新增电话号码验证

base/common-security/readme.MD

@@ -1,12 +1,23 @@
**授权码模式:(一般开放API用)**
注:
    1. 获取客户端的实现逻辑结合自己的客户端用户体系实现 （com.yihu.base.security.rbas.ClientServiceProvider）
第一步
获取code
http://localhost:8060/oauth/authorize?response_type=code&client_id=cwd&redirect_uri=http://example.com&scope=all
参数说明：
response_type=code 固定
scope=all 固定
client_id=cwd 根据用户表中自己定义的填写
redirect_uri=http://example.com 根据用户表中自己定义的填写
第二步 
获取token post请求
http://localhost:8060/oauth/token
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
  
{
     "grant_type":"authorization_code",  
     "grant_type":"authorization_code", 授权模式固定
     "client_id":"cwd",
     "code":"第一步请求获取的code",
     "redirect_uri":"http://example.com",
@@ -14,14 +25,18 @@ header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
}
返回值
{
    "access_token":"bd677e24-2de5-4862-a5e1-8f90a074db42",
    "access_token":"bd677e24-2de5-4862-a5e1-8f90a074db42",   默认2小时过期时间 可以配置 ，由于每次请求都需要验证access_token，所以access_token存储在redis
    "token_type":"bearer",
    "refresh_token":"1427b997-ef94-4061-8940-c71da6549acd",
    "refresh_token":"1427b997-ef94-4061-8940-c71da6549acd",  默认2小时过期时间 可以配置 
    "expires_in":43199,
    "scope":"all"
}
**密码模式（一般自己公司系统用）**
注:  
    1. 获取用户的实现逻辑结合自己的用户体系实现 （org.springframework.security.core.userdetails.UserDetailsService）
    
获取token post请求
http://localhost:8060/oauth/token
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
@@ -42,7 +57,7 @@ header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
    "scope":"all"
}
**刷新token **
**刷新token**
获取token post请求
http://localhost:8060/oauth/token
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
@@ -69,6 +84,8 @@ http://localhost:8060/authentication/form
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
注:  
    1. 获取用户的实现逻辑结合自己的用户体系实现 （org.springframework.security.core.userdetails.UserDetailsService）
body
{
    "username":"test",
@@ -87,6 +104,11 @@ body
**自定义手机号短信验证码登陆**
获取短信
注:  
    1. 短信验证码默认存在redis中(不可配置)
   2. 短信超时时间1分钟(可配置)
   3. 手机号码验证规则可自定义(实现接口com.yihu.base.security.sms.mobile.MobileCheck)
   4. 短信发送器必须自己实现(实现接口com.yihu.base.security.sms.sender.SmsCodeSender)
GET
http://localhost:8060/code/sms
@@ -98,6 +120,8 @@ body
POST
http://localhost:8060/authentication/mobile
注:  
    1. 短信登陆成功验证码会删除
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==

base/common-security/src/main/java/com.yihu.base.security/config/AuthorizationServerConfig.java

@@ -13,6 +13,8 @@ import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
@@ -52,6 +54,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.passwordEncoder(passwordEncoder);
    }
    @Override
@@ -104,6 +107,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
    TokenStore tokenStore() {
        RedisTokenStore redisTokenStore = new RedisTokenStore(redisConnectionFactory);
        redisTokenStore.setPrefix(SecurityProperties.prefix_accesstoken);
        return redisTokenStore;
    }
}

base/common-security/src/main/java/com.yihu.base.security/properties/AccessTokenPorperties.java

@@ -9,12 +9,14 @@ import org.springframework.stereotype.Component;
 */
@Component
public class AccessTokenPorperties {
    @Value("${security.oauth2.token.accessTokenValidityHours}")
    private Integer accessTokenValidityHours = 2; //accesstoken超时时间
    @Value("${security.oauth2.token.accessTokenValidityHours:2}")
    private Integer accessTokenValidityHours ; //accesstoken超时时间
    @Value("${security.oauth2.token.refreshTokenValidityHours}")
    private Integer refreshTokenValidityHours = 2;//刷新token过期时间
    @Value("${security.oauth2.token.refreshTokenValidityHours:2}")
    private Integer refreshTokenValidityHours ;//刷新token过期时间
    @Value("${security.oauth2.token.tokenType:accessToken}")
    private String tokenType;
    public Integer getAccessTokenValidityHours() {
        return accessTokenValidityHours;
@@ -31,4 +33,12 @@ public class AccessTokenPorperties {
    public void setRefreshTokenValidityHours(Integer refreshTokenValidityHours) {
        this.refreshTokenValidityHours = refreshTokenValidityHours;
    }
    public String getTokenType() {
        return tokenType;
    }
    public void setTokenType(String tokenType) {
        this.tokenType = tokenType;
    }
}

base/common-security/src/main/java/com.yihu.base.security/properties/SmsValidateProperties.java

