Upgrade 2.0.0. spring-boot

Author: monkeyk7

others/boot/spring-boot-reference(2.0.0).pdf

@@ -5,35 +5,39 @@ truncate user_privilege;
 -- admin, password is admin  ( All privileges)
 insert into user_(id,guid,create_time,email,password,phone,username,default_user)
 values
-(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'[email protected]','21232f297a57a5a743894a0e4a801fc3','028-1234567','admin',true);
+(21,'29f6004fb1b0466f9572b02bf2ac1be8',now(),'[email protected]','$2a$10$XWN7zOvSLDiyxQnX01KMXuf5NTkkuAUtt23YxUMWaIPURcR7bdULi','028-1234567','admin',1);
+
+insert into user_privilege(user_id,privilege) values (21,'ADMIN');
+insert into user_privilege(user_id,privilege) values (21,'UNITY');
+insert into user_privilege(user_id,privilege) values (21,'MOBILE');
 
 -- unity, password is unity  ( ROLE_UNITY)
 insert into user_(id,guid,create_time,email,password,phone,username,default_user)
 values
-(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@wdcy.cc','439b3a25b555b3bc8667a09a036ae70c','','unity',false);
+(22,'55b713df1c6f423e842ad68668523c49',now(),'unity@andaily.com','$2a$10$gq3eUch/h.eHt20LpboSXeeZinzSLBk49K5KD.Ms4/1tOAJIsrrfq','','unity',0);
 
 insert into user_privilege(user_id,privilege) values (22,'UNITY');
 
 -- mobile, password is mobile  ( ROLE_MOBILE)
 insert into user_(id,guid,create_time,email,password,phone,username,default_user)
 values
-(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@wdcy.cc','532c28d5412dd75bf975fb951c740a30','','mobile',false);
+(23,'612025cb3f964a64a48bbdf77e53c2c1',now(),'mobile@andaily.com','$2a$10$BOmMzLDaoiIQ4Q1pCw6Z4u0gzL01B8bNL.0WUecJ2YxTtHVRIA8Zm','','mobile',0);
 
 insert into user_privilege(user_id,privilege) values (23,'MOBILE');
 
 
 -- initial oauth client details test data
--- 'unity-client'   support browser, js(flash) visit
--- 'mobile-client'  only support mobile-device visit
+-- 'unity-client'   support browser, js(flash) visit,  secret:  unity
+-- 'mobile-client'  only support mobile-device visit,  secret:  mobile
 truncate  oauth_client_details;
 insert into oauth_client_details
 (client_id, resource_ids, client_secret, scope, authorized_grant_types,
 web_server_redirect_uri,authorities, access_token_validity,
 refresh_token_validity, additional_information, create_time, archived, trusted)
 values
-('unity-client','unity-resource', 'unity', 'read,write','authorization_code,refresh_token,implicit',
-null,'ROLE_CLIENT',null,
+('unity-client','sos-resource', '$2a$10$QQTKDdNfj9sPjak6c8oWaumvTsa10MxOBOV6BW3DvLWU6VrjDfDam', 'read','authorization_code,refresh_token,implicit',
+'http://localhost:8080/spring-oauth-server/unity/dashboard','ROLE_CLIENT',null,
 null,null, now(), 0, 0),
-('mobile-client','mobile-resource', 'mobile', 'read,write','password,refresh_token',
+('mobile-client','sos-resource', '$2a$10$uLvpxfvm3CuUyjIvYq7a9OUmd9b3tHFKrUaMyU/jC01thrTdkBDVm', 'read','password,refresh_token',
 null,'ROLE_CLIENT',null,
 null,null, now(), 0, 0);

others/boot/spring-oauth-server.zip

@@ -1,8 +1,8 @@
 -- ###############
 --    create MySQL database , if need create, cancel the comment
 -- ###############
--- create database if not exists oauth2 default character set utf8;
--- use oauth2 set default character = utf8;
+-- create database if not exists oauth2_boot default character set utf8;
+-- use oauth2_boot set default character = utf8;
 
 -- ###############
 --    grant privileges  to oauth2/oauth2

others/database/initial_data.ddl

@@ -1,25 +1,27 @@
 
 
 使用的主要技术与版本号
-*Spring (4.1.6.RELEASE)
-*Spring Security (4.0.4.RELEASE)
-*spring-security-oauth2 (2.0.14.RELEASE)
+*Spring-Boot (2.0.1.RELEASE)
+*spring-security-oauth2 (2.3.0.RELEASE)
 
 
 如何使用?
-1.项目是Maven管理的, 需要本地安装maven(开发用的maven版本号为3.1.0), 还有MySql(开发用的mysql版本号为5.6)
+1.项目是Maven管理的, 需要本地安装maven(开发用的maven版本号为3.3.3), 还有MySql(开发用的mysql版本号为5.6)
 
 2.下载(或clone)项目到本地
 
-3.创建MySQL数据库(如数据库名oauth2), 并运行相应的SQL脚本(脚本文件位于others/database目录),
+3.创建MySQL数据库(数据库名oauth2_boot), 并运行相应的SQL脚本(脚本文件位于others/database目录),
    运行脚本的顺序: initial_db.ddl -> oauth.ddl -> initial_data.ddl
 
-4.修改spring-oauth-server.properties(位于src/resources目录)中的数据库连接信息(包括username, password等)
+4.修改application.properties(位于src/resources目录)中的数据库连接信息(包括username, password等)
 
 5.将本地项目导入到IDE(如Intellij IDEA)中,配置Tomcat(或类似的servlet运行服务器), 并启动Tomcat(默认端口为8080)
    另: 也可通过maven package命令将项目编译为war文件(spring-oauth-server.war),
-         将war放在Tomcat中并启动(注意: 这种方式需要将spring-oauth-server.properties加入到classpath中并正确配置数据库连接信息).
+         将war放在Tomcat中并启动(注意: 这种方式需要将application.properties加入到classpath中并正确配置数据库连接信息).
 
