-
spring-security-oauth2授权码模式
完整pom
- <?xml version="1.0" encoding="UTF-8"?>
- <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0</modelVersion>
- <groupId>com.sdkj</groupId>
- <artifactId>security-oauth</artifactId>
- <version>0.0.1-SNAPSHOT</version>
- <name>security-oauth</name>
- <description>Demo project for Spring Boot</description>
- <properties>
- <java.version>1.8</java.version>
- <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
- <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
- <spring-boot.version>2.3.7.RELEASE</spring-boot.version>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.springframework.cloud</groupId>
- <artifactId>spring-cloud-starter-security</artifactId>
- </dependency>
- <!-- security-oauth2 -->
- <dependency>
- <groupId>org.springframework.cloud</groupId>
- <artifactId>spring-cloud-starter-oauth2</artifactId>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-starter-web</artifactId>
- </dependency>
- </dependencies>
- <dependencyManagement>
- <dependencies>
- <dependency>
- <groupId>org.springframework.cloud</groupId>
- <artifactId>spring-cloud-dependencies</artifactId>
- <version>Hoxton.SR3</version>
- <type>pom</type>
- <scope>import</scope>
- </dependency>
- <dependency>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-dependencies</artifactId>
- <version>${spring-boot.version}</version>
- <type>pom</type>
- <scope>import</scope>
- </dependency>
- </dependencies>
- </dependencyManagement>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>3.8.1</version>
- <configuration>
- <source>1.8</source>
- <target>1.8</target>
- <encoding>UTF-8</encoding>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.springframework.boot</groupId>
- <artifactId>spring-boot-maven-plugin</artifactId>
- <version>2.3.7.RELEASE</version>
- <configuration>
- <mainClass>com.sdkj.security.oauth.SecurityOauthApplication</mainClass>
- </configuration>
- <executions>
- <execution>
- <id>repackage</id>
- <goals>
- <goal>repackage</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
- </project>
User:
- package com.sdkj.security.oauth.entity;
- import org.springframework.security.core.GrantedAuthority;
- import org.springframework.security.core.userdetails.UserDetails;
- import java.util.Collection;
- import java.util.List;
- /**
- * @author javachen
- * @description oauth2用户
- */
- public class User implements UserDetails
- {
- private static final long serialVersionUID = 1L;
- /**
- * 用户名称
- */
- private String userName;
- /**
- * 用户名称
- */
- private String password;
- /**
- * 用户名称
- */
- private List<GrantedAuthority> authorities;
- public User() {
- }
- public User(String userName, String password, List<GrantedAuthority> authorities) {
- this.userName = userName;
- this.password = password;
- this.authorities = authorities;
- }
- @Override
- public Collection<? extends GrantedAuthority> getAuthorities() {
- return this.authorities;
- }
- @Override
- public String getPassword() {
- return this.password;
- }
- @Override
- public String getUsername() {
- return this.userName;
- }
- @Override
- public boolean isAccountNonExpired() {
- return true;
- }
- @Override
- public boolean isAccountNonLocked() {
- return true;
- }
- @Override
- public boolean isCredentialsNonExpired() {
- return true;
- }
- @Override
- public boolean isEnabled() {
- return true;
- }
- }
AuthorizationServerConfig:
- package com.sdkj.security.oauth.config;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.crypto.password.PasswordEncoder;
- import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
- @Configuration
- @EnableAuthorizationServer
- public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
- @Autowired
- public PasswordEncoder passwordEncoder;
- @Override
- public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
- clients.inMemory()
- //配置client_id
- .withClient("admin")
- //配置client_secret
- .secret(passwordEncoder.encode("112233"))
- //配置访问token的有效期
- .accessTokenValiditySeconds(3600)
- //配置redirect_url,用于回调的地址
- .redirectUris("http://www.baidu.com")
- //配置申请权限访问
- .scopes("all")
- //配置great_type,表示授权类型
- .authorizedGrantTypes("authorization_code");
- }
- }
SecurityConfig:
- package com.sdkj.security.oauth.config;
- import com.sdkj.security.oauth.handle.MyAccessDeniedHandler;
- import com.sdkj.security.oauth.handle.MyAuthenticationFailureHandler;
- import com.sdkj.security.oauth.handle.MyAuthenticationSuccessHandler;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.context.annotation.Bean;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
- import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
- import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
- import org.springframework.security.crypto.password.PasswordEncoder;
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Bean
- public PasswordEncoder getPasswordEncoder(){
- return new BCryptPasswordEncoder();
- }
- @Autowired
- private MyAccessDeniedHandler myAccessDeniedHandler;
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http.csrf().disable()
- .authorizeRequests()
- .antMatchers("/oauth/**","/login/**","/logout/**")
- .permitAll()
- .anyRequest()
- .authenticated()
- .and()
- .formLogin()
- .permitAll();
- }
- }
ResourceServerConfig:
- package com.sdkj.security.oauth.config;
- import org.springframework.context.annotation.Configuration;
- import org.springframework.security.config.annotation.web.builders.HttpSecurity;
- import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
- import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
- @Configuration
- @EnableResourceServer
- public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
- @Override
- public void configure(HttpSecurity http) throws Exception {
- //配置所有请求均需要授权进行访问,唯独/user/**不需要进行认证
- http.authorizeRequests()
- .anyRequest()
- .authenticated()
- .and()
- .requestMatchers()
- .antMatchers("/user/**");
- }
- }
UserDetailServiceImpl:
- package com.sdkj.security.oauth.service;
- import com.sdkj.security.oauth.entity.User;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.security.core.authority.AuthorityUtils;
- import org.springframework.security.core.userdetails.UserDetails;
- import org.springframework.security.core.userdetails.UserDetailsService;
- import org.springframework.security.core.userdetails.UsernameNotFoundException;
- import org.springframework.security.crypto.password.PasswordEncoder;
- import org.springframework.stereotype.Service;
- @Service
- public class UserDetailServiceImpl implements UserDetailsService {
- @Autowired
- private PasswordEncoder passwordEncoder;
- @Override
- public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
- String password = passwordEncoder.encode("123456");
- return new User(username,password, AuthorityUtils.commaSeparatedStringToAuthorityList("admin,normal"));
- }
- }
UserController:
- package com.sdkj.security.oauth.controller;
- import com.sdkj.security.oauth.entity.User;
- import org.springframework.security.core.Authentication;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RestController;
- @RestController
- @RequestMapping("/user")
- public class UserController {
- @RequestMapping("/getCurrentUser")
- public void getCurrentUser(Authentication authentication)
- {
- User user = (User)authentication.getPrincipal();
- System.out.println(user.getUsername());
- }
- }
项目结构:
访问授权:
1.获取code
http://localhost:8080/oauth/authorize?client_id=admin&redirect_uri=http://www.baidu.com&response_type=code&scope=all2.根据code回去token
http://localhost:8080/oauth/token?code=F3m7bt&grant_type=authorization_code&redirect_uri=http://www.baidu.com&scope=all
-
相关阅读:
【C++】STL—— unordered_map的介绍和使用、 unordered_map的构造函数和迭代器、 unordered_map的增删查改函数
Nginx 快速入门
AcWing 4273. 链表合并
c++调用相机进行保存
全网最详细:基于SpringMVC实现CRUD&文件上传下载
【BUG解决】服务器没报警但是应用接口崩了....
(续)SSM整合之springmvc笔记(@RequestMapping注解)(P124-130)还没完
JSON概念
SpringBoot中单元测试的使用
HCNP Routing&Switching之组播技术PIM-SM 稀疏模式
- 原文地址:https://blog.csdn.net/u013008898/article/details/124918355