SpringBoot集成SpringSecurity5和OAuth2 — 4、OAuth2的资源服务器

西木Qi

已于 2023-07-29 14:36:07 修改

阅读量1.7k

点赞数

分类专栏： java spring 文章标签： java

于 2020-06-07 20:12:14 首次发布

本文链接：https://blog.csdn.net/Mr_XiMu/article/details/106606321

版权

java 同时被 2 个专栏收录

26 篇文章 4 订阅

订阅专栏

spring

17 篇文章 0 订阅

订阅专栏

相关代码：参考码云上的oauth2resource【仅供本人参考使用，不对外开发】

注意：OAuth2的客户端和资源服务器是不同的概念，OAuth2的客户端类似于第三方应用，它对接OAuth2服务器主要是使用OAuth2服务器端提供的客户信息【此处是OAuth2给用户分配的token】来登录客户端自己的系统而非资源服务器，后续用户访问的资源也是客户端自己存的用户资源，所以使用客户端的code来请求token会报错；而资源服务器则需要单独获取code后再获取token，然后才能请求资源服务器上的资源。【资源服务器和认证授权服务器同属一方。】

获取授权码：

http://localhost:8080/oauth/authorize?response_type=code&client_id=client&scope=read&redirect_uri=http://localhost:8090/callback

获取token令牌：

http://localhost:8080/oauth/token?grant_type=authorization_code&code=F4eRew&client_id=client&client_secret=secret&redirect_uri=http://localhost:8090/callback

一、项目环境配置

1.1 、JDK8

1.2、Spring Boot： 2.3.0.RELEASE

1.3、spring-cloud.version：Hoxton.SR5

二、准备工作

2.1 pom.xml

2.1.1 thymeleaf页面模板依赖

<!-- thymeleaf-->
<dependency>
   <groupId>org.springframework.boot</groupId>
   <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>

2.1.2 starter-web依赖

<!-- starter-web-->
<dependency>
   <groupId>org.springframework.boot</groupId>
   <artifactId>spring-boot-starter-web</artifactId>
</dependency>

2.1.3 OAuth2依赖

<!--OAuth2-->
<dependency>
   <groupId>org.springframework.cloud</groupId>
   <artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>

2.1.4 数据库连接依赖

<!-- mybatis-->
<dependency>
   <groupId>org.mybatis.spring.boot</groupId>
   <artifactId>mybatis-spring-boot-starter</artifactId>
   <version>2.1.2</version>
</dependency>

<!-- mysql-->
<dependency>
   <groupId>mysql</groupId>
   <artifactId>mysql-connector-java</artifactId>
   <version>5.1.47</version>
   <scope>runtime</scope>
</dependency>

<!-- alibaba 数据连接池 -->
<dependency>
   <groupId>com.alibaba</groupId>
   <artifactId>druid</artifactId>
   <version>1.1.13</version>
</dependency>

2.1.5 lombok

<!--  lombok-->
<dependency>
   <groupId>org.projectlombok</groupId>
   <artifactId>lombok</artifactId>
   <optional>true</optional>
</dependency>

2.1.6 单元测试依赖

<dependency>
   <groupId>org.springframework.boot</groupId>
   <artifactId>spring-boot-starter-test</artifactId>
   <scope>test</scope>
   <exclusions>
      <exclusion>
         <groupId>org.junit.vintage</groupId>
         <artifactId>junit-vintage-engine</artifactId>
      </exclusion>
   </exclusions>
</dependency>

2.1.7 完整的pom.xml文件



<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>

	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>2.3.0.RELEASE</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>

	<groupId>cn.iotspider</groupId>
	<artifactId>oauth2resource</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>oauth2resource</name>

	<description>Demo project for Spring Boot</description>

	<properties>
		<java.version>1.8</java.version>
		<spring-cloud.version>Hoxton.SR5</spring-cloud.version>
	</properties>

	<dependencies>

		<!--  thymeleaf -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-thymeleaf</artifactId>
		</dependency>

		<!--  starter-web -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>

		<!-- oauth2 -->
		<dependency>
			<groupId>org.springframework.cloud</groupId>
			<artifactId>spring-cloud-starter-oauth2</artifactId>
		</dependency>

		<!-- mybatis-->
		<dependency>
			<groupId>org.mybatis.spring.boot</groupId>
			<artifactId>mybatis-spring-boot-starter</artifactId>
			<version>2.1.2</version>
		</dependency>

		<!-- mysql-->
		<dependency>
			<groupId>mysql</groupId>
			<artifactId>mysql-connector-java</artifactId>
			<version>5.1.47</version>
			<scope>runtime</scope>
		</dependency>

		<!-- alibaba 数据连接池 -->
		<dependency>
			<groupId>com.alibaba</groupId>
			<artifactId>druid</artifactId>
			<version>1.1.13</version>
		</dependency>

		<!--  lombok-->
		<dependency>
			<groupId>org.projectlombok</groupId>
			<artifactId>lombok</artifactId>
			<optional>true</optional>
		</dependency>

		<!-- 单元测试-->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
			<exclusions>
				<exclusion>
					<groupId>org.junit.vintage</groupId>
					<artifactId>junit-vintage-engine</artifactId>
				</exclusion>
			</exclusions>
		</dependency>

	</dependencies>

	<dependencyManagement>
		<dependencies>
			<dependency>
				<groupId>org.springframework.cloud</groupId>
				<artifactId>spring-cloud-dependencies</artifactId>
				<version>${spring-cloud.version}</version>
				<type>pom</type>
				<scope>import</scope>
			</dependency>
		</dependencies>
	</dependencyManagement>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>

</project>

2.2 application.propeties


spring.application.name=oauth2-resource
server.port=8090

mybatis.mapper-locations=classpath:mapper/*/*.xml
#将扫描到的mapper.xml显示在控制台
mybatis.configuration.log-impl=org.apache.ibatis.logging.stdout.StdOutImpl

spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/oauth2jdbc?useUnicode=true&characterEncoding=utf8&useSSL=false&useTimezone=true&serverTimezone=GMT%2B8
spring.datasource.username=root
spring.datasource.password=root

spring.thymeleaf.prefix = classpath:/templates/
#spring.thymeleaf.suffix = .html
spring.thymeleaf.encoding = UTF-8
spring.thymeleaf.servlet.content-type=text/html
spring.thymeleaf.cache = false


#资源客户端配置
security.oauth2.client.client-id=client
security.oauth2.client.client-secret=secret
security.oauth2.resource.id=resource
#校验token的路径
security.oauth2.resource.token-info-uri=http://localhost:8080/oauth/check_token

三、代码：

3.1 ResourceServerConfig加入@EnableResourceServer注解


package cn.iotspider.oauth2resource.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {


    /**
     * 配置资源服务器
     *
     * @param http
     * @throws Exception
     */
    @Override
    public void configure(HttpSecurity http) throws Exception {
        // 验证所有请求
        http.authorizeRequests()
                .anyRequest()
                .authenticated();

    }

}

3.2 ResourceController

package cn.iotspider.oauth2resource.controller;

import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;


@RestController
public class ResourceController {

    @RequestMapping("resource")
    public String resource() {
        return "ResourceServer Module";
    }

}

本项目只是为了用于练习搭建OAuth2的资源服务器，所以就没有加入对数据库的操作。至此，OAuth2的资源服务器就搭建完成了。