oauth2授权码登录源码php,OAuth2四种授权登录之授权码模式获取TOKEN

学习地址:

https://www.majiaxueyuan.com/uc/play/65

Oauth2.0的一些简单介绍：

https://blog.csdn.net/qq_28198181/article/details/100523474

如果要处理使用授权码模式

需要配置两个地方:

1.将授权码模式放进去

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.http.HttpMethod;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.authentication.AuthenticationProvider;

import org.springframework.security.authentication.dao.DaoAuthenticationProvider;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.AuthenticationException;

import org.springframework.security.core.userdetails.User;

import org.springframework.security.core.userdetails.UserDetailsService;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;

import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;

import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;

import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;

import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;

import org.springframework.security.provisioning.InMemoryUserDetailsManager;

/**

* @author : HYXT_ZouQiJun

* @createTime : 2019/9/3 15:33

* @descrption :

*/

@Configuration

@EnableAuthorizationServer

public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

//accessToken 过期

private int accessTokenValiditySecond = 60 * 60 * 2; //2小时

private int refreshTokenValiditySecond = 60 * 60 * 24 * 7; // 7 天

//添加商户信息

public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {

//withClient Appid

configurer.inMemory().withClient("yyy_client").secret(passwordEncoder().encode("yyy_secret")) //设置用户 和密码

//这里放入了授权码模式

.authorizedGrantTypes("password","authorization_code","client_credentials","refresh_token").scopes("all") //设置权限类型,用密码，客户端,刷新的token 权限为所有人

.accessTokenValiditySeconds(accessTokenValiditySecond)

.refreshTokenValiditySeconds(refreshTokenValiditySecond);

}

//定义授权和令牌端点和令牌服务

public void configure(AuthorizationServerEndpointsConfigurer endpointsConfigurer){

//刷新令牌时需要的认证管理和用户信息来源

endpointsConfigurer.authenticationManager(authenticationManager()).allowedTokenEndpointRequestMethods(HttpMethod.GET,HttpMethod.POST);

endpointsConfigurer.authenticationManager(authenticationManager());

endpointsConfigurer.userDetailsService(userDetailsService());

}

@Override

public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {

//允许表单认证

oauthServer.allowFormAuthenticationForClients();

//允许 check_token 访问

oauthServer.checkTokenAccess("permitAll()");

}

@Bean

AuthenticationManager authenticationManager() {

AuthenticationManager authenticationManager = new AuthenticationManager() {

public Authentication authenticate(Authentication authentication) throws AuthenticationException {

return daoAuhthenticationProvider().authenticate(authentication);

}

};

return authenticationManager;

}

@Bean

public AuthenticationProvider daoAuhthenticationProvider() {

DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();

daoAuthenticationProvider.setUserDetailsService(userDetailsService());

daoAuthenticationProvider.setHideUserNotFoundExceptions(false);

daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());

return daoAuthenticationProvider;

}

// 设置添加用户信息,正常应该从数据库中读取

@Bean

UserDetailsService userDetailsService() {

InMemoryUserDetailsManager userDetailsService = new InMemoryUserDetailsManager();

userDetailsService.createUser(User.withUsername("user_1").password(passwordEncoder().encode("123456"))

.authorities("ROLE_USER").build());

userDetailsService.createUser(User.withUsername("user_2").password(passwordEncoder().encode("123456"))

.authorities("ROLE_USER").build());

return userDetailsService;

}

@Bean

PasswordEncoder passwordEncoder() {

// 加密方式

PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();

return passwordEncoder;

}

}

2.需要配置一个security，不然会报错

@Component

public class SecurityConfig extends WebSecurityConfigurerAdapter {

//暂时什么都没写

}

3.测试一下

首先需要获取到认证的code 才能通过code 得到token

将程序类启动:

@SpringBootApplication

public class SSOApplication {

public static void main(String[] args) {

SpringApplication.run(SSOApplication.class, args);

}

}

这个连接是自己写了个路径

http://localhost:8080/oauth/authorize?response_type=code&client_id=yyy_client&redirect_uri=http://www.4399.com

访问路径 Security会先让你输入用户名和密码

我们将后台写死的user和password

会跳转到我们原来进入的路径。选择允许

点击认证后会跳转到4399页面 地址栏会附带code

我们通过postman 去访问oauth下的token

http://localhost:8080/oauth/token

如下：

如下得到了token值

注意：token只有一次 如果要下一次的话得重新获取code码

重新从authorize中获取

可以看到即便code不一致但是token是一致的

简单记录一下 以后补充现在不会的