Browse Source

:recycle: 重构代码。@EnablePigxResoureServer 一个注解接入OAuth

冷冷 6 years ago
parent
commit
584569ce3c
25 changed files with 151 additions and 169 deletions
  1. 1 1
      pigx-auth/pom.xml
  2. 2 2
      pigx-common/pigx-common-cache/pom.xml
  3. 2 2
      pigx-common/pigx-common-gateway/pom.xml
  4. 0 2
      pigx-common/pigx-common-log/src/main/java/com/pig4cloud/pigx/common/log/LogAutoConfiguration.java
  5. 34 1
      pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/annotation/EnablePigxResourceServer.java
  6. 24 3
      pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/component/BaseResourceServerConfigurerAdapter.java
  7. 3 3
      pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/component/PermitAllUrlProperties.java
  8. 21 1
      pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/component/PigxResourceServerAutoConfiguration.java
  9. 1 7
      pigx-common/pigx-common-security/src/main/resources/META-INF/spring.factories
  10. 4 0
      pigx-config/src/main/resources/config/application-dev.yml
  11. 12 41
      pigx-config/src/main/resources/config/pigx-activiti-dev.yml
  12. 4 0
      pigx-config/src/main/resources/config/pigx-upms-dev.yml
  13. 2 2
      pigx-gateway/pom.xml
  14. 4 5
      pigx-gateway/src/main/java/com/pig4cloud/pigx/gateway/filter/ValidateCodeGatewayFilter.java
  15. 2 2
      pigx-upms/pigx-upms-biz/pom.xml
  16. 2 0
      pigx-upms/pigx-upms-biz/src/main/java/com/pig4cloud/pigx/admin/PigxAdminApplication.java
  17. 14 4
      pigx-visual/pigx-activiti/pom.xml
  18. 4 7
      pigx-visual/pigx-activiti/src/main/java/com/pig4cloud/pigx/act/PigxActivitiApplication.java
  19. 2 25
      pigx-visual/pigx-activiti/src/main/java/com/pig4cloud/pigx/act/config/ResourceServerConfigurer.java
  20. 4 26
      pigx-visual/pigx-activiti/src/main/resources/bootstrap.yml
  21. 2 0
      pigx-visual/pigx-codegen/src/main/java/com/pig4cloud/pigx/codegen/PigxCodeGenApplication.java
  22. 1 17
      pigx-visual/pigx-codegen/src/main/java/com/pig4cloud/pigx/codegen/config/ResourceServerConfigurer.java
  23. 4 0
      pigx-visual/pigx-daemon/src/main/java/com/pig4cloud/pigx/daemon/PigxDaemonApplication.java
  24. 1 17
      pigx-visual/pigx-daemon/src/main/java/com/pig4cloud/pigx/daemon/config/ResourceServerConfigurer.java
  25. 1 1
      pigx-visual/pigx-daemon/src/main/resources/bootstrap.yml

+ 1 - 1
pigx-auth/pom.xml

@@ -59,7 +59,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-cache</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<!--spring security 、oauth、jwt依赖-->
 		<dependency>

+ 2 - 2
pigx-common/pigx-common-cache/pom.xml

@@ -24,7 +24,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pigx-common</artifactId>
-		<version>${pigx.version}</version>
+		<version>1.7.0</version>
 	</parent>
 
 	<artifactId>pigx-common-cache</artifactId>
@@ -38,7 +38,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-core</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<!--缓存依赖-->
 		<dependency>

+ 2 - 2
pigx-common/pigx-common-gateway/pom.xml

@@ -24,7 +24,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pigx-common</artifactId>
-		<version>${pigx.version}</version>
+		<version>1.7.0</version>
 	</parent>
 
 	<artifactId>pigx-common-gateway</artifactId>
@@ -36,7 +36,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-core</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.cloud</groupId>

+ 0 - 2
pigx-common/pigx-common-log/src/main/java/com/pig4cloud/pigx/common/log/LogAutoConfiguration.java

@@ -22,7 +22,6 @@ package com.pig4cloud.pigx.common.log;
 import com.pig4cloud.pigx.admin.api.feign.RemoteLogService;
 import com.pig4cloud.pigx.common.log.aspect.SysLogAspect;
 import com.pig4cloud.pigx.common.log.event.SysLogListener;
-import com.pig4cloud.pigx.common.security.feign.EnablePigxFeignClients;
 import lombok.AllArgsConstructor;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
 import org.springframework.context.annotation.Bean;
@@ -35,7 +34,6 @@ import org.springframework.context.annotation.Configuration;
  */
 @Configuration
 @AllArgsConstructor
-@EnablePigxFeignClients
 @ConditionalOnWebApplication
 public class LogAutoConfiguration {
 	private final RemoteLogService remoteLogService;

