spring security oauth2 资源服务器配置及检验过程

已于 2022-04-22 11:55:15 修改
阅读量2.5k 收藏
点赞数
分类专栏: spring security 文章标签: oauth2
于 2021-09-28 18:07:00 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/mis_huang/article/details/120534672
版权 
@Target({ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Documented
@Import({ResourceServerConfiguration.class})
public @interface EnableResourceServer {
}

@Configuration
public class ResourceServerConfiguration extends WebSecurityConfigurerAdapter implements Ordered {
    private int order = 3;
    @Autowired(
        required = false
    )
    private TokenStore tokenStore;
    @Autowired(
        required = false
    )
    private AuthenticationEventPublisher eventPublisher;
    @Autowired(
        required = false
    )
    private Map<String, ResourceServerTokenServices> tokenServices;
    @Autowired
    private ApplicationContext context;
    private List<ResourceServerConfigurer> configurers = Collections.emptyList();
    @Autowired(
        required = false
    )
    private AuthorizationServerEndpointsConfiguration endpoints;

    public ResourceServerConfiguration() {
    }

    public int getOrder() {
        return this.order;
    }

    public void setOrder(int order) {
        this.order = order;
    }

    @Autowired(
        required = false
    )
    public void setConfigurers(List<ResourceServerConfigurer> configurers) {
        this.configurers = configurers;
    }

    protected void configure(HttpSecurity http) throws Exception {
        ResourceServerSecurityConfigurer resources = new ResourceServerSecurityConfigurer();
        ResourceServerTokenServices services = this.resolveTokenServices();
        if (services != null) {
            resources.tokenServices(services);
        } else if (this.tokenStore != null) {
            resources.tokenStore(this.tokenStore);
        } else if (this.endpoints != null) {
            resources.tokenStore(this.endpoints.getEndpointsConfigurer().getTokenStore());
        }

        if (this.eventPublisher != null) {
            resources.eventPublisher(this.eventPublisher);
        }

        Iterator i$ = this.configurers.iterator();

        ResourceServerConfigurer configurer;
        while(i$.hasNext()) {
            configurer = (ResourceServerConfigurer)i$.next();
            configurer.configure(resources);
        }

        ((HttpSecurity)((HttpSecurity)http.authenticationProvider(new AnonymousAuthenticationProvider("default")).exceptionHandling().accessDeniedHandler(resources.getAccessDeniedHandler()).and()).sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()).csrf().disable();
        http.apply(resources);
        if (this.endpoints != null) {
            http.requestMatcher(new ResourceServerConfiguration.NotOAuthRequestMatcher(this.endpoints.oauth2EndpointHandlerMapping()));
        }

        i$ = this.configurers.iterator();

        while(i$.hasNext()) {
            configurer = (ResourceServerConfigurer)i$.next();
            configurer.configure(http);
        }

        if (this.configurers.isEmpty()) {
            ((AuthorizedUrl)http.authorizeRequests().anyRequest()).authenticated();
        }

    }

    private ResourceServerTokenServices resolveTokenServices() {
        if (this.tokenServices != null && this.tokenServices.size() != 0) {
            if (this.tokenServices.size() == 1) {
                return (ResourceServerTokenServices)this.tokenServices.values().iterator().next();
            } else {
                if (this.tokenServices.size() == 2) {
                    Iterator<ResourceServerTokenServices> iter = this.tokenServices.values().iterator();
                    ResourceServerTokenServices one = (ResourceServerTokenServices)iter.next();
                    ResourceServerTokenServices two = (ResourceServerTokenServices)iter.next();
                    if (this.elementsEqual(one, two)) {
                        return one;
                    }
                }

                return (ResourceServerTokenServices)this.context.getBean(ResourceServerTokenServices.class);
            }
        } else {
            return null;
        }
    }

    private boolean elementsEqual(Object one, Object two) {
        if (one == two) {
            return true;
        } else {
            Object targetOne = this.findTarget(one);
            Object targetTwo = this.findTarget(two);
            return targetOne == targetTwo;
        }
    }