 6.参考oauth_test.txt(位于others目录)的内容并测试之(也可在浏览器中访问相应的地址,如: http://localhost:8080/spring-oauth-server).
 
+7. 运行单元测试时请先创建数据库 oauth2_boot_test, 并依次运行SQL脚本.
+   运行脚本的顺序: initial_db.ddl -> oauth.ddl
+
 

others/database/initial_db.ddl

@@ -3,24 +3,24 @@
 说明:只能使用admin或unity 账号登录才能有权限访问,若使用mobile账号登录将返回Access is denied
 http://localhost:8080/spring-oauth-server/oauth/authorize?client_id=unity-client&redirect_uri=http%3a%2f%2flocalhost%3a8080%2fspring-oauth-server%2funity%2fdashboard&response_type=code&scope=read
 
-说明: 由于mobile-client只支持password,refresh_token, 所以不管用哪个账号登录后都将返回Illegal action
+说明: 由于mobile-client只支持password,refresh_token, 所以不管用哪个账号登录后都将返回 OAuth Error
 http://localhost:8080/spring-oauth-server/oauth/authorize?client_id=mobile-client&redirect_uri=http%3a%2f%2flocalhost%3a8080%2fspring-oauth-server%2fm%2fdashboard&response_type=code&scope=read
 
 
 
 
 响应的URL如:
-http://localhost:8080/spring-oauth-server/unity/dashboard.htm?code=zLl170
+http://localhost:8080/spring-oauth-server/unity/dashboard?code=hGQ8qx
 
 通过code换取access_token [POST]
-http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=zLl170&redirect_uri=http%3a%2f%2flocalhost%3a8080%2fspring-oauth-server%2funity%2fdashboard
+http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=authorization_code&code=hGQ8qx&redirect_uri=http%3a%2f%2flocalhost%3a8080%2fspring-oauth-server%2funity%2fdashboard
 
 
 方式2:基于客户端  (注意参数中的username,password,对应用户的账号,密码) [POST]
-http://localhost:8080/spring-oauth-server/oauth/token?client_id=mobile-client&client_secret=mobile&grant_type=password&scope=read,write&username=mobile&password=mobile
+http://localhost:8080/spring-oauth-server/oauth/token?client_id=mobile-client&client_secret=mobile&grant_type=password&scope=read&username=mobile&password=mobile
 
-说明:由于unity-client不支持password,所以若用unity-client通过password方式去授权,将返回invalid_grant
-http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=password&scope=read,write&username=mobile&password=mobile
+说明:由于unity-client不支持password,所以若用unity-client通过password方式去授权,将返回 invalid_client
+http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&client_secret=unity&grant_type=password&scope=read&username=mobile&password=mobile
 
 
 
@@ -29,7 +29,7 @@ http://localhost:8080/spring-oauth-server/oauth/token?client_id=unity-client&cli
 
 
 获取access_token后访问资源 [GET]
-http://localhost:8080/spring-oauth-server/unity/dashboard.htm?access_token=3420d0e0-ed77-45e1-8370-2b55af0a62e8
+http://localhost:8080/spring-oauth-server/unity/dashboard?access_token=89767569-5b78-4b26-ae2d-d361aa3e6bf9
 
 
 
@@ -38,11 +38,12 @@ http://localhost:8080/spring-oauth-server/oauth/token?client_id=mobile-client&cl
 
 
 Restful OAuth2 Test [POST]
-URL: /oauth2/rest_token
+URL: /oauth/rest_token
 ContentType: application/json
 
 DEMO URL: http://localhost:8080/spring-oauth-server/oauth2/rest_token
-Request Body: {"grant_type":"client_credentials","scope":"read","client_id":"credentials","client_secret":"credentials","username":"user","password":"123"}
+Request Body:
+{"grant_type":"client_credentials","scope":"read","client_id":"credentials","client_secret":"credentials","username":"user","password":"123"}
 
 Response Body:
 {
@@ -56,7 +57,7 @@ Response Body:
 
 
 更多的测试请访问
-http://git.oschina.net/mkk/spring-oauth-client
+https://gitee.com/mkk/spring-oauth-client
 
 
 ------------------------------------------------------------------------------------------------

others/how_to_use.txt

@@ -0,0 +1,11 @@
+
+
+记录 spring-oauth-server 升级到 spring-boot 后的变化
+
+1. client_secret 加密保存
+2. 密码加密方式由 MD5 变成 BCrypt
+3. resourceId 可为可选
+4.增加CSRF支持
+
+
+