由于项目中用到Oauth2,所以在SpringBoot中需要配置相关的依赖和内容.
一,配置文件.
1,首先在配置文件中打上注解.
@Configuration
@EnableAuthorizationServer
2,定义配置文件 Auth2Config,因为需要进行初始化所以必须继承 类AuthorizationServerConfigurerAdapter
顺便声明了如下的两个框架类对象.
private final UserDetailsService userDetailsService;
private final AuthenticationManager authenticationManager;
3,由于2的继承,它里面有三个配置方法,我们需要实现他们.
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
}
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
}
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
}
如下是具体的实现细节.
@Override
public void configure(AuthorizationServerEndpointsConfigurer configurer) throws Exception {
configurer
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService)
.reuseRefreshTokens(false);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("dashboard")
.secret("secret")
.accessTokenValiditySeconds(accessTokenExpireIn)
.refreshTokenValiditySeconds(0)
.scopes("read", "write")
.authorizedGrantTypes("password", "refresh_token")
.resourceIds("resource");
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security
.allowFormAuthenticationForClients()
.checkTokenAccess("isAuthenticated()");
}
ps:
在其中有定义些常量.
@Value("${custom.oauth.accessTokenExpireIn:3600}")
private int accessTokenExpireIn;
@Value("${custom.oauth.refreshTokenExpireIn:86400}")
private int refreshTokenExpireIn;
二,框架中接口和相关类的调用和定义.
public interface AuthenticationFacade {
Authentication getAuthentication();
SecurityUserDetails getUserDetails();
}
@Service
public class SecurityAuthenticationFacade implements AuthenticationFacade {
@Override
public Authentication getAuthentication() {
return SecurityContextHolder.getContext().getAuthentication();
}
@Override
public SecurityUserDetails getUserDetails() {
return (SecurityUserDetails) getAuthentication().getPrincipal();
}
}
以上两个类是父子类.
public class SecurityUserDetails implements UserDetails {
private static final long serialVersionUID = 1461684639991221787L;
private User user;
public SecurityUserDetails(User user) {
this.user = user;
}
public User getUser() {
return user;
}
public String getUserId() {
return user.getId();
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Collections.emptyList();
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getEmail();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return !user.getLocked();
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return !user.getLocked();
}
}
@Service("securityUserDetailsService")
public class SecurityUserDetailsService implements UserDetailsService {
private final UserService userService;
@Autowired
public SecurityUserDetailsService(UserService userService) {
this.userService = userService;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userService.findByEmail(username);
return new SecurityUserDetails(user);
}
}