(1000) NOT NULL,
  `authorization_grant_types` varchar(1000) NOT NULL,
  `redirect_uris` varchar(1000) DEFAULT NULL,
  `post_logout_redirect_uris` varchar(1000) DEFAULT NULL,
  `scopes` varchar(1000) NOT NULL,
  `client_settings` varchar(2000) NOT NULL,
  `token_settings` varchar(2000) NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3;


-- mydb.user_info definition

CREATE TABLE `user_info` (
  `user_id` varchar(64) COLLATE utf8mb4_unicode_ci NOT NULL,
  `username` varchar(100) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
  `age` int DEFAULT NULL,
  `gender` tinyint(1) DEFAULT NULL,
  `remark` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
  `create_time` datetime DEFAULT NULL,
  `create_id` varchar(64) COLLATE utf8mb4_unicode_ci DEFAULT NULL COMMENT 'ID',
  `update_time` datetime DEFAULT NULL,
  `update_id` varchar(64) COLLATE utf8mb4_unicode_ci DEFAULT NULL COMMENT 'ID',
  `enabled` tinyint(1) DEFAULT '1' COMMENT '1-0-',
  PRIMARY KEY (`user_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;

```

2. 执行initClient追加数据
```java
// oauth2项目下的
com.example.authorization.test.initClient 测试方法
```
# 启动zookeeper
/export/server/zookeeper/bin/zk.sh start
/export/server/zookeeper/bin/zk.sh status
# 启动kafka
/export/server/kafka/bin/kafka.sh start
/export/server/kafka/bin/kafka.sh stop
# 查看是否启动
jpsall.sh
=============== node1 ===============
15235 QuorumPeerMain
17262 Kafka
=============== node2 ===============
9336 Kafka
7326 QuorumPeerMain
=============== node3 ===============
10705 Kafka
8682 QuorumPeerMain
# 查看是否启动
kafka-broker-api-versions.sh --bootstrap-server node1:9092,node2:9092,node3:9092

12153 ConnectDistributed

kill  -9 12153
‌依赖范围或插件冲突‌
‌检查 scope 配置‌：
若子模块依赖的库被标记为 test 或 provided，运行时可能缺失相关类‌3


#### oauth2.1 特性
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-oauth2.1.md

#### Spring Authorization Server 
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-sas.md

#### PKCE扩展
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-pkce.md

#### 集成数据库
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-db.md

#### 问题发现
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-ex.md

#### 自定义系列
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-zdy.md

#### 设备授权
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-device.md

#### 扩展 Grant Type
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-ext.md

#### oauth2 登录
https://gitee.com/heguangchuan/spring-security-oauth2/blob/master/README-login.md

#### 项目实战
下面的项目就是基于整个 Spring Authorizaton Server 实现的一个简单的RBAC模型的后台管理系统,BUG可能很多，因为没测试也没时间，欢迎加入共同来实现！

| 项目                | 说明          | 地址                                               |
|-------------------|-------------|--------------------------------------------------|
| shoulder-platform | 平台组件库       | https://gitee.com/heguangchuan/shoulder-platform |
| shoulder-cloud    | 平台Cloud版本实现 | https://gitee.com/heguangchuan/shoulder-cloud    |
| shoulder          | 平台Boot单体实现  | https://gitee.com/heguangchuan/shoulder          |
| shoulder-ui       | 平台前端项目            | https://gitee.com/heguangchuan/shoulder-ui       |