@@ -10,10 +10,10 @@ import org.springframework.stereotype.Component;
@Component
public class SmsValidateProperties {
    @Value("${security.oauth2.sms.expireIn}")
    @Value("${security.oauth2.sms.expireIn:1}")
    private Integer expireIn = 1; //短信验证码过期时间
    @Value("${security.oauth2.sms.length}")
    @Value("${security.oauth2.sms.length:6}")
    private Integer length = 6; //短信验证码过期时间
    public Integer getExpireIn() {

base/common-security/src/main/resources/template.yml

@@ -35,6 +35,7 @@ security:
    token:
      accessTokenValidityHours: 2 # 2小时
      refreshTokenValidityHours: 2 # 2小时
      tokenType: accessToken
    sms:
      expireIn: 1 ##1分钟
      expireIn: 1 ##1分钟过期
      length: 6 #验证码长度

server/svr-discovery/src/main/resources/application.yml

@@ -14,6 +14,11 @@ eureka:
    registry-fetch-interval-seconds: 30 #定期的更新客户端的服务清单 30秒更新一次
    fetch-registry: false #如果是做高可用的发现服务那就要改成true
  server:
    enable-self-preservation: true  ##是否开启自我保护模式，默认为true。
    eviction-interval-timer-in-ms: 60000 ##eureka server清理无效节点的时间间隔，默认60000毫秒，即60秒
#eurika界面的账号密码
security:

svr/svr-demo/readme.MD

@@ -1,88 +0,0 @@
**授权码模式:(一直开放API用)**
获取code
http://localhost:8060/oauth/authorize?response_type=code&client_id=cwd&redirect_uri=http://example.com&scope=all
获取token post请求
http://localhost:8060/oauth/token
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
  
{
     "grant_type":"authorization_code",  
     "client_id":"cwd",
     "code":"第一步请求获取的code",
     "redirect_uri":"http://example.com",
     "scope":"all"
}
返回值
{
    "access_token":"bd677e24-2de5-4862-a5e1-8f90a074db42",
    "token_type":"bearer",
    "refresh_token":"1427b997-ef94-4061-8940-c71da6549acd",
    "expires_in":43199,
    "scope":"all"
}
**密码模式（一般自己公司系统用）**
获取token post请求
http://localhost:8060/oauth/token
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
  
{
     "grant_type":"password",  
     "username":"jojo",
     "password":"123456",
     "scope":"all"
}
返回值
{
    "access_token":"630e2ccc-a5ce-4486-a855-ba755eb3d0d2",
    "token_type":"bearer",
    "refresh_token":"bbb36b54-61b2-4d86-aed3-91c5135174c3",
    "expires_in":43199,
    "scope":"all"
}
**刷新token **
获取token post请求
http://localhost:8060/oauth/token
header:  Basic {appid}:{appsecuri} 加密  例如 Basic Y3dkOmN3ZA==
  
{
     "grant_type":"refresh_token",
     "refresh_token":"all"
}
返回值
{
    "access_token":"630e2ccc-a5ce-4486-a855-ba755eb3d0d2",
    "token_type":"bearer",
    "refresh_token":"bbb36b54-61b2-4d86-aed3-91c5135174c3",
    "expires_in":43199,
    "scope":"all"
}
**自定义账号密码登陆**
POST
http://localhost:8060/authentication/form
header
Authorization  Basic Y3dkOmN3ZA==
body
{
    "username":"test",
    "password":"123456"
}
**自定义手机号短信验证码登陆**
**访问方式**
http://localhost:8060/user
header 
{
"Authorization":"bearer 5fe6b2c3-f69c-4ddc-a36a-367cdf9479a3"      即 bearer accesstoken
}

svr/svr-demo/src/main/resources/application.yml

@@ -41,11 +41,4 @@ quartz:
  overwriteExistingJobs: true ##是否覆盖job
security:
  oauth2:
    token:
      accessTokenValidityHours: 2 # 2小时
      refreshTokenValidityHours: 2 # 2小时
    sms:
      expireIn: 1 ##1分钟
      length: 6 #验证码长度