zoukankan      html  css  js  c++  java
  • spring cloud 搭建oauth2授权服务 使用redis存储令牌

    依赖

    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-data-redis</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-web</artifactId>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-oauth2</artifactId>
    </dependency>
    

    配置文件

    spring:
      application:
        name: oauth2-server
      redis:
        host: localhost
        port: 6379
        database: 1
    server:
      port: 80
    

    TokenStore

    @Configuration
    public class RedisTokenStoreConfig {
        @Bean
        public TokenStore redisTokenStore(RedisConnectionFactory redisConnectionFactory) {
            return new RedisTokenStore(redisConnectionFactory);
        }
    }
    

    WebSecuritry

    @Configuration
    @EnableWebSecurity
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     	@Override
        protected void configure(HttpSecurity http) throws Exception {
            http
                    // 登陆页
                    .formLogin().permitAll()
                    // 登出页
                    .and().logout().logoutUrl("/logout").logoutSuccessUrl("/")
                    // 其余所有请求全部需要鉴权认证
                    .and().authorizeRequests().anyRequest().authenticated()
                    // 关闭csrf
                    .and().csrf().disable();
        }
        
        @Bean
        public PasswordEncoder passwordEncoder() {
            return NoOpPasswordEncoder.getInstance();// new BCryptPasswordEncoder();
        }
    
        @Bean
        @Override
        public AuthenticationManager authenticationManagerBean() throws Exception {
            return super.authenticationManagerBean();
        }
        
    	@Bean
        public UserDetailsService userDetailsService() {
            return new UserDetailsServiceImpl();
        }
    
        public static class UserDetailsServiceImpl implements UserDetailsService {
    
            @Override
            public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
               ...
            }
        }
    }
    

    AuthorizationServer

    @Configuration
    @EnableAuthorizationServer
    public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
        AuthenticationManager authenticationManager;
        PasswordEncoder passwordEncoder;
        ClientRepository clientRepo;
        TokenStore redisTokenStore;
    
        public AuthorizationServerConfig(AuthenticationManager authenticationManager,
                                         PasswordEncoder passwordEncoder,
                                         ClientRepository clientRepo,
                                         TokenStore redisTokenStore
        ) {
            this.authenticationManager = authenticationManager;
            this.passwordEncoder = passwordEncoder;
            this.clientRepo = clientRepo;
            this.redisTokenStore = redisTokenStore;
        }
    
    
        @Override
        public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        	// 集成websecurity认证
            endpoints.authenticationManager(authenticationManager);
            // 注册redis令牌仓库
            endpoints.tokenStore(redisTokenStore);
        }
    
        @Override
        public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        	// 允许通过form提交客户端认证信息(client_id,client_secret),默认为basic方式认证
            security.allowFormAuthenticationForClients();
            // "/oauth/check_token"端点默认不允许访问
            security.checkTokenAccess("isAuthenticated()");
            // "/oauth/token_key"断点默认不允许访问
            security.tokenKeyAccess("isAuthenticated()");
            // 配置密码编码器
            security.passwordEncoder(passwordEncoder);
        }
    
        @Override
        public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        	// 注册自定义客户端信息服务
            clients.withClientDetails(new ClientDetailsServiceImpl(clientRepo));
        }
    
        public static class ClientDetailsServiceImpl implements ClientDetailsService {
    
            @Override
            public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {
                // 实现客户端信息查询逻辑
            }
        }
    }
    
  • 相关阅读:
    pytest之断言
    python之self
    python标准数据结构类型
    pytest之fixture
    python之继承和多态
    安卓UI自动化,pytest+UIautomator2+allure+jenkins
    airtest
    Python中单下划线开头的特性
    系统默认分配的共享内存太小,导致zabbix_server无法启动
    运行yum报错Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
  • 原文地址:https://www.cnblogs.com/luguojun/p/12677188.html
Copyright © 2011-2022 走看看