    private Object findTarget(Object item) {
        Object current = item;

        while(current instanceof Advised) {
            try {
                current = ((Advised)current).getTargetSource().getTarget();
            } catch (Exception var4) {
                ReflectionUtils.rethrowRuntimeException(var4);
            }
        }

        return current;
    }

    private static class NotOAuthRequestMatcher implements RequestMatcher {
        private FrameworkEndpointHandlerMapping mapping;

        public NotOAuthRequestMatcher(FrameworkEndpointHandlerMapping mapping) {
            this.mapping = mapping;
        }

        public boolean matches(HttpServletRequest request) {
            String requestPath = this.getRequestPath(request);
            Iterator i$ = this.mapping.getPaths().iterator();

            String path;
            do {
                if (!i$.hasNext()) {
                    return true;
                }

                path = (String)i$.next();
            } while(!requestPath.startsWith(this.mapping.getPath(path)));

            return false;
        }

        private String getRequestPath(HttpServletRequest request) {
            String url = request.getServletPath();
            if (request.getPathInfo() != null) {
                url = url + request.getPathInfo();
            }

            return url;
        }
    }
}


package org.springframework.boot.autoconfigure.security.oauth2.resource;

import java.util.Map;
import org.springframework.beans.BeanUtils;
import org.springframework.boot.autoconfigure.condition.ConditionMessage;
import org.springframework.boot.autoconfigure.condition.ConditionOutcome;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
import org.springframework.boot.autoconfigure.condition.SpringBootCondition;
import org.springframework.boot.autoconfigure.condition.ConditionMessage.Builder;
import org.springframework.boot.autoconfigure.security.SecurityProperties;
import org.springframework.boot.context.properties.bind.Bindable;
import org.springframework.boot.context.properties.bind.Binder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Condition;
import org.springframework.context.annotation.ConditionContext;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ConfigurationCondition;
import org.springframework.context.annotation.Import;
import org.springframework.context.annotation.ConfigurationCondition.ConfigurationPhase;
import org.springframework.core.annotation.AnnotationUtils;
import org.springframework.core.env.ConfigurableEnvironment;
import org.springframework.core.env.Environment;
import org.springframework.core.type.AnnotatedTypeMetadata;
import org.springframework.core.type.StandardAnnotationMetadata;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer.AuthorizedUrl;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfiguration;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;

@Configuration
@Conditional({OAuth2ResourceServerConfiguration.ResourceServerCondition.class})
@ConditionalOnClass({EnableResourceServer.class, SecurityProperties.class})
@ConditionalOnWebApplication
@ConditionalOnBean({ResourceServerConfiguration.class})
@Import({ResourceServerTokenServicesConfiguration.class})
public class OAuth2ResourceServerConfiguration {
    private final ResourceServerProperties resource;

    public OAuth2ResourceServerConfiguration(ResourceServerProperties resource) {
        this.resource = resource;
    }

    @Bean
    @ConditionalOnMissingBean({ResourceServerConfigurer.class})
    public ResourceServerConfigurer resourceServer() {
        return new OAuth2ResourceServerConfiguration.ResourceSecurityConfigurer(this.resource);
    }

    @ConditionalOnBean({AuthorizationServerEndpointsConfiguration.class})
    private static class AuthorizationServerEndpointsConfigurationBeanCondition {
        private AuthorizationServerEndpointsConfigurationBeanCondition() {
        }

        public static boolean matches(ConditionContext context) {
            Class<OAuth2ResourceServerConfiguration.AuthorizationServerEndpointsConfigurationBeanCondition> type = OAuth2ResourceServerConfiguration.AuthorizationServerEndpointsConfigurationBeanCondition.class;
            Conditional conditional = (Conditional)AnnotationUtils.findAnnotation(type, Conditional.class);
            StandardAnnotationMetadata metadata = new StandardAnnotationMetadata(type);
            Class[] var4 = conditional.value();
            int var5 = var4.length;