+ 34 - 1
pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/annotation/EnablePigxResourceServer.java

@@ -1,8 +1,41 @@
-package com.pig4cloud.pigx.common.security;
+/*
+ *    Copyright (c) 2018-2025, lengleng All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * Neither the name of the pig4cloud.com developer nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ * Author: lengleng (wangiegie@gmail.com)
+ */
+
+package com.pig4cloud.pigx.common.security.annotation;
+
+import com.pig4cloud.pigx.common.security.component.PigxResourceServerAutoConfiguration;
+import org.springframework.context.annotation.Import;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
+
+import java.lang.annotation.*;
 
 /**
  * @author lengleng
  * @date 2018/11/10
+ * <p>
+ * 资源服务注解
  */
+@Target({ElementType.TYPE})
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+@Inherited
+@EnableResourceServer
+@Import(PigxResourceServerAutoConfiguration.class)
+@EnableGlobalMethodSecurity(prePostEnabled = true)
 public @interface EnablePigxResourceServer {
 }

+ 24 - 3
pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/component/BaseResourceServerConfigurerAdapter.java

@@ -17,11 +17,16 @@
 
 package com.pig4cloud.pigx.common.security.component;
 
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.client.loadbalancer.LoadBalanced;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
@@ -36,7 +41,11 @@ import org.springframework.web.client.RestTemplate;
  * 1. 支持remoteTokenServices 负载均衡
  * 2. 支持 获取用户全部信息
  */
-public abstract class BaseResourceServerConfigurerAdapter extends ResourceServerConfigurerAdapter {
+@Slf4j
+@Configuration
+@EnableResourceServer
+@EnableGlobalMethodSecurity(prePostEnabled = true)
+public class BaseResourceServerConfigurerAdapter extends ResourceServerConfigurerAdapter {
 	@Autowired
 	protected ResourceAuthExceptionEntryPoint resourceAuthExceptionEntryPoint;
 	@Autowired
@@ -45,16 +54,28 @@ public abstract class BaseResourceServerConfigurerAdapter extends ResourceServer
 	protected RemoteTokenServices remoteTokenServices;
 	@Autowired
 	protected UserDetailsService userDetailsService;
+	@Autowired
+	private PermitAllUrlProperties permitAllUrlProperties;
 
 
 	/**
 	 * 默认的配置,对外暴露
 	 *
-	 * @param http
+	 * @param httpSecurity
 	 * @throws Exception
 	 */
 	@Override
-	public abstract void configure(HttpSecurity http) throws Exception;
+	public void configure(HttpSecurity httpSecurity) throws Exception {
+		//允许使用iframe 嵌套,避免swagger-ui 不被加载的问题
+		httpSecurity.headers().frameOptions().disable();
+		ExpressionUrlAuthorizationConfigurer<HttpSecurity>
+			.ExpressionInterceptUrlRegistry registry = httpSecurity
+			.authorizeRequests();
+		permitAllUrlProperties.getIgnoreUrls()
+			.forEach(url -> registry.antMatchers(url).permitAll());
+		registry.anyRequest().authenticated()
+			.and().csrf().disable();
+	}
 
 	/**
 	 * 提供子类重写

+ 3 - 3
pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/component/PermitAllUrlProperties.java

@@ -33,8 +33,8 @@ import java.util.List;
  */
 @Data
 @Configuration
-@ConditionalOnExpression("!'${ignore}'.isEmpty()")
-@ConfigurationProperties(prefix = "ignore")
+@ConditionalOnExpression("!'${security.oauth2.client.ignore-urls}'.isEmpty()")
+@ConfigurationProperties(prefix = "security.oauth2.client")
 public class PermitAllUrlProperties {
-	private List<String> urls = new ArrayList<>();
+	private List<String> ignoreUrls = new ArrayList<>();
 }

+ 21 - 1
pigx-common/pigx-common-security/src/main/java/com/pig4cloud/pigx/common/security/component/PigxResourceServerAutoConfiguration.java

@@ -1,8 +1,28 @@
-package com.pig4cloud.pigx.common.security;
+/*
+ *    Copyright (c) 2018-2025, lengleng All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * Neither the name of the pig4cloud.com developer nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ * Author: lengleng (wangiegie@gmail.com)
+ */
+
+package com.pig4cloud.pigx.common.security.component;
+
+import org.springframework.context.annotation.ComponentScan;
 
