Fix Server-example Unknown user

2 years ago · bb870d243a
parent 8382230f2d
commit bb870d243a
4 changed files with 64 additions and 8 deletions
--- a/threadpool/core/src/main/java/cn/hippo4j/core/enable/BeforeCheckConfiguration.java
+++ b/threadpool/core/src/main/java/cn/hippo4j/core/enable/BeforeCheckConfiguration.java
@ -28,7 +28,6 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.core.env.ConfigurableEnvironment;

 import java.util.Map;
-import java.util.Objects;

 /**
 * Before check configuration.
--- a/threadpool/server/auth/src/main/java/cn/hippo4j/auth/config/RFC7230Config.java
+++ b/threadpool/server/auth/src/main/java/cn/hippo4j/auth/config/RFC7230Config.java
@ -0,0 +1,45 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package cn.hippo4j.auth.config;
+
+import org.springframework.boot.web.embedded.tomcat.TomcatConnectorCustomizer;
+import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
+import org.springframework.boot.web.servlet.server.ConfigurableServletWebServerFactory;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class RFC7230Config {
+
+    /**
+     * Solve the Tomcat RFC7230 problem
+     *
+     * @return
+     */
+    @Bean
+    public ConfigurableServletWebServerFactory webServerFactory() {
+        TomcatServletWebServerFactory factory = new TomcatServletWebServerFactory();
+        factory.addConnectorCustomizers((TomcatConnectorCustomizer) connector -> {
+            connector.setProperty("relaxedQueryChars", "|{}[](),/:;<=>?@[\\]{}\\");
+            connector.setProperty("relaxedPathChars", "|{}[](),/:;<=>?@[\\]{}\\");
+            connector.setProperty("rejectIllegalHeader", "false");
+        });
+
+        return factory;
+    }
+}
--- a/threadpool/server/auth/src/main/java/cn/hippo4j/auth/security/AuthManager.java
+++ b/threadpool/server/auth/src/main/java/cn/hippo4j/auth/security/AuthManager.java
@ -17,13 +17,19 @@

 package cn.hippo4j.auth.security;

+import cn.hippo4j.auth.model.biz.user.LoginUser;
 import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
 import org.springframework.expression.AccessException;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;

 /**
 * Auth manager.
@ -36,6 +42,8 @@ public class AuthManager {

    private final AuthenticationManager authenticationManager;

+    private final UserDetailsService userDetailsService;
+
    /**
     * Resolve token from user.
     *
@ -47,9 +55,11 @@ public class AuthManager {
    @SneakyThrows
    public String resolveTokenFromUser(String userName, String rawPassword) {
        try {
-            UsernamePasswordAuthenticationToken authenticationToken =
-                    new UsernamePasswordAuthenticationToken(userName, rawPassword);
-            authenticationManager.authenticate(authenticationToken);
+            HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+            LoginUser loginUser = new LoginUser();
+            loginUser.setPassword(rawPassword);
+            request.setAttribute("loginUser", loginUser);
+            UserDetails userDetails = userDetailsService.loadUserByUsername(userName);
        } catch (AuthenticationException e) {
            throw new AccessException("Unknown user.");
        }
--- a/threadpool/server/auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java
+++ b/threadpool/server/auth/src/main/java/cn/hippo4j/auth/service/impl/UserDetailsServiceImpl.java
@ -24,6 +24,7 @@ import cn.hippo4j.auth.model.biz.user.LoginUser;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Primary;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
@ -46,6 +47,7 @@ import java.util.Set;
 */
@Slf4j
@Service
+@Primary
 public class UserDetailsServiceImpl implements UserDetailsService {

    @Value("${hippo4j.core.auth.enabled:true}")