oauth2之JwtTokenStore返回jwt格式token

最新推荐文章于 2024-06-07 15:47:40 发布

重生之我是一名程序员

最新推荐文章于 2024-06-07 15:47:40 发布

阅读量3.3k

点赞数

分类专栏： oauth2

oauth2 专栏收录该内容

25 篇文章 7 订阅

订阅专栏

oauth2之JwtTokenStore返回jwt格式token

基于spring boot 2.0.4.RELEASE

加入依赖

compile('org.springframework.security:spring-security-jwt')

授权服务器配置

@Configuration
@EnableAuthorizationServer
//@EnableAuthorizationServer的作用就是添加一条拦截规则(这里是Oauth2)
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
    @Bean
    public TokenStore tokenStore() {
       return new JwtTokenStore(jwtAccessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter(){
       JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
       //对称类型key
       converter.setSigningKey("123456");
       return converter;
    }

    @Bean
   public DefaultTokenServices tokenServices() {
       DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
       defaultTokenServices.setTokenStore(tokenStore());
       defaultTokenServices.setSupportRefreshToken(true);
       //设置jwtAccessTokenConverter,因为jwtAccessTokenConverter实现了TokenEnhancer接口
       defaultTokenServices.setTokenEnhancer(jwtAccessTokenConverter());
       defaultTokenServices.setClientDetailsService(clientDetailsService());
       return defaultTokenServices;
   }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security.realm("simple")
                //exposes public key for token verification if using JWT tokens
                //使用标准的spel语言就行
                //默认都是denyAll()
                .tokenKeyAccess("permitAll()")
                //used by Resource Servers to decode access tokens
                //jwt校验
                .checkTokenAccess("isAuthenticated()")
                .allowFormAuthenticationForClients();
    }

}

资源服务器配置

@Configuration
@EnableResourceServer
public class ResourcesServerConfiguration extends ResourceServerConfigurerAdapter {


    @Autowired
    private ResourceServerTokenServices tokenServices;

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.tokenServices(tokenServices);
        resources.resourceId("product_api").stateless(false);
    }

    //omitted...
}

获取token

http://localhost:8080/oauth/token?grant_type=authorization_code&code=gJjkG8&client_id=pair&client_secret=secret&redirect_uri=http://baidu.com:

{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsicHJvZHVjdF9hcGkiXSwidXNlcl9uYW1lIjoiYWRtaW4iLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiLCJ0cnVzdCJdLCJleHAiOjE1MzYxMzA3OTgsImF1dGhvcml0aWVzIjpbIlJPTEVfQURNSU4iXSwianRpIjoiNTFjMWJkNDctODUxZC00NTMyLWIwODItYTlhOTJiMDNiMTNhIiwiY2xpZW50X2lkIjoicGFpciJ9.CU2qTESn2fTq6YSJtWwDEcnZriVGJt1sPIZhOYr7_wI",
    "token_type": "bearer",
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsicHJvZHVjdF9hcGkiXSwidXNlcl9uYW1lIjoiYWRtaW4iLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiLCJ0cnVzdCJdLCJhdGkiOiI1MWMxYmQ0Ny04NTFkLTQ1MzItYjA4Mi1hOWE5MmIwM2IxM2EiLCJleHAiOjE1Mzg3MjA3OTgsImF1dGhvcml0aWVzIjpbIlJPTEVfQURNSU4iXSwianRpIjoiYTI2ODI4MTgtYWJjMS00NWJkLTgwNDEtN2NmZGEwZmI1YTMzIiwiY2xpZW50X2lkIjoicGFpciJ9.geQYgeoGEaqLqKYtU-ts4IRc0zqwZqclLJILsHi6TGM",
    "expires_in": 1998,
    "scope": "read write trust",
    "jti": "51c1bd47-851d-4532-b082-a9a92b03b13a"
}

重生之我是一名程序员

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
oauth2之JwtTokenStore返回jwt格式token

oauth2之JwtTokenStore返回jwt格式token基于spring boot 2.0.4.RELEASE加入依赖compile('org.springframework.security:spring-security-jwt')授权服务器配置@Configuration@EnableAuthorizationServer//@EnableAu...
复制链接

扫一扫

专栏目录