 /**
  * @author lengleng
  * @date 2018/11/10
  */
+@ComponentScan("com.pig4cloud.pigx.common.security")
 public class PigxResourceServerAutoConfiguration {
 }

+ 1 - 7
pigx-common/pigx-common-security/src/main/resources/META-INF/spring.factories

@@ -1,11 +1,5 @@
 org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
   com.pig4cloud.pigx.common.security.filter.TenantIdTtlFilter,\
-  com.pig4cloud.pigx.common.security.component.PermissionService,\
-  com.pig4cloud.pigx.common.security.component.PigAccessDeniedHandler,\
-  com.pig4cloud.pigx.common.security.component.ResourceAuthExceptionEntryPoint,\
-  com.pig4cloud.pigx.common.security.component.PigxResourceServerTokenRelayAutoConfiguration,\
   com.pig4cloud.pigx.common.security.feign.PigxFeignClientConfiguration,\
   com.pig4cloud.pigx.common.security.feign.PigxFeignTenantConfiguration,\
-  com.pig4cloud.pigx.common.security.service.PigxUserDetailsServiceImpl,\
-  com.pig4cloud.pigx.common.security.social.QqSocialConfig,\
-  com.pig4cloud.pigx.common.security.social.WxSocialConfig
+  com.pig4cloud.pigx.common.security.service.PigxUserDetailsServiceImpl

+ 4 - 0
pigx-config/src/main/resources/config/application-dev.yml

@@ -98,6 +98,10 @@ swagger:
 ## spring security 配置
 security:
   oauth2:
+    client:
+      ignore-urls:
+        - '/actuator/**'
+        - '/v2/api-docs'
     resource:
       loadBalanced: true
       token-info-uri: http://pigx-auth/oauth/check_token

+ 12 - 41
pigx-config/src/main/resources/config/pigx-activiti-dev.yml

@@ -2,52 +2,23 @@
 security:
   oauth2:
     client:
-      client-id: ENC(tz2NM4GcmnE7sNJTYL8ZSg==)
-      client-secret: ENC(tz2NM4GcmnE7sNJTYL8ZSg==)
+      client-id: ENC(gPFcUOmJm8WqM3k3eSqS0Q==)
+      client-secret: ENC(gPFcUOmJm8WqM3k3eSqS0Q==)
       scope: server
-
-## 定时任务
+      ignore-urls:
+        - '/service/**'
+        - '/editor-app/**'
+        - '/task/view/*'
+        - '/process/resource/**'
+        - '/modeler.html'
 spring:
-  # 保存定时任务的数据源
+  autoconfigure:
+    exclude: org.activiti.spring.boot.SecurityAutoConfiguration
+  activiti:
+    check-process-definitions: false
   datasource:
     type: com.zaxxer.hikari.HikariDataSource
     driver-class-name: com.mysql.jdbc.Driver
     username: root
     password:  root
     url: jdbc:mysql://pigx-mysql:3306/pigxx?characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=false
-  elasticjob:
-    # 分布式任务协调依赖zookeeper
-    zookeeper:
-      server-lists: pigx-zookeeper:2181
-      namespace: pigx-daemon
-    # 普通任务
-    simples:
-      spring-simple-job:
-        job-class: com.pig4cloud.pigx.daemon.job.PigxSimpleJob
-        cron: 0 0 0/1 * * ?
-        sharding-total-count: 3
-        sharding-item-parameters: 0=service1,1=service2,2=service3
-        eventTraceRdbDataSource: 'dataSource'
-        listener:
-          listener-class: com.pig4cloud.pigx.daemon.listener.PigxElasticJobListener
-      spring-simple-job2:
-        job-class: com.pig4cloud.pigx.daemon.job.PigxSimpleJob2
-        cron: 0 0 0/1 * * ?
-        sharding-total-count: 3
-        sharding-item-parameters: 0=service1,1=service2,2=service3
-        eventTraceRdbDataSource: 'dataSource'
-        listener:
-          listener-class: com.pig4cloud.pigx.daemon.listener.PigxElasticJobListener
-    # 简单任务
-    dataflows:
-      spring-dataflow-job:
-        job-class: com.pig4cloud.pigx.daemon.job.PigxDataflowJob
-        cron: 0 0 0/1 * * ?
-        sharding-total-count: 3
-        sharding-item-parameters: 0=service1,1=service2,2=service3
-        streaming-process: true
-        eventTraceRdbDataSource: 'dataSource'
-        listener:
-          distributed-listener-class: com.pig4cloud.pigx.daemon.listener.PigxDistributeElasticJobListener
-          started-timeout-milliseconds: 5000
-          completed-timeout-milliseconds: 10000