            for(int var6 = 0; var6 < var5; ++var6) {
                Class<? extends Condition> conditionType = var4[var6];
                Condition condition = (Condition)BeanUtils.instantiateClass(conditionType);
                if (condition.matches(context, metadata)) {
                    return true;
                }
            }

            return false;
        }
    }

    protected static class ResourceServerCondition extends SpringBootCondition implements ConfigurationCondition {
        private static final Bindable<Map<String, Object>> STRING_OBJECT_MAP = Bindable.mapOf(String.class, Object.class);
        private static final String AUTHORIZATION_ANNOTATION = "org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration";

        protected ResourceServerCondition() {
        }

        public ConfigurationPhase getConfigurationPhase() {
            return ConfigurationPhase.REGISTER_BEAN;
        }

        public ConditionOutcome getMatchOutcome(ConditionContext context, AnnotatedTypeMetadata metadata) {
            Builder message = ConditionMessage.forCondition("OAuth ResourceServer Condition", new Object[0]);
            Environment environment = context.getEnvironment();
            if (!(environment instanceof ConfigurableEnvironment)) {
                return ConditionOutcome.noMatch(message.didNotFind("A ConfigurableEnvironment").atAll());
            } else if (this.hasOAuthClientId(environment)) {
                return ConditionOutcome.match(message.foundExactly("client-id property"));
            } else {
                Binder binder = Binder.get(environment);
                String prefix = "security.oauth2.resource.";
                if (binder.bind(prefix + "jwt", STRING_OBJECT_MAP).isBound()) {
                    return ConditionOutcome.match(message.foundExactly("JWT resource configuration"));
                } else if (binder.bind(prefix + "jwk", STRING_OBJECT_MAP).isBound()) {
                    return ConditionOutcome.match(message.foundExactly("JWK resource configuration"));
                } else if (StringUtils.hasText(environment.getProperty(prefix + "user-info-uri"))) {
                    return ConditionOutcome.match(message.foundExactly("user-info-uri property"));
                } else if (StringUtils.hasText(environment.getProperty(prefix + "token-info-uri"))) {
                    return ConditionOutcome.match(message.foundExactly("token-info-uri property"));
                } else {
                    return ClassUtils.isPresent("org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration", (ClassLoader)null) && OAuth2ResourceServerConfiguration.AuthorizationServerEndpointsConfigurationBeanCondition.matches(context) ? ConditionOutcome.match(message.found("class").items(new Object[]{"org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration"})) : ConditionOutcome.noMatch(message.didNotFind("client ID, JWT resource or authorization server").atAll());
                }
            }
        }

        private boolean hasOAuthClientId(Environment environment) {
            return StringUtils.hasLength(environment.getProperty("security.oauth2.client.client-id"));
        }
    }

    protected static class ResourceSecurityConfigurer extends ResourceServerConfigurerAdapter {
        private ResourceServerProperties resource;

        public ResourceSecurityConfigurer(ResourceServerProperties resource) {
            this.resource = resource;
        }

        public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
            resources.resourceId(this.resource.getResourceId());
        }

        public void configure(HttpSecurity http) throws Exception {
            ((AuthorizedUrl)http.authorizeRequests().anyRequest()).authenticated();
        }
    }
}


@Configuration
@ConditionalOnMissingBean({AuthorizationServerEndpointsConfiguration.class})
public class ResourceServerTokenServicesConfiguration {


    @Configuration
    @Conditional({ResourceServerTokenServicesConfiguration.RemoteTokenCondition.class})
    protected static class RemoteTokenServicesConfiguration {
        protected RemoteTokenServicesConfiguration() {
        }

