spring cloud以客户端授权模式访问受oauth2保护的资源

路过君

发布于 2020-06-19 17:28:57

1.7K0

发布于 2020-06-19 17:28:57

文章被收录于专栏：路过君BLOG from CSDN路过君BLOG from CSDN

1. 依赖

<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>

2. 配置

application.yml

security:
  oauth2:
    client:
      client-id: client-id
      client-secret: client-secret
      grant-type: client_credentials
      access-token-uri: ${oauth2-host}/oauth/token

3. JAVA Config

@ConfigurationProperties(prefix = "security.oauth2.client")
@Bean
public ClientCredentialsResourceDetails clientCredentialsResourceDetails() {
    ClientCredentialsResourceDetails details = new ClientCredentialsResourceDetails();
    return details;
}

@Bean({"clientCredentailsOAuth2RestTemplate "})
public OAuth2RestTemplate clientCredentailsOAuth2RestTemplate(ClientCredentialsResourceDetails clientCredentialsResourceDetails) {
    return new OAuth2RestTemplate(clientCredentialsResourceDetails, new DefaultOAuth2ClientContext());
}

4. 使用

// 获取token
clientCredentailsOAuth2RestTemplate.getAccessToken()
// 调用资源API,会自动附带token
clientCredentailsOAuth2RestTemplate.getForObject(url,...)

5. 注意

配置中如果没有security.oauth2.client.grant-type=client_credentials，初始化ClientCredentialsResourceDetails会无法获取到配置值
授权中心服务中，客户端授权类型不包含client_credentials，获取token时会出现HTTP 401错误

本文参与腾讯云自媒体分享计划，分享自作者个人站点/博客。

原始发表：2020-06-04 ，如有侵权请联系 cloudcommunity@tencent.com 删除

java