+ 4 - 0
pigx-config/src/main/resources/config/pigx-upms-dev.yml

@@ -5,6 +5,10 @@ security:
       client-id: ENC(ltJPpR50wT0oIY9kfOe1Iw==)
       client-secret: ENC(ltJPpR50wT0oIY9kfOe1Iw==)
       scope: server
+      ignore-urls:
+        - '/user/info/*'
+        - '/social/info/**'
+        - '/log/**'
 
 # 数据源
 spring:

+ 2 - 2
pigx-gateway/pom.xml

@@ -46,7 +46,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-gateway</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<!--配置中心客户端-->
 		<dependency>
@@ -69,7 +69,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-cache</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<!--接口文档-->
 		<dependency>

+ 4 - 5
pigx-gateway/src/main/java/com/pig4cloud/pigx/gateway/filter/ValidateCodeGatewayFilter.java

@@ -23,8 +23,8 @@ import cn.hutool.core.util.StrUtil;
 import com.pig4cloud.pigx.common.core.exception.CheckedException;
 import com.pig4cloud.pigx.common.core.exception.ValidateCodeException;
 import com.pig4cloud.pigx.gateway.config.FilterIgnorePropertiesConfig;
+import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.cloud.gateway.filter.GatewayFilter;
 import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
 import org.springframework.data.redis.core.RedisTemplate;
@@ -43,14 +43,13 @@ import java.io.IOException;
  */
 @Slf4j
 @Component
+@AllArgsConstructor
 public class ValidateCodeGatewayFilter extends AbstractGatewayFilterFactory {
 	public static final String DEFAULT_CODE_KEY = "DEFAULT_CODE_KEY";
 	public static final String OAUTH_TOKEN_URL = "/oauth/token";
 	private static final String BASIC_ = "Basic ";
-	@Autowired
-	private RedisTemplate redisTemplate;
-	@Autowired
-	private FilterIgnorePropertiesConfig filterIgnorePropertiesConfig;
+	private final RedisTemplate redisTemplate;
+	private final FilterIgnorePropertiesConfig filterIgnorePropertiesConfig;
 
 	/**
 	 * 从header 请求中的clientId/clientsecect

+ 2 - 2
pigx-upms/pigx-upms-biz/pom.xml

@@ -49,7 +49,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-cache</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<!--swagger-->
 		<dependency>
@@ -77,7 +77,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-gateway</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<!--mybatis-->
 		<dependency>

+ 2 - 0
pigx-upms/pigx-upms-biz/src/main/java/com/pig4cloud/pigx/admin/PigxAdminApplication.java

@@ -20,6 +20,7 @@
 package com.pig4cloud.pigx.admin;
 
 
+import com.pig4cloud.pigx.common.security.annotation.EnablePigxResourceServer;
 import com.pig4cloud.pigx.common.security.feign.EnablePigxFeignClients;
 import com.pig4cloud.pigx.common.swagger.annotation.EnablePigxSwagger2;
 import org.springframework.boot.SpringApplication;
@@ -33,6 +34,7 @@ import org.springframework.cloud.client.SpringCloudApplication;
 @EnablePigxSwagger2
 @SpringCloudApplication
 @EnablePigxFeignClients
+@EnablePigxResourceServer
 public class PigxAdminApplication {
 	public static void main(String[] args) {
 		SpringApplication.run(PigxAdminApplication.class, args);

+ 14 - 4
pigx-visual/pigx-activiti/pom.xml

@@ -23,7 +23,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pigx-visual</artifactId>
-		<version>${pigx.version}</version>
+		<version>1.7.0</version>
 	</parent>
 
 	<artifactId>pigx-activiti</artifactId>
@@ -32,16 +32,21 @@
 	<description>工作流管理模块</description>
 