        @Configuration
        @ConditionalOnMissingClass({"org.springframework.social.connect.support.OAuth2ConnectionFactory"})
        @Conditional({ResourceServerTokenServicesConfiguration.NotTokenInfoCondition.class})
        protected static class UserInfoTokenServicesConfiguration {
            private final ResourceServerProperties sso;
            private final OAuth2RestOperations restTemplate;
            private final AuthoritiesExtractor authoritiesExtractor;
            private final PrincipalExtractor principalExtractor;

            public UserInfoTokenServicesConfiguration(ResourceServerProperties sso, UserInfoRestTemplateFactory restTemplateFactory, ObjectProvider<AuthoritiesExtractor> authoritiesExtractor, ObjectProvider<PrincipalExtractor> principalExtractor) {
                this.sso = sso;
                this.restTemplate = restTemplateFactory.getUserInfoRestTemplate();
                this.authoritiesExtractor = (AuthoritiesExtractor)authoritiesExtractor.getIfAvailable();
                this.principalExtractor = (PrincipalExtractor)principalExtractor.getIfAvailable();
            }

            @Bean
            @ConditionalOnMissingBean({ResourceServerTokenServices.class})
            public UserInfoTokenServices userInfoTokenServices() {
                UserInfoTokenServices services = new UserInfoTokenServices(this.sso.getUserInfoUri(), this.sso.getClientId());
                services.setRestTemplate(this.restTemplate);
                services.setTokenType(this.sso.getTokenType());
                if (this.authoritiesExtractor != null) {
                    services.setAuthoritiesExtractor(this.authoritiesExtractor);
                }

                if (this.principalExtractor != null) {
                    services.setPrincipalExtractor(this.principalExtractor);
                }

                return services;
            }
        }

        @Configuration
        @ConditionalOnClass({OAuth2ConnectionFactory.class})
        @Conditional({ResourceServerTokenServicesConfiguration.NotTokenInfoCondition.class})
        protected static class SocialTokenServicesConfiguration {
            private final ResourceServerProperties sso;
            private final OAuth2ConnectionFactory<?> connectionFactory;
            private final OAuth2RestOperations restTemplate;
            private final AuthoritiesExtractor authoritiesExtractor;
            private final PrincipalExtractor principalExtractor;

            public SocialTokenServicesConfiguration(ResourceServerProperties sso, ObjectProvider<OAuth2ConnectionFactory<?>> connectionFactory, UserInfoRestTemplateFactory restTemplateFactory, ObjectProvider<AuthoritiesExtractor> authoritiesExtractor, ObjectProvider<PrincipalExtractor> principalExtractor) {
                this.sso = sso;
                this.connectionFactory = (OAuth2ConnectionFactory)connectionFactory.getIfAvailable();
                this.restTemplate = restTemplateFactory.getUserInfoRestTemplate();
                this.authoritiesExtractor = (AuthoritiesExtractor)authoritiesExtractor.getIfAvailable();
                this.principalExtractor = (PrincipalExtractor)principalExtractor.getIfAvailable();
            }

            @Bean
            @ConditionalOnBean({ConnectionFactoryLocator.class})
            @ConditionalOnMissingBean({ResourceServerTokenServices.class})
            public SpringSocialTokenServices socialTokenServices() {
                return new SpringSocialTokenServices(this.connectionFactory, this.sso.getClientId());
            }

            @Bean
            @ConditionalOnMissingBean({ConnectionFactoryLocator.class, ResourceServerTokenServices.class})
            public UserInfoTokenServices userInfoTokenServices() {
                UserInfoTokenServices services = new UserInfoTokenServices(this.sso.getUserInfoUri(), this.sso.getClientId());
                services.setTokenType(this.sso.getTokenType());
                services.setRestTemplate(this.restTemplate);
                if (this.authoritiesExtractor != null) {
                    services.setAuthoritiesExtractor(this.authoritiesExtractor);
                }

                if (this.principalExtractor != null) {
                    services.setPrincipalExtractor(this.principalExtractor);
                }

                return services;
            }
        }

        @Configuration
        @Conditional({ResourceServerTokenServicesConfiguration.TokenInfoCondition.class})
        protected static class TokenInfoServicesConfiguration {
            private final ResourceServerProperties resource;

            protected TokenInfoServicesConfiguration(ResourceServerProperties resource) {
                this.resource = resource;
            }

