zoukankan      html  css  js  c++  java

  • spring cloud搭建oauth2资源服务

    依赖

    pom.xml

    <parent>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-parent</artifactId>
    <version>2.2.5.RELEASE</version>
    <relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
    <java.version>11</java.version>
    <spring-cloud.version>Hoxton.SR4</spring-cloud.version>
</properties>
<dependencies>
    <!-- spring cloud oauth2 -->
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-oauth2</artifactId>
    </dependency>
</dependencies>
<dependencyManagement>
    <dependencies>
        <!-- spring cloud -->
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-dependencies</artifactId>
            <version>${spring-cloud.version}</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

    配置

    application.yml

    security:
  oauth2:
    client:
      client-id: application-client-id
      client-secret: application-client-secret
      access-token-uri: http://authsite-host/oauth/token
    resource:
      id: application-resource-id
      tokenInfoUri: http://authsite-host/oauth/check_token
      userInfoUri: http://authsite-host/oauth/check_user
    • application-client-id、application-client-secret、application-resource-id修改为OAUTH2授权服务中注册的客户端、资源对应值
    • 注意: 资源服务也需要配置注册为客户端, 否则无法通过认证服务器获取TOKEN和用户信息

    JAVA配置

    创建JAVA配置: ResourceServerConfig.java

    @Configuration
// 启用资源服务器配置
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
    protected ResourceServerProperties resource;

    public ResourceServerConfig(ResourceServerProperties resource) {
        this.resource = resource;
    }

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.resourceId(this.resource.getResourceId());
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        // 自定义访问控制逻辑
        http.authorizeRequests().anyRequest().authenticated();
    }
}
  • 相关阅读:
    包的初识与使用
    时间 随机 模块
    规范化开发
    解析Javascript事件冒泡机制
    Java垃圾回收机制
    Java 垃圾收集机制
    javac 编译与 JIT 编译
    JAVA对文件类型的校验
    多态性实现机制——静态分派与动态分派
    类加载机制
  • 原文地址:https://www.cnblogs.com/luguojun/p/14294731.html
Copyright © 2011-2022 走看看