@Configuration
public class ClientOauthConfig {
@Autowired
private ExtApplicationService extApplicationService;
@Autowired
private PasswordEncoder passwordEncoder;
/**
* 从数据库加载客户端信息
*加载Bean到Spring容器中,自定义ClientDetailsService
*指定的clientID从数据库中查询是否存在,加载客户端的一些配置信息
*/
@Bean
public ClientDetailsService myClientDetailsService() {
return clientId -> {
//通过clientId查询客户端信息 从数据库中获取
ApplicationAuthority authority = extApplicationService.getBaseMapper()
.selectOne(Wrappers.lambdaQuery(ApplicationAuthority.class)
.eq(ApplicationAuthority::getClientId,clientId));
if (ObjectUtils.isEmpty(authority)) {
//返回的错误信息
throw new ClientRegistrationException("clientId无效");
}
BaseClientDetails clientDetails = new BaseClientDetails();
//设置clientID
clientDetails.setClientId(authority.getClientId());
//设置clientSecret
clientDetails.setClientSecret(passwordEncoder.encode(authority.getClientSecret()));
//设置token有效期
clientDetails.setAccessTokenValiditySeconds(7200);
//设置授权类型
clientDetails.setAuthorizedGrantTypes(Arrays.asList(Constants.CLIENT_CREDENTIALS,Constants.CLIENT_PASSWORD));
List<String> list = new ArrayList<>();
list.add("all");
//设置scope范围列表
clientDetails.setScope(list);
return clientDetails;
};
}
}
oauth2.0 客户端模式、从数据库中获取 client_id client_secret
最新推荐文章于 2023-06-12 22:41:52 发布