zoukankan      html  css  js  c++  java
  • spring security oauth2

    1.引入POM

     2.主要配置2个类 

       2.1 一个是继承AuthorizationServerConfigurerAdapter  

    package com.zbiti.anvil.maintain.auth.config;

    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.core.userdetails.UserDetailsService;
    import org.springframework.security.crypto.password.PasswordEncoder;
    import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
    import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
    import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
    import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
    import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
    import org.springframework.security.oauth2.provider.token.TokenStore;
    import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;

    /**
    * @author
    * @date 2021/9/2 13:45
    */
    @Configuration
    @EnableAuthorizationServer
    public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    // @formatter:off
    clients.inMemory()
    .withClient("admin-app")
    .secret(passwordEncoder.encode("123456"))
    .scopes("all")
    .authorizedGrantTypes("authorization_code", "refresh_token", "client_credentials", "password")
    .accessTokenValiditySeconds(3600 * 24)
    .refreshTokenValiditySeconds(3600 * 24 * 7)
    .redirectUris("http://localhost:8080/testlogin");
    // @formatter:on
    }


    /**
    * /oauth/token 401
    *
    * 1.如果设置 allowFormAuthenticationForClients的话,
    * 过滤器链里面会添加 ClientCredentialsTokenEndpointFilter 这个加载在 BasicAuthenticationFilter 这个之前
    *
    * @param security
    * @throws Exception
    */
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
    security.allowFormAuthenticationForClients();

    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints
    .authenticationManager(this.authenticationManager)
    .userDetailsService(userDetailsService)
    .tokenStore(tokenStore());
    }

    /**
    * 配置token存储
    * @return
    */
    @Bean
    public TokenStore tokenStore() {
    return new InMemoryTokenStore();
    }


    }

       2.2 一个是继承WebSecurityConfigurerAdapter

    package com.zbiti.anvil.maintain.auth.config;

    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;

    /**
    * @author tangwei
    * @date 2021/9/2 15:56
    */
    @Configuration
    @EnableWebSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {

    // @formatter:off
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    http
    .authorizeRequests()
    .antMatchers("/test/**").permitAll()
    .anyRequest().authenticated();
    }
    // @formatter:on



    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
    }


    @Bean
    public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
    }
    }

    然后实现

    /**
     * @author
     * @date 2021/9/2 13:54
     */
    @Service
    public class UserDetailsServiceImpl implements UserDetailsService {
        
        @Autowired
        PasswordEncoder passwordEncoder;
        
        @Override
        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
            List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
            SimpleGrantedAuthority s = new SimpleGrantedAuthority("admin");
            grantedAuthorities.add(s);
            return new SecurityUserVO(username,passwordEncoder.encode("123456"),grantedAuthorities);
        }
    }
    package com.zbiti.anvil.maintain.auth.domain;
    
    import org.springframework.security.core.GrantedAuthority;
    import org.springframework.security.core.userdetails.User;
    
    import java.util.Collection;
    
    /**
     * @author
     * @date 2021/9/2 13:55
     */
    public class SecurityUserVO extends User {
        
        private Long userId;
    
        public SecurityUserVO(String username, String password, Collection<? extends GrantedAuthority> authorities) {
            super(username, password, authorities);
        }
    
        public SecurityUserVO(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
            super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
        }
    
    
        public Long getUserId() {
            return userId;
        }
    
        public void setUserId(Long userId) {
            this.userId = userId;
        }
    
        
    }
  • 相关阅读:
    JavaScript
    94.Binary Tree Inorder Traversal
    144.Binary Tree Preorder Traversal
    106.Construct Binary Tree from Inorder and Postorder Traversal
    105.Construct Binary Tree from Preorder and Inorder Traversal
    90.Subsets II
    78.Subsets
    83.Merge Sorted Array
    80.Remove Duplicates from Sorted Array II
    79.Word Search
  • 原文地址:https://www.cnblogs.com/tangwangming/p/15222788.html
Copyright © 2011-2022 走看看