• spring security oauth2


    1.引入POM

     2.主要配置2个类 

       2.1 一个是继承AuthorizationServerConfigurerAdapter  

    package com.zbiti.anvil.maintain.auth.config;

    import org.springframework.beans.factory.annotation.Autowired;
    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.core.userdetails.UserDetailsService;
    import org.springframework.security.crypto.password.PasswordEncoder;
    import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
    import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
    import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
    import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
    import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
    import org.springframework.security.oauth2.provider.token.TokenStore;
    import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;

    /**
    * @author
    * @date 2021/9/2 13:45
    */
    @Configuration
    @EnableAuthorizationServer
    public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    // @formatter:off
    clients.inMemory()
    .withClient("admin-app")
    .secret(passwordEncoder.encode("123456"))
    .scopes("all")
    .authorizedGrantTypes("authorization_code", "refresh_token", "client_credentials", "password")
    .accessTokenValiditySeconds(3600 * 24)
    .refreshTokenValiditySeconds(3600 * 24 * 7)
    .redirectUris("http://localhost:8080/testlogin");
    // @formatter:on
    }


    /**
    * /oauth/token 401
    *
    * 1.如果设置 allowFormAuthenticationForClients的话,
    * 过滤器链里面会添加 ClientCredentialsTokenEndpointFilter 这个加载在 BasicAuthenticationFilter 这个之前
    *
    * @param security
    * @throws Exception
    */
    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
    security.allowFormAuthenticationForClients();

    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    endpoints
    .authenticationManager(this.authenticationManager)
    .userDetailsService(userDetailsService)
    .tokenStore(tokenStore());
    }

    /**
    * 配置token存储
    * @return
    */
    @Bean
    public TokenStore tokenStore() {
    return new InMemoryTokenStore();
    }


    }

       2.2 一个是继承WebSecurityConfigurerAdapter

    package com.zbiti.anvil.maintain.auth.config;

    import org.springframework.context.annotation.Bean;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.authentication.AuthenticationManager;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
    import org.springframework.security.crypto.password.PasswordEncoder;

    /**
    * @author tangwei
    * @date 2021/9/2 15:56
    */
    @Configuration
    @EnableWebSecurity
    public class SecurityConfig extends WebSecurityConfigurerAdapter {

    // @formatter:off
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    http
    .authorizeRequests()
    .antMatchers("/test/**").permitAll()
    .anyRequest().authenticated();
    }
    // @formatter:on



    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
    return super.authenticationManagerBean();
    }


    @Bean
    public PasswordEncoder passwordEncoder() {
    return new BCryptPasswordEncoder();
    }
    }

    然后实现

    /**
     * @author
     * @date 2021/9/2 13:54
     */
    @Service
    public class UserDetailsServiceImpl implements UserDetailsService {
        
        @Autowired
        PasswordEncoder passwordEncoder;
        
        @Override
        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
            List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
            SimpleGrantedAuthority s = new SimpleGrantedAuthority("admin");
            grantedAuthorities.add(s);
            return new SecurityUserVO(username,passwordEncoder.encode("123456"),grantedAuthorities);
        }
    }
    package com.zbiti.anvil.maintain.auth.domain;
    
    import org.springframework.security.core.GrantedAuthority;
    import org.springframework.security.core.userdetails.User;
    
    import java.util.Collection;
    
    /**
     * @author
     * @date 2021/9/2 13:55
     */
    public class SecurityUserVO extends User {
        
        private Long userId;
    
        public SecurityUserVO(String username, String password, Collection<? extends GrantedAuthority> authorities) {
            super(username, password, authorities);
        }
    
        public SecurityUserVO(String username, String password, boolean enabled, boolean accountNonExpired, boolean credentialsNonExpired, boolean accountNonLocked, Collection<? extends GrantedAuthority> authorities) {
            super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities);
        }
    
    
        public Long getUserId() {
            return userId;
        }
    
        public void setUserId(Long userId) {
            this.userId = userId;
        }
    
        
    }
  • 相关阅读:
    XSD文件生成C#VO实体类
    WPF根据Oracle数据库的表,生成CS文件小工具
    【求助】WPF 在XP下 有的Textbox光标会消失
    【转】oracle中in和exists的区别
    Spire.DOC生成表格测试
    【转】C#调用Windows图片和传真查看器打开图片
    WPF MVVM下做发送短信小按钮
    SignalR Progress
    C# readonly
    Settings.settings
  • 原文地址:https://www.cnblogs.com/tangwangming/p/15222788.html
Copyright © 2020-2023  润新知