 	<dependencies>
+		<!--配置中心客户端-->
+		<dependency>
+			<groupId>org.springframework.cloud</groupId>
+			<artifactId>spring-cloud-starter-config</artifactId>
+		</dependency>
 		<!--common code -->
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-core</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-upms-api</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
 		</dependency>
 		<dependency>
 			<groupId>mysql</groupId>
@@ -106,7 +111,12 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pigx-common-swagger</artifactId>
-			<version>${pigx.version}</version>
+			<version>1.7.0</version>
+		</dependency>
+		<dependency>
+			<groupId>com.pig4cloud</groupId>
+			<artifactId>pigx-common-security</artifactId>
+			<version>1.7.0</version>
 		</dependency>
 		<!--undertow容器-->
 		<dependency>

+ 4 - 7
pigx-visual/pigx-activiti/src/main/java/com/pig4cloud/pigx/act/PigxActivitiApplication.java

@@ -17,22 +17,19 @@
 
 package com.pig4cloud.pigx.act;
 
+import com.pig4cloud.pigx.common.security.annotation.EnablePigxResourceServer;
 import com.pig4cloud.pigx.common.security.feign.EnablePigxFeignClients;
-import org.activiti.spring.boot.SecurityAutoConfiguration;
 import org.springframework.boot.SpringApplication;
-import org.springframework.boot.autoconfigure.SpringBootApplication;
-import org.springframework.cloud.client.circuitbreaker.EnableCircuitBreaker;
-import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
+import org.springframework.cloud.client.SpringCloudApplication;
 
 /**
  * @author lengleng
  * @date 2018/9/25
  * 工作流管理模块
  */
-@EnableCircuitBreaker
-@EnableDiscoveryClient
 @EnablePigxFeignClients
-@SpringBootApplication(exclude = {SecurityAutoConfiguration.class})
+@EnablePigxResourceServer
+@SpringCloudApplication
 public class PigxActivitiApplication {
 
 	public static void main(String[] args) {

+ 2 - 25
pigx-visual/pigx-activiti/src/main/java/com/pig4cloud/pigx/act/config/ResourceServerConfigurer.java

@@ -18,11 +18,7 @@
 package com.pig4cloud.pigx.act.config;
 
 import com.pig4cloud.pigx.common.security.component.BaseResourceServerConfigurerAdapter;
-import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 
 /**
@@ -30,29 +26,10 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Res
  * @date 2018/6/22
  */
 @Configuration
-@EnableResourceServer
-@AllArgsConstructor
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class ResourceServerConfigurer extends BaseResourceServerConfigurerAdapter {
-
-	@Override
-	public void configure(HttpSecurity http) throws Exception {
-		http
-			.headers().frameOptions().disable()
-			.and().authorizeRequests()
-			.antMatchers("/actuator/**"
-				, "/v2/api-docs"
-				, "/service/**"
-				, "/editor-app/**"
-				,"/task/view/*"
-				,"/process/resource/*/*/image"
-				, "/modeler.html").permitAll()
-			.anyRequest().authenticated()
-			.and().csrf().disable();
-	}
+public class  ResourceServerConfigurer extends BaseResourceServerConfigurerAdapter {
 
 	/**
-	 * 重写抽象类实现,不需要调用feign 获取 userdetils
+	 * 重写不需要调用feign 获取 userdetils
 	 *
 	 * @param resources
 	 */

+ 4 - 26
pigx-visual/pigx-activiti/src/main/resources/bootstrap.yml

@@ -4,22 +4,17 @@ server:
 spring:
   application:
     name: pigx-activiti
-  #配置中心
+  # 配置中心
   cloud:
     config:
       fail-fast: true
       name: ${spring.application.name}
-      profile: dev
+      profile: ${spring.profiles.active}
       discovery:
         enabled: true
         service-id: pigx-config
-  datasource:
-    url: jdbc:mysql://lengleng:3306/ac?characterEncoding=UTF-8&useSSL=false
-    username: root
-    password: 123456
-    driver-class-name: com.mysql.jdbc.Driver
-  activiti:
-    check-process-definitions: false
+  profiles:
+    active: dev
 
 # 注册中心配置
 eureka:
@@ -29,20 +24,3 @@ eureka:
     service-url:
       defaultZone: http://pig:pig@lengleng:1025/eureka/
 
-## spring security 配置
-security:
-  oauth2:
-    client:
-      client-id: ENC(gPFcUOmJm8WqM3k3eSqS0Q==)
-      client-secret: ENC(gPFcUOmJm8WqM3k3eSqS0Q==)
-      scope: server
-    resource:
-      token-info-uri: ${security.auth.server}/check_token
-  auth:
-    server: http://lengleng:9999/auth/oauth
-
-# 加解密根密码
-jasypt:
-  encryptor:
-    password: pigx #根密码
-# redis 相关

