本文详细介绍了Shiro教程中关于OAuth2的服务器端集成,包括OAuth2的基本概念、角色定义、协议流程,以及服务器端的POM依赖、数据库表结构、实体、DAO、Service、Controller的实现。重点讲解了授权和访问令牌的维护,并提供了配置文件的设置说明。通过示例展示了如何进行客户端管理和用户管理,帮助读者理解如何在实际项目中应用OAuth2授权服务。
原博客地址:http://jinnianshilongnian.iteye.com/blog/2018398
根据下载的pdf学习。
开涛shiro教程-第十七章-OAuth2集成
1.OAuth2介绍
(1)应用场景
很多开放平台,比如新浪微博开放平台,都在使用开发API接口供开发者使用。即带来了,第三方应用要到开放平台授权的问题。OAuth就是做这个的。
1 OAuth2官网:http://oauth.net/2/ 2 OAuth2协议:http://tools.ietf.org/html/rfc6749 3 本文使用:Apache Oltu 4 使用文档:https://cwiki.apache.org/confluence/display/OLTU/Documentation
(2)OAuth角色
1 资源拥有者resource owner:能授权访问受保护资源的一个实体。比如新浪微博用户lyh。 2 资源服务器resource server:存储受保护资源。 3 授权服务器authorization server:成功验证resource owner,并获取授权,颁发授权令牌access token给客户端client。 4 客户端client:本身不存储资源,而是resource owner授权通过后,使用access token访问受保护资源,然后把相应的数据展示/提交到服务器。
(3)OAuth2协议流程
2.服务器端
(1)POM依赖
此处我们使用 apache oltu oauth2 服务端实现,需要引入 authzserver(授权服务器依赖)和 resourceserver(资源服务器依赖)。
1 <dependency> 2 <groupId>org.apache.oltu.oauth2</groupId> 3 <artifactId>org.apache.oltu.oauth2.authzserver</artifactId> 4 <version>0.31</version> 5 </dependency> 6 7 <dependency> 8 <groupId>org.apache.oltu.oauth2</groupId> 9 <artifactId>org.apache.oltu.oauth2.resourceserver</artifactId> 10 <version>0.31</version> 11 </dependency>
附完整pom.xml文件:
1 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 2 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> 3 <parent> 4 <artifactId>shiro-example</artifactId> 5 <groupId>com.github.zhangkaitao</groupId> 6 <version>1.0-SNAPSHOT</version> 7 </parent> 8 <modelVersion>4.0.0</modelVersion> 9 <artifactId>shiro-example-chapter17-server</artifactId> 10 <packaging>war</packaging> 11 <name>shiro-example-chapter17-server</name> 12 <url>http://maven.apache.org</url> 13 <dependencies> 14 <dependency> 15 <groupId>junit</groupId> 16 <artifactId>junit</artifactId> 17 <version>3.8.1</version> 18 <scope>test</scope> 19 </dependency> 20 21 <dependency> 22 <groupId>commons-collections</groupId> 23 <artifactId>commons-collections</artifactId> 24 <version>3.2.1</version> 25 </dependency> 26 27 <dependency> 28 <groupId>org.apache.oltu.oauth2</groupId> 29 <artifactId>org.apache.oltu.oauth2.authzserver</artifactId> 30 <version>0.31</version> 31 </dependency> 32 33 <dependency> 34 <groupId>org.apache.oltu.oauth2</groupId> 35 <artifactId>org.apache.oltu.oauth2.resourceserver</artifactId> 36 <version>0.31</version> 37 </dependency> 38 39 40 <dependency> 41 <groupId>javax.servlet</groupId> 42 <artifactId>javax.servlet-api</artifactId> 43 <version>3.0.1</version> 44 <scope>provided</scope> 45 </dependency> 46 <dependency> 47 <groupId>javax.servlet.jsp</groupId> 48 <artifactId>jsp-api</artifactId> 49 <version>2.2</version> 50 </dependency> 51 <dependency> 52 <groupId>javax.servlet</groupId> 53 <artifactId>jstl</artifactId> 54 <version>1.2</version> 55 </dependency> 56 57 58 <dependency> 59 <groupId>org.apache.shiro</groupId> 60 <artifactId>shiro-core</artifactId> 61 <version>1.2.2</version> 62 </dependency> 63 <dependency> 64 <groupId>org.apache.shiro</groupId> 65 <artifactId>shiro-ehcache</artifactId> 66 <version>1.2.2</version> 67 </dependency> 68 <dependency> 69 <groupId>org.apache.shiro</groupId> 70 <artifactId>shiro-web</artifactId> 71 <version>1.2.2</version> 72 </dependency> 73 <dependency> 74 <groupId>org.apache.shiro</groupId> 75 <artifactId>shiro-quartz</artifactId> 76 <version>1.2.2</version> 77 </dependency> 78 <dependency> 79 <groupId>org.apache.shiro</groupId> 80 <artifactId>shiro-spring</artifactId> 81 <version>1.2.2</version> 82 </dependency> 83 84 85 <dependency> 86 <groupId>mysql</groupId> 87 <artifactId>mysql-connector-java</artifactId> 88 <version>5.1.25</version> 89 </dependency> 90 <dependency> 91 <groupId>com.alibaba</groupId> 92 <artifactId>druid</artifactId> 93 <version>0.2.23</version> 94 </dependency> 95 96 97 <!-- aspectj相关jar包--> 98 <dependency> 99 <groupId>org.aspectj</groupId> 100 <artifactId>aspectjrt</artifactId> 101 <version>1.7.4</version> 102 </dependency> 103 <dependency> 104 <groupId>org.aspectj</groupId> 105 <artifactId>aspectjweaver</artifactId> 106 <version>1.7.4</version> 107 </dependency> 108 109 <dependency> 110 <groupId>org.springframework</groupId> 111 <artifactId>spring-context-support</artifactId> 112 <version>4.0.0.RELEASE</version> 113 </dependency> 114 115 <dependency> 116 <groupId>org.springframework</groupId> 117 <artifactId>spring-jdbc</artifactId> 118 <version>4.0.0.RELEASE</version> 119 </dependency> 120 121 <dependency> 122 <groupId>org.springframework</groupId> 123 <artifactId>spring-tx</artifactId> 124 <version>4.0.0.RELEASE</version> 125 </dependency> 126 127 <dependency> 128 <groupId>org.springframework</groupId> 129 <artifactId>spring-webmvc</artifactId> 130 <version>4.0.0.RELEASE</version> 131 </dependency> 132 133 <!--jackson --> 134 <dependency> 135 <groupId>com.fasterxml.jackson.core</groupId> 136 <artifactId>jackson-databind</artifactId> 137 <version>2.2.3</version> 138 </dependency> 139 140 </dependencies> 141 <build> 142 <finalName>chapter17-server</finalName> 143 <plugins> 144 <plugin> 145 <groupId>org.mortbay.jetty</groupId> 146 <artifactId>jetty-maven-plugin</artifactId> 147 <version>8.1.8.v20121106</version> 148 <configuration> 149 <webAppConfig> 150 <contextPath>/${project.build.finalName}</contextPath> 151 </webAppConfig> 152 </configuration> 153 </plugin> 154 155 156 <plugin> 157 <groupId>org.apache.tomcat.maven</groupId> 158 <artifactId>tomcat7-maven-plugin</artifactId> 159 <version>2.2</version> 160 <configuration> 161 <path>/${project.build.finalName}</path> 162 </configuration> 163 164 </plugin> 165 </plugins> 166 167 168 </build> 169 </project>
(2)table
shiro-schema.sql
oauth2_user存储着resource owner,oauth2_client存储着client的信息,在进行授权时使用。
1 drop table if exists oauth2_client; 2 drop table if exists oauth2_user; 3 4 create table oauth2_user ( 5 id bigint auto_increment, 6 username varchar(100), 7 password varchar(100), 8 salt varchar(100), 9 constraint pk_oauth2_user primary key(id) 10 ) charset=utf8 ENGINE=InnoDB; 11 create unique index idx_oauth2_user_username on oauth2_user(username); 12 13 create table oauth2_client ( 14 id bigint auto_increment, 15 client_name varchar(100), 16 client_id varchar(100), 17 client_secret varchar(100), 18 constraint pk_oauth2_client primary key(id) 19 ) charset=utf8 ENGINE=InnoDB; 20 create index idx_oauth2_client_client_id on oauth2_client(client_id);
shiro-data.sql:
DELIMITER ;
delete from oauth2_user;
delete from oauth2_client;
insert into oauth2_user values(1,'admin','d3c59d25033dbf980d29554025c23a75','8d78869f470951332959580424d4bf4f');
insert into oauth2_client values(1,'chapter17-client','c1ebe466-1cdc-4bd3-ab69-77c3561b9dee','d8346ea2-6017-43ed-ad68-19c0f971738b');
(2)entity
1 package com.github.zhangkaitao.shiro.chapter17.entity; 2 3 import java.io.Serializable; 4 5 /** 6 * <p>User: Zhang Kaitao 7 * <p>Date: 14-2-17 8 * <p>Version: 1.0 9 */ 10 public class Client implements Serializable { 11 12 private Long id; 13 private String clientName; 14 private String clientId; 15 private String clientSecret; 16 17 public Long getId() { 18 return id; 19 } 20 21 public void setId(Long id) { 22 this.id = id; 23 } 24 25 public String getClientName() { 26 return clientName; 27 } 28 29 public void setClientName(String clientName) { 30 this.clientName = clientName; 31 } 32 33 public String getClientId() { 34 return clientId; 35 } 36 37 public void setClientId(String clientId) { 38 this.clientId = clientId; 39 } 40 41 public String getClientSecret() { 42 return clientSecret; 43 } 44 45 public void setClientSecret(String clientSecret) { 46 this.clientSecret = clientSecret;
最低0.47元/天 解锁文章
扫一扫
347
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
