Source

Grails Spring Security Taobao / SpringSecurityTaobaoGrailsPlugin.groovy

import com.mingidea.security.alibaba.AlibabaAuthenticationFilter
import com.mingidea.security.alibaba.AlibabaAuthenticationFilter
import com.mingidea.security.alibaba.AlibabaAuthenticationProvider
import com.mingidea.security.taobao.oauth.TaobaoOAuthAuthenticationFilter
import com.mingidea.security.taobao.oauth.TaobaoOAuthAuthenticationProvider
import com.mingidea.security.taobao.top.TaobaoTopAuthenticationFilter
import com.mingidea.security.taobao.top.TaobaoTopAuthenticationProvider
import org.codehaus.groovy.grails.plugins.springsecurity.SecurityFilterPosition
import org.codehaus.groovy.grails.plugins.springsecurity.SpringSecurityUtils
import org.springframework.security.core.session.SessionRegistryImpl
import org.springframework.security.web.authentication.session.ConcurrentSessionControlStrategy
import org.springframework.security.web.session.ConcurrentSessionFilter

import com.mingidea.security.taobao.*

/**
* @author <a href='mailto:simon.r.leung@gmail.com'>Simon Leung</a>
*/
class SpringSecurityTaobaoGrailsPlugin {
    // the plugin version
    def version = "1.1-BETA-6"
    // the version or versions of Grails the plugin is designed for
    def grailsVersion = "2.1 > *"
    // the other plugins this plugin depends on
    def dependsOn = [springSecurityCore: '1.2.7.3 > *']
    // resources that are excluded from plugin packaging
    List pluginExcludes = [
        'grails-app/domain/**',
        'grails-app/controllers/**',
        'grails-app/views/**',
        'docs/**',
        'src/docs/**',
		'src/groovy/**'
    ]

    def author = "Simon Leung"
    def authorEmail = "simon.r.leung@gmail.com"
    def title = "Spring Security Taobao Plugin"
    def description = "Taobao open api authentication support for the Spring Security plugin."

	def license = "APACHE"
	def developers = [
	        [ name: "Simon Leung", email: "simon.r.leung@gmail.com" ]
		]
	def issueManagement = [ system: "bitbucket", url: "https://bitbucket.org/mingidea/grails-spring-security-taobao/issues" ]
	def scm = [ url: "https://bitbucket.org/mingidea/grails-spring-security-taobao" ]

    // URL to the plugin's documentation
    def documentation = "http://grails.org/plugin/spring-security-taobao"

    def doWithSpring = {
        def conf = SpringSecurityUtils.securityConfig
        if (!conf || !conf.active) {
            return
        }

        SpringSecurityUtils.loadSecondaryConfig 'DefaultTaobaoSecurityConfig'
        // have to get again after overlaying DefaultTaobaoSecurityConfig
        conf = SpringSecurityUtils.securityConfig

        //淘宝OAuth2.0授权
        if (conf.taobao.oauth.active) {
            println 'Configuring Spring Security Taobao OAuth2.0 ...'

            SpringSecurityUtils.registerProvider 'taobaoOAuthAuthenticationProvider'
            SpringSecurityUtils.registerFilter 'taobaoOAuthAuthenticationFilter', conf.taobao.oauth.filter.position

            taobaoOAuthAuthenticationProvider(TaobaoOAuthAuthenticationProvider) {
                appConfigs = conf.taobao.oauth.appConfigs
                authenticationDao = ref('taobaoAuthenticationDao')
            }

            taobaoOAuthAuthenticationFilter(TaobaoOAuthAuthenticationFilter, conf.taobao.oauth.filter.processUrl){
                authenticationManager = ref('authenticationManager')
                sessionAuthenticationStrategy = ref('sessionAuthenticationStrategy')

                //ref to grails spring security core plugin
                authenticationSuccessHandler = ref('authenticationSuccessHandler')
                authenticationFailureHandler = ref('authenticationFailureHandler')
                rememberMeServices = ref('rememberMeServices')
                allowSessionCreation = conf.apf.allowSessionCreation
            }
        }

        // 淘宝TOP授权
        if (conf.taobao.top.active) {
            println 'Configuring Spring Security Taobao Top ...'

            SpringSecurityUtils.registerProvider 'taobaoTopAuthenticationProvider'
            SpringSecurityUtils.registerFilter 'taobaoTopAuthenticationFilter', conf.taobao.top.filter.position

            taobaoTopAuthenticationProvider(TaobaoTopAuthenticationProvider) {
                appSecretMap = conf.taobao.top.appSecretMap
                authenticationDao = ref('taobaoAuthenticationDao')
            }

            taobaoTopAuthenticationFilter(TaobaoTopAuthenticationFilter, conf.taobao.top.filter.processUrl){
                authenticationManager = ref('authenticationManager')
                sessionAuthenticationStrategy = ref('sessionAuthenticationStrategy')

                //ref to grails spring security core plugin
                authenticationSuccessHandler = ref('authenticationSuccessHandler')
                authenticationFailureHandler = ref('authenticationFailureHandler')
                rememberMeServices = ref('rememberMeServices')
                allowSessionCreation = conf.apf.allowSessionCreation
            }
        }

        //阿里巴巴OAuth2.0授权
        if (conf.alibaba.active) {
            println 'Configuring Spring Security Alibaba OAuth2.0 ...'

            // 注册阿里巴巴拦截器
            SpringSecurityUtils.registerProvider 'alibabaAuthenticationProvider'
            SpringSecurityUtils.registerFilter 'alibabaAuthenticationFilter', conf.alibaba.filter.position

            alibabaAuthenticationProvider(AlibabaAuthenticationProvider) {
                appConfigs = conf.alibaba.appConfigs
                authenticationDao = ref('alibabaAuthenticationDao')
            }

            alibabaAuthenticationFilter(AlibabaAuthenticationFilter, conf.alibaba.filter.processUrl){
                authenticationManager = ref('authenticationManager')
                sessionAuthenticationStrategy = ref('sessionAuthenticationStrategy')

                //ref to grails spring security core plugin
                authenticationSuccessHandler = ref('authenticationSuccessHandler')
                authenticationFailureHandler = ref('authenticationFailureHandler')
                rememberMeServices = ref('rememberMeServices')
                allowSessionCreation = conf.apf.allowSessionCreation
            }
        }

        SpringSecurityUtils.registerFilter 'concurrentSessionFilter', SecurityFilterPosition.CONCURRENT_SESSION_FILTER

		concurrentSessionFilter(ConcurrentSessionFilter) {
			sessionRegistry = ref('sessionRegistry')
			expiredUrl = conf.expiredUrl
		}
		
		sessionRegistry(SessionRegistryImpl)

        sessionAuthenticationStrategy(ConcurrentSessionControlStrategy, ref('sessionRegistry')) {
            maximumSessions = conf.maxConcurrentSessions //default is -1 for unlimited sessions
        }
    }

    def doWithApplicationContext = { applicationContext ->
    }
}
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.