            @Bean
            public RemoteTokenServices remoteTokenServices() {
                RemoteTokenServices services = new RemoteTokenServices();
                services.setCheckTokenEndpointUrl(this.resource.getTokenInfoUri());
                services.setClientId(this.resource.getClientId());
                services.setClientSecret(this.resource.getClientSecret());
                return services;
            }
        }
    }
}

@Configuration
@ConditionalOnMissingBean(AuthorizationServerEndpointsConfiguration.class) // 容器中没有 AuthorizationServerEndpointsConfiguration 实例
public class ResourceServerTokenServicesConfiguration {
    
    // 注入对应的 ResourceServerTokenServices
}
// 关于资源服务器自定义配置
public class AutoResourceServerConfiguration implements ResourceServerConfigurer {

    private final RemoteTokenServices remoteTokenServices;

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter(); // 默认访问令牌转换器
        UserAuthenticationConverter userTokenConverter = new EnhanceUserAuthenticationConverter(); // 自定义增强用户认证转换器
        accessTokenConverter.setUserTokenConverter(userTokenConverter);
        // 增强用户认证转换器
        remoteTokenServices.setAccessTokenConverter(accessTokenConverter);
        // 使用远程令牌服务
        resources.tokenServices(remoteTokenServices);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()
                .and().csrf().disable();
    }
}
// 关于资源服务器检验token

// 对所有需要令牌的资源生效
OAuth2AuthenticationProcessingFilter  
// 使用BearerTokenExtractor在请求头中提取token
BearerTokenExtractor.extract()  
// bearer token 生成预认证令牌 PreAuthenticatedAuthenticationToken 
// 使用OAuth2AuthenticationManager认证
OAuth2AuthenticationManager.authenticate()  
// 使用远程token服务加载令牌 默认使用DefaultTokenServices 可以通过 
// ResourceServerSecurityConfigurer.tokenServices  配置自定义资源服务器
ResourceServerConfigurer.configure 
// 加载令牌
RemoteTokenServices.loadAuthentication() 
// 默认访问令牌转换器
DefaultAccessTokenConverter.extractAuthentication()
// 默认用户认证转换器
DefaultUserAuthenticationConverter.extractAuthentication() 
// 至此 用户认证信息 已经成功提取到
// 关于资源服务器是如何配置 OAuth2AuthenticationProcessingFilter 到容器的
@EnableResourceServer 
// 注入ResourceServerConfiguration到容器
public class ResourceServerConfiguration extends WebSecurityConfigurerAdapter implements Ordered{
    protected void configure(HttpSecurity http) -> { 
ResourceServerTokenServices services = this.resolveTokenServices();
        // 配置资源服务安全配置
        ResourceServerSecurityConfigurer resources = new ResourceServerSecurityConfigurer(){
            public void configure(HttpSecurity http){
            // 配置 O Auth 2身份验证处理过滤器
                AuthenticationManager oauthAuthenticationManager =                 this.oauthAuthenticationManager(http);
                this.resourcesServerFilter = new OAuth2AuthenticationProcessingFilter();
             this.resourcesServerFilter.setAuthenticationEntryPoint(this.authenticationEntryPoint);
            this.resourcesServerFilter.setAuthenticationManager(oauthAuthenticationManager);
        }
    };
    http.apply(resources);
}
}
// 至此过滤器配置完成