+ 2 - 0
pigx-visual/pigx-codegen/src/main/java/com/pig4cloud/pigx/codegen/PigxCodeGenApplication.java

@@ -17,6 +17,7 @@
 
 package com.pig4cloud.pigx.codegen;
 
+import com.pig4cloud.pigx.common.security.annotation.EnablePigxResourceServer;
 import com.pig4cloud.pigx.common.security.feign.EnablePigxFeignClients;
 import com.pig4cloud.pigx.common.swagger.annotation.EnablePigxSwagger2;
 import org.springframework.boot.SpringApplication;
@@ -30,6 +31,7 @@ import org.springframework.cloud.client.SpringCloudApplication;
 @EnablePigxSwagger2
 @SpringCloudApplication
 @EnablePigxFeignClients
+@EnablePigxResourceServer
 public class PigxCodeGenApplication {
 
 	public static void main(String[] args) {

+ 1 - 17
pigx-visual/pigx-codegen/src/main/java/com/pig4cloud/pigx/codegen/config/ResourceServerConfigurer.java

@@ -18,11 +18,7 @@
 package com.pig4cloud.pigx.codegen.config;
 
 import com.pig4cloud.pigx.common.security.component.BaseResourceServerConfigurerAdapter;
-import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 
 /**
@@ -30,21 +26,9 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Res
  * @date 2018/6/22
  */
 @Configuration
-@EnableResourceServer
-@AllArgsConstructor
-@EnableGlobalMethodSecurity(prePostEnabled = true)
 public class ResourceServerConfigurer extends BaseResourceServerConfigurerAdapter {
-
-	@Override
-	public void configure(HttpSecurity http) throws Exception {
-		http.authorizeRequests()
-			.antMatchers("/actuator/**", "/v2/api-docs").permitAll()
-			.anyRequest().authenticated()
-			.and().csrf().disable();
-	}
-
 	/**
-	 * 重写抽象类实现,不需要调用feign 获取 userDetailsService
+	 * 重写实现,不需要调用feign 获取 userDetailsService
 	 *
 	 * @param resources
 	 */

+ 4 - 0
pigx-visual/pigx-daemon/src/main/java/com/pig4cloud/pigx/daemon/PigxDaemonApplication.java

@@ -18,6 +18,8 @@
 package com.pig4cloud.pigx.daemon;
 
 import com.pig4cloud.pigx.common.job.annotation.EnablePigxJob;
+import com.pig4cloud.pigx.common.security.annotation.EnablePigxResourceServer;
+import com.pig4cloud.pigx.common.security.feign.EnablePigxFeignClients;
 import org.springframework.boot.SpringApplication;
 import org.springframework.cloud.client.SpringCloudApplication;
 
@@ -27,7 +29,9 @@ import org.springframework.cloud.client.SpringCloudApplication;
  * 分布式任务调度模块
  */
 @EnablePigxJob
+@EnablePigxFeignClients
 @SpringCloudApplication
+@EnablePigxResourceServer
 public class PigxDaemonApplication {
 
 	public static void main(String[] args) {

+ 1 - 17
pigx-visual/pigx-daemon/src/main/java/com/pig4cloud/pigx/daemon/config/ResourceServerConfigurer.java

@@ -18,11 +18,7 @@
 package com.pig4cloud.pigx.daemon.config;
 
 import com.pig4cloud.pigx.common.security.component.BaseResourceServerConfigurerAdapter;
-import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
 
 /**
@@ -30,21 +26,9 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Res
  * @date 2018/6/22
  */
 @Configuration
-@EnableResourceServer
-@AllArgsConstructor
-@EnableGlobalMethodSecurity(prePostEnabled = true)
 public class ResourceServerConfigurer extends BaseResourceServerConfigurerAdapter {
-
-	@Override
-	public void configure(HttpSecurity http) throws Exception {
-		http.authorizeRequests()
-			.antMatchers("/actuator/**", "/v2/api-docs").permitAll()
-			.anyRequest().authenticated()
-			.and().csrf().disable();
-	}
-
 	/**
-	 * 重写抽象类实现,不需要调用feign 获取 userdetils
+	 * 重写实现,不需要调用feign 获取 userdetils
 	 *
 	 * @param resources
 	 */

+ 1 - 1
pigx-visual/pigx-daemon/src/main/resources/bootstrap.yml

@@ -1,5 +1,5 @@
 server:
-  port: 5002
+  port: 5001
 
 spring:
   application: