Spring Boot 2.0 整合 Spring Security Oauth2
Spring Boot 2.0 整合 Spring Security Oauth2
java干货
发布于 2021-02-19 11:13:25
发布于 2021-02-19 11:13:25
文章被收录于专栏:java干货
是金子在哪都会发光的——每个说这句话的人都误以为自己是金子。
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/spring-security-OAuth205.png
前言
在Spring Security源码分析十一:Spring Security OAuth2整合JWT中,我们使用Spring Boot 1.5.6.RELEASE版本整合Spring Security Oauth2实现了授权码模式、密码模式以及用户自定义登录返回token。但更新至Spring Boot 2.0.1.RELEASE版本时会出现一些小问题。在此,帮大家踩一下坑。关于OAuth2请参考理解OAuth 2.0
修改pom.xml
更新Spring Boot 版本为Spring Boot 2.0.1.RELEASE
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.1.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>新增SecurityConfig配置
新增SecurityConfig用于暴露AuthenticationManager
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
AuthenticationManager manager = super.authenticationManagerBean();
return manager;
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// .formLogin().and()
.httpBasic().and()
.csrf().disable();
}
}修改MerryyouAuthorizationServerConfig
修改MerryyouAuthorizationServerConfig用于加密clientsecret和设置重定向地址
......
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
InMemoryClientDetailsServiceBuilder build = clients.inMemory();
if (ArrayUtils.isNotEmpty(oAuth2Properties.getClients())) {
for (OAuth2ClientProperties config : oAuth2Properties.getClients()) {
build.withClient(config.getClientId())
.secret(passwordEncoder.encode(config.getClientSecret()))
.accessTokenValiditySeconds(config.getAccessTokenValiditySeconds())
.refreshTokenValiditySeconds(60 * 60 * 24 * 15)
.authorizedGrantTypes("refresh_token", "password", "authorization_code")//OAuth2支持的验证模式
.redirectUris("http://www.merryyou.cn")
.scopes("all");
}
}
......修改application.yml
由于在2.x版本中由于引入了不同的客户端,需要指定配置哪种连接池。
server:
port: 8888
redis:
host: localhost
port: 6379
jedis:
pool:
max-active: 8
max-wait: -1
min-idle: 0
max-idle: 8
logging:
level:
org.springframework: info
merryyou:
security:
oauth2:
storeType: redis #或者jwt
jwtSigningKey: merryyou
clients[0]:
clientId: merryyou
clientSecret: merryyou
clients[1]:
clientId: merryyou1
clientSecret: merryyou1效果如下
授权码模式
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif
密码模式
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif
自定义登录
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif
刷新token
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif
代码下载
- github:springboot2.0-oauth2
- gitee:springboot2.0-oauth2
参考
- https://github.com/lexburner/oauth2-demo
- https://stackoverflow.com/questions/49122867/spring-boot-2-0-0-oauth2
- https://www.jianshu.com/p/be2c09cd27d8?utm_campaign=hugo&utm_medium=reader_share&utm_content=note&utm_source=weixin-friends
本文参与 腾讯云自媒体同步曝光计划,分享自作者个人站点/博客。
原始发表:2018/04/29,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
腾讯云开发者