    

mis_huang
关注
  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
spring security 官方文档
10-08
7. **API安全**:Spring Security还支持RESTful API的安全,可以为JSON Web Tokens (JWT) 提供生成和验证,以及OAuth2和OpenID Connect集成。 8. **国际化(Internationalization)**:框架支持多语言错误消息,...
Spring Security OAuth2 配置注意点
热门推荐
来啊 快活啊
09-14 3万+
security.oauth2.resource.jwt.key-uri/security.oauth2.resource.jwt.key-value和security.oauth2.resource.jwk.key-set-uri只能配置一个 前面是配置一个key,后面是配置好多key security.oauth2.client 下面的client_id和client_secret配置多重意
Binding to target org.springframework.boot.autoconfigure.jdbc.DataSourceProperties@46c3a14d failed:
weixin_33814685的博客
01-08 1688
Error starting ApplicationContext. To display the auto-configuration report re-run your application with 'debug' enabled. 2018-01-03 10:52:46.766 ERROR 2513 --- [ mai...
微服务安全Spring Security Oauth2实战
最新发布
zz12345600354的博客
04-30 1056
Authorization)是一种开放标准的授权协议,允许用户授权第三方应用访问其在某个服务提供者上的受保护资源,而无需将其实际的凭证(如用户名和密码)分享给第三方应用。这种方式可以增加安全性,同时允许用户更好地控制其数据的访问权限。OAuth 2.1 去掉了 OAuth 2.0 中的密码模式、简化模式,增加了设备授权码模式,同时也对授权码模式增加了 PKCE 扩展。OAuth 2.1 协议:<https://datatracker.ietf.org/doc/html/draft-ietf-
SpringCloud微服务——基于security+oauth2的安全保护(三):资源服务
fyk的博客
08-13 5717
在实现方式一文中,已经说明了资源服务的代码结构。现在开始具体的实现。 加入jar包 在公用的pom文件中,引入jar包: <!-- security oauth2 start --> <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring...
Spring Security OAuth2之resource_id配置与验证
字母哥博客
07-28 8140
一、resource_id的作用 Spring Security OAuth2 架构上分为Authorization Server认证服务器Resource Server资源服务器。我们可以为每一个Resource Server(一个微服务实例)设置一个resourceid。Authorization Server给client第三方客户端授权的时候,可以设置这个client可以访问哪一些Resource Server资源服务,如果没设置,就是对所有的Resource Server都有访问权限。
SpringBoot2
luobailian的专栏
07-19 1330
第一季:SpringBoot2核心技术-基础入门 学习要求 熟悉Spring基础 熟悉Maven使用 环境要求 3、时代背景 3.1、微服务 James Lewis and Martin Fowler (2014) 提出微服务完整概念。https://martinfowler.com/microservices/ In short, the microservice architectural style is an approach to developing a single ap
Spring Boot(四)之使用JWT和Spring Security保护REST API
08-30
"Spring Boot使用JWT和Spring Security保护REST API" Spring Boot中的REST API保护是非常重要的,因为直接暴露API可能会带来很大的风险。因此,本文将介绍使用JWT(Json Web Token)和Spring Security来保护REST ...
Java资源包01
08-31
目前互联网很多服务如Open API,很多大头公司如Google,Yahoo,Microsoft等都提供了OAUTH认证服务,这些都足以说明OAUTH标准逐渐成为开放资源授权 的标准。 Java的命令行处理类库 JArgs JArgs 是一个 Java 语言用来...
java开源包2
06-28
目前互联网很多服务如Open API,很多大头公司如Google,Yahoo,Microsoft等都提供了OAUTH认证服务,这些都足以说明OAUTH标准逐渐成为开放资源授权 的标准。 Java的命令行处理类库 JArgs JArgs 是一个 Java 语言用来...
JAVA上百实例源码以及开源项目源代码
12-11
Java编写的显示器显示模式检测程序 2个目标文件 内容索引:JAVA源码,系统相关,系统信息检测 用JAVA编写了一个小工具,用于检测当前显示器也就是显卡的显示模式,比如分辨率,色彩以及刷新频率等。 Java波浪文字制作...
