Spring oauth2 설정 부분.

package com.inspection.oauth2.config.authentication; import javax.sql.DataSource; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices; import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore; import com.inspection.core.InspectionCoreApplication; import com.inspection.core.security.service.InspectionUserServiceImpl; import com.inspection.oauth2.interceptor.RefreshTokenIssueBeforeAccessTokenCheckIntercpetor; @Configuration @EnableAutoConfiguration public class OAuth2AuthorizationConfig { @Configuration @EnableAuthorizationServer // OAuth2 권한 서버 @Import(value = { InspectionCoreApplication.class }) protected static class OAuth2Config extends AuthorizationServerConfigurerAdapter { @Autowired // 암호 권한을 지정할 수 있는 객체 private AuthenticationManager authenticationManager; @Autowired private DataSource dataSource; private BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); @Bean public JdbcTokenStore tokenStore() { return new JdbcTokenStore(dataSource); } @Bean public UserDetailsService userDetailsService() { return new InspectionUserServiceImpl(); } // access token, refresh token을 저장하는 방법을 정의. jdbc를 이용하여 DB에 저장하겠다는 것. // 현재 이게 어떤 내용인지 정확하게 알지 못함. @Bean protected AuthorizationCodeServices authorizationCodeServices() { return new JdbcAuthorizationCodeServices(dataSource); } // 인증 서버 token 발급 부분 설정, @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // client 부분이 문제임. users로 되어있는데 그 부분 테이블 명을 바꿔서 맵핑을 시켜주는 작업이 필요함. endpoints .addInterceptor(new RefreshTokenIssueBeforeAccessTokenCheckIntercpetor(dataSource)) .authorizationCodeServices(authorizationCodeServices()) .tokenStore(tokenStore()) .authenticationManager(authenticationManager) .userDetailsService(userDetailsService()) .approvalStoreDisabled(); } /** * 토큰 발급시 관리 보안 관리하는 부분 */ @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.passwordEncoder(passwordEncoder); } /** * oauth 관련 클라이언트 정보 가져올때 설정 */ @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { // @formatter:off clients.jdbc(dataSource) .passwordEncoder(passwordEncoder); /* .withClient("my-trusted-client") .authorizedGrantTypes("password", "authorization_code", "refresh_token", "implicit") .authorities("ROLE_CLIENT", "ROLE_TRUSTED_CLIENT") .scopes("read", "write", "trust") //.resourceIds("oauth2-resource") .accessTokenValiditySeconds(1800) .and() .withClient("my-client-with-registered-redirect") .authorizedGrantTypes("authorization_code") .authorities("ROLE_CLIENT") .scopes("read", "trust") //.resourceIds("oauth2-resource") .redirectUris("http://anywhere?key=value") .and() .withClient("my-client-with-secret") .authorizedGrantTypes("client_credentials", "password", "refresh_token") .authorities("ROLE_CLIENT") .scopes("read") //.resourceIds("oauth2-resource") .secret("secret") .accessTokenValiditySeconds(1800) .refreshTokenValiditySeconds(0); */ // @formatter:on } } @Configuratioed(); } } }

package com.inspection.oauth2.config.security; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import com.inspection.core.security.service.InspectionUserServiceImpl; @Configuration public class OAuth2SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(final AuthenticationManagerBuilder auth) throws Exception { auth .userDetailsService(userDetailsService()) .passwordEncoder(new BCryptPasswordEncoder()); } @Override @Bean public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); } @Bean public UserDetailsService userDetailsService() { return new InspectionUserServiceImpl(); } }

코어 모듈을 만들고 나머지는 참조하는 형태로 현재 개인적으로 작업하는 것이다.
Spring Security Login과 OAuth2도 같은 user인증 부분을 공유해서 써야 함으로 코드는 저런식으로 만들어졌다.