BLO9
Kotlin 등 개발 관련 포스팅합니다.
Grails and GORM 6 setup oauth2 and mongoDB

Grails 3.2.4GORM6를 사용한다면 RxGORM + MongoDB , RESTfull등을 사용할 수 있다. 위 설정들과 OAuth2 / Spring Security를 이용한 기본적인 Grails서버 세팅을 알아봅시다.

1. Create grails app

grails 명령어 혹은 IDE에서 제공하는 툴로 Grails기본 프로젝트를 생성한다.

2. Install plugins

compile "org.grails.plugins:spring-security-oauth2-provider:3.0.0-RC1"

compile "org.grails.plugins:hibernate5:6.0.6"
compile "org.hibernate:hibernate-ehcache"
runtime "mysql:mysql-connector-java:5.1.40"
compile "org.grails.plugins:rx-gorm-rest-client:1.0.4.RELEASE"
compile "org.grails.plugins:rx-mongodb:6.0.6"

build.gradle

3. Init application db

dataSource:
    pooled: true
    jmxExport: true
    dbCreate: update
    url: jdbc:mysql://localhost/local
    driverClassName: 'com.mysql.jdbc.Driver'
    dialect: org.hibernate.dialect.MySQL5InnoDBDialect
    username: root
    password: ''

application.yml

4. create oauth2 and spring security models

$ grails s2-init-oauth2-provider <package> <client> <authorization-code> <access-token> <refresh-token>
$ grails s2-quickstart <domain-class-package> <user-class-name> <role-class-name> [requestmap-class-name] [--groupClassName=group-class-name]

기본적인 모델과 Application.groovy 생성해줍니다.

6. Url Setting

grails.plugin.springsecurity.controllerAnnotations.staticRules = [
	[pattern: '/oauth/authorize',access: "isFullyAuthenticated() and (request.getMethod().equals('GET') or request.getMethod().equals('POST'))"],
	[pattern: '/oauth/token',    access: "isFullyAuthenticated() and request.getMethod().equals('POST')"],
	...
]
grails.plugin.springsecurity.filterChain.chainMap = [
	[pattern: '/oauth/token',    filters: 'JOINED_FILTERS,-oauth2ProviderFilter,-securityContextPersistenceFilter,-logoutFilter,-authenticationProcessingFilter,-rememberMeAuthenticationFilter,-exceptionTranslationFilter'],
	[pattern: '/**',             filters: 'JOINED_FILTERS,-statelessSecurityContextPersistenceFilter,-oauth2ProviderFilter,-clientCredentialsTokenEndpointFilter,-oauth2BasicAuthenticationFilter,-oauth2ExceptionTranslationFilter'],
	...
]

Application.groovy

7. init

Role roleUser = Role.findOrCreateByAuthority('ROLE_USER')
User user = User.findByUsername('my-user')
if (user == null) {
    user = new User(
            username: 'my-user',
            password: 'my-password',
            enabled: true,
            accountExpired: false,
            accountLocked: false,
            passwordExpired: false
    ).save(flush: true)
}

UserRole.create(user, roleUser, true)

new Client(
        clientId: 'my-client',
        clientSecret: 'my-client-secret',
        authorizedGrantTypes: ['authorization_code', 'refresh_token', 'implicit', 'password', 'client_credentials'],
        authorities: ['ROLE_CLIENT'],
        scopes: ['read', 'write'],
        redirectUris: ['http://myredirect.com']
).save(flush: true)

BootStrap.groovy