OAuth2授权服务器配置
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
UserAuthorityServiceImpl userService;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private JwtAccessTokenConverter jwtAccessTokenConverter;
@Autowired
@Qualifier("jwtTokenStore")
private TokenStore tokenStore;
@Autowired
@Qualifier("myClientDetailsService")
private ClientDetailsService clientDetailsService;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
//配置存储令牌策略
endpoints
//支持密码授权
.authenticationManager(authenticationManager)
//使用jwt
.tokenStore(tokenStore)
.accessTokenConverter(jwtAccessTokenConverter)
//刷新令牌授权是否包含对用户信息的检查
.userDetailsService(userService)
//支持get post delete请求
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST,HttpMethod.DELETE);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
//允许表单认证
security.allowFormAuthenticationForClients();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients)
throws Exception {
//使用自定义的ClientDetailsService
clients.withClientDetails(clientDetailsService);
}
}