Spring Security OAuth2 Resource Server 的一些核心组件和内置 Filter
小水牛的博客
05-07 4631
Spring Security OAuth2 Resource Server 的一些核心组件和内置 Filter
SpringBoot搭建SpringSecurity配置登陆接口出错
海角12138的博客
11-09 441
1--安全登录页面如下所示 2--输入账户密码 出现如下所示 跳转不到hello页面,查询得少了一个依赖文件 3--在pom文件中配置如下所示: <thymeleaf.version>3.0.2.RELEASE</thymeleaf.version> <thymeleaf-layout-dialect.version>2.0.5&lt...
Spring SecurityOAuth2(资源服务器
chucan4529的博客
01-26 816
Spring SecurityOAuth2 resource-server(资源服务器) 资源服务器 要访问资源服务器受保护的资源需要携带令牌(从授权服务器获得) 客户端往往同时也是一个资源服务器,各个服务之间的通信(访问需要权限的资源)时需携带访问令牌 资源服务器通过 @Enable...
资源服务器校验token
qq_29860591的博客
08-22 1966
资源服务器校验token 基于token 1.远程调用认证服务验证Token 认证服务需要在AuthorizationServerConfigurerAdapter继承类中配置中增加以下代码,允许资源服务调用校验token的接口。 //配置端点的权限 @Override public void configure(AuthorizationServerSecurityConfig...
Spring Security Oauth2 ResourceServerConfigurerAdapter (资源服务器配置
wangooo的博客
02-21 1万+
ResourceServerConfigurerAdapter (资源服务器配置) 内部关联了ResourceServerSecurityConfigurer 和 HttpSecurity。前者与资源安全配置相关,后者与http安全配置相关 @Override public void configure(ResourceServerSecurityConfigurer resources) { //resourceId 用于分配给可授予的clientId
Spring Security 学习笔记(七)--资源服务
SuperArc1999的博客
01-15 520
6.2.7资源服务测试 6.2.7.1资源服务器配置 添加@EnableResourceServer注解到一个@Configuration配置类上,并且使用ResourceConfigurer这个配置对象来进行配置(可以选择继承自ResourceServerConfigurerAdapter类[或实现ResourceServerConfigurer接口]然后覆写其中的方法,参数就是这个对象的实例),下面是一些可以配置的属性: tokenServices:ResourceServerTokenServi
oauth2-resource-server授权配置介绍
言午玉口才
08-17 2486
也就是授权(token中存放用户名、授权信息),接着资源服务器的token处理过程,可以直接请求授权服务器,由授权服务器验证;也可以在授权服务器确定固定的公钥私钥,资源服务器自己根据公钥解析token,获取jwt,最后获取用户信息。至此,资源服务器可以正常使用。若是你的系统比较庞大,每次请求都会请求授权服务器,这会给授权服务器带来压力,具体的实现方案可以根据实际情况而定。后,对授权服务器有一定的认识,那么授权服务器生成token后,该怎么用呢,这就涉及到资源服务器,现在给大家简单介绍实现过程
SpringSecurityOauth2 - Token校验逻辑,以及认证对象如何存到Security上下文中的(RemoteTokenServices)
m0_54554770的博客
11-25 797
SpringSecurityOauth的Token校验逻辑 以及 认证对象是如何存到SpringSecurity的上下文中的(RemoteTokenServices)
Spring security oauth2 配置白名单接口
05-31
好的,关于 Spring Security OAuth2 配置白名单接口,我可以为您提供一些解释和示例。 通过配置白名单接口,您可以允许未经过认证的用户访问某些特定的接口。在 Spring Security OAuth2 中,可以使用 `WebSecurity` 配置类来实现白名单接口的配置。您可以在 `configure` 方法中添加相应的配置来实现。 以下是一个示例代码,演示了如何配置一个白名单接口: ```java @Configuration @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/public/**").permitAll() // 配置白名单接口 .anyRequest().authenticated() // 其他接口需要认证 .and().csrf().disable(); } // 其他配置... } ``` 在这个示例中,我们将所有以 `/public` 开头的接口都配置为白名单接口,即未经过认证的用户也可以访问这些接口。其他接口则需要认证才能访问。 希望这个示例能够帮助您理解如何在 Spring Security OAuth2 中配置白名单接口。如果您还有其他问题,请随时问我。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值