From 90df5aeb79c78b77cc5a7ce143116ad147103c57 Mon Sep 17 00:00:00 2001
From: houzhongjian <houzhongyi@126.com>
Date: 星期四, 10 四月 2025 14:15:57 +0800
Subject: [PATCH] 增加ServerInfoConfiguration配置

---
 iailab-framework/iailab-common-security/src/main/java/com/iailab/framework/security/config/IailabSecurityAutoConfiguration.java |  118 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 118 insertions(+), 0 deletions(-)

diff --git a/iailab-framework/iailab-common-security/src/main/java/com/iailab/framework/security/config/IailabSecurityAutoConfiguration.java b/iailab-framework/iailab-common-security/src/main/java/com/iailab/framework/security/config/IailabSecurityAutoConfiguration.java
new file mode 100644
index 0000000..4ab66ee
--- /dev/null
+++ b/iailab-framework/iailab-common-security/src/main/java/com/iailab/framework/security/config/IailabSecurityAutoConfiguration.java
@@ -0,0 +1,118 @@
+package com.iailab.framework.security.config;
+
+import cn.hutool.extra.spring.SpringUtil;
+import com.iailab.framework.security.core.aop.PreAuthenticatedAspect;
+import com.iailab.framework.security.core.context.TransmittableThreadLocalSecurityContextHolderStrategy;
+import com.iailab.framework.security.core.filter.TokenAuthenticationFilter;
+import com.iailab.framework.security.core.handler.AccessDeniedHandlerImpl;
+import com.iailab.framework.security.core.handler.AuthenticationEntryPointImpl;
+import com.iailab.framework.security.core.service.SecurityFrameworkService;
+import com.iailab.framework.security.core.service.SecurityFrameworkServiceImpl;
+import com.iailab.framework.web.core.handler.GlobalExceptionHandler;
+import com.iailab.module.system.api.oauth2.OAuth2TokenApi;
+import com.iailab.module.system.api.permission.PermissionApi;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
+import org.springframework.boot.autoconfigure.AutoConfiguration;
+import org.springframework.boot.autoconfigure.AutoConfigureOrder;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.AuthenticationEntryPoint;
+import org.springframework.security.web.access.AccessDeniedHandler;
+
+import javax.annotation.Resource;
+
+/**
+ * Spring Security 自动配置类，主要用于相关组件的配置
+ *
+ * 注意，不能和 {@link IailabWebSecurityConfigurerAdapter} 用一个，原因是会导致初始化报错。
+ * 参见 https://stackoverflow.com/questions/53847050/spring-boot-delegatebuilder-cannot-be-null-on-autowiring-authenticationmanager 文档。
+ *
+ * @author iailab
+ */
+@AutoConfiguration
+@AutoConfigureOrder(-1) // 目的：先于 Spring Security 自动配置，避免一键改包后，org.* 基础包无法生效
+@EnableConfigurationProperties(SecurityProperties.class)
+public class IailabSecurityAutoConfiguration {
+
+    @Resource
+    private SecurityProperties securityProperties;
+
+    /**
+     * 处理用户未登录拦截的切面的 Bean
+     */
+    @Bean
+    public PreAuthenticatedAspect preAuthenticatedAspect() {
+        return new PreAuthenticatedAspect();
+    }
+
+    /**
+     * 认证失败处理类 Bean
+     */
+    @Bean
+    public AuthenticationEntryPoint authenticationEntryPoint() {
+        return new AuthenticationEntryPointImpl();
+    }
+
+    /**
+     * 权限不够处理器 Bean
+     */
+    @Bean
+    public AccessDeniedHandler accessDeniedHandler() {
+        return new AccessDeniedHandlerImpl();
+    }
+
+    /**
+     * Spring Security 加密器
+     * 考虑到安全性，这里采用 BCryptPasswordEncoder 加密器
+     *
+     * @see <a href="http://stackabuse.com/password-encoding-with-spring-security/">Password Encoding with Spring Security</a>
+     */
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder(securityProperties.getPasswordEncoderLength());
+    }
+
+    /**
+     * Token 认证过滤器 Bean
+     */
+    @Bean
+    public TokenAuthenticationFilter authenticationTokenFilter(GlobalExceptionHandler globalExceptionHandler,
+                                                               OAuth2TokenApi oauth2TokenApi) {
+        try {
+            OAuth2TokenApi oAuth2TokenApi = SpringUtil.getBean("aAuth2TokenApiImpl", OAuth2TokenApi.class);
+            if (oAuth2TokenApi != null) {
+                oauth2TokenApi = oAuth2TokenApi;
+            }
+        } catch (Exception ignored) {}
+        return new TokenAuthenticationFilter(securityProperties, globalExceptionHandler, oauth2TokenApi);
+    }
+
+    @Bean("ss") // 使用 Spring Security 的缩写，方便使用
+    public SecurityFrameworkService securityFrameworkService(PermissionApi permissionApi) {
+        try {
+            PermissionApi permissionApiImpl = SpringUtil.getBean("permissionApiImpl", PermissionApi.class);
+            if (permissionApiImpl != null) {
+                permissionApi = permissionApiImpl;
+            }
+        } catch (Exception ignored) {}
+        return new SecurityFrameworkServiceImpl(permissionApi);
+    }
+
+    /**
+     * 声明调用 {@link SecurityContextHolder#setStrategyName(String)} 方法，
+     * 设置使用 {@link TransmittableThreadLocalSecurityContextHolderStrategy} 作为 Security 的上下文策略
+     */
+    @Bean
+    public MethodInvokingFactoryBean securityContextHolderMethodInvokingFactoryBean() {
+        MethodInvokingFactoryBean methodInvokingFactoryBean = new MethodInvokingFactoryBean();
+        methodInvokingFactoryBean.setTargetClass(SecurityContextHolder.class);
+        methodInvokingFactoryBean.setTargetMethod("setStrategyName");
+        methodInvokingFactoryBean.setArguments(TransmittableThreadLocalSecurityContextHolderStrategy.class.getName());
+        return methodInvokingFactoryBean;
+    }
+
+}

--
Gitblit v1.9.3