zoukankan      html  css  js  c++  java
  • spring cloud gateway security oauth2

    申请token

    客户端认证

    GenericFilterBean.java 过滤链
    ClientCredentialsTokenEndpointFilter.java
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
    throws AuthenticationException, IOException, ServletException {

    if (allowOnlyPost && !"POST".equalsIgnoreCase(request.getMethod())) {
    throw new HttpRequestMethodNotSupportedException(request.getMethod(), new String[] { "POST" });
    }

    String clientId = request.getParameter("client_id");
    String clientSecret = request.getParameter("client_secret");

    // If the request is already authenticated we can assume that this
    // filter is not needed
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null && authentication.isAuthenticated()) {
    return authentication;
    }

    if (clientId == null) {
    throw new BadCredentialsException("No client credentials presented");
    }

    if (clientSecret == null) {
    clientSecret = "";
    }

    clientId = clientId.trim();
    UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(clientId,
    clientSecret);

    return this.getAuthenticationManager().authenticate(authRequest);

    }

    生成token

    验证token

    WebFilter.java 调用链
    AuthenticationWebFilter.java
    ReactiveOAuth2ResourceServerJwkConfiguration.java 配置信息
    DefaultJWTProcessor.java
     
  • 相关阅读:
    石子游戏2
    礼物的最大价值
    CF512D. Fox And Travelling
    arc099F
    CF504E. Misha and LCP on Tree(长链剖分求k级祖先)
    agc031D
    CF555E. Case of Computer Network
    agc023D
    CF1406E. Deleting Numbers
    CF585F. Digits of Number Pi
  • 原文地址:https://www.cnblogs.com/whmbky/p/14205974.html
Copyright © 2011-2022 走看看