Spring Boot + Spring Security + OAuth2 搭建 (一)

最新推荐文章于 2024-01-28 14:30:25 发布
最新推荐文章于 2024-01-28 14:30:25 发布
阅读量5k 收藏 16
点赞数 3
分类专栏: Spring Boot
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/wllovar/article/details/87621910
版权

源代码地址:https://download.csdn.net/download/wllovar/10963011

具体那里有疑问可以给我发邮件1044560183@qq.com

最近应项目需求想搞一些类似微信公众平台那样的提供第三方访问的API,这就要用到OAuth2,具体OAuth2的认证流程如下图所示

好了废话不多说,我们开始干活

1.打开我们新建的SpringBoot项目,打开pom.xml,引入maven依赖包

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>
	<parent>
		<groupId>org.springframework.boot</groupId>
		<artifactId>spring-boot-starter-parent</artifactId>
		<version>2.1.1.RELEASE</version>
		<relativePath/> <!-- lookup parent from repository -->
	</parent>
	<groupId>com.pdl</groupId>
	<artifactId>springboot</artifactId>
	<version>0.0.1-SNAPSHOT</version>
	<name>SpringBoot</name>
	<description>Demo project for Spring Boot</description>

	<properties>
		<java.version>1.8</java.version>
	</properties>

	<dependencies>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-web</artifactId>
		</dependency>

		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-test</artifactId>
			<scope>test</scope>
		</dependency>

		<!-- 加载postgresql驱动 -->
		<dependency>
			<groupId>org.postgresql</groupId>
			<artifactId>postgresql</artifactId>
			<scope>runtime</scope>
		</dependency>
		<!--加载postgresql驱动-->
		<dependency>
			<groupId>mysql</groupId>
			<artifactId>mysql-connector-java</artifactId>
			<scope>runtime</scope>
		</dependency>
		<!-- 加载jdbc连接数据库 -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-jdbc</artifactId>
		</dependency>
		<!-- 加载mybatis jar包 -->
		<dependency>
			<groupId>org.mybatis.spring.boot</groupId>
			<artifactId>mybatis-spring-boot-starter</artifactId>
			<version>1.3.2</version>
		</dependency>
		<!-- aop依赖 jar包 -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-aop</artifactId>
		</dependency>

		<!-- alibaba的druid数据库连接池 -->
		<dependency>
			<groupId>com.alibaba</groupId>
			<artifactId>druid-spring-boot-starter</artifactId>
			<version>1.1.9</version>
		</dependency>
		<!-- 分页插件 -->
		<dependency>
			<groupId>com.github.pagehelper</groupId>
			<artifactId>pagehelper-spring-boot-starter</artifactId>
			<version>1.2.5</version>
		</dependency>
		<!--json插件-->
		<dependency>
			<groupId>com.fasterxml.jackson.core</groupId>
			<artifactId>jackson-core</artifactId>
		</dependency>
		<dependency>
			<groupId>com.fasterxml.jackson.core</groupId>
			<artifactId>jackson-databind</artifactId>
		</dependency>
		<dependency>
			<groupId>com.fasterxml.jackson.datatype</groupId>
			<artifactId>jackson-datatype-joda</artifactId>
		</dependency>
		<dependency>
			<groupId>com.fasterxml.jackson.module</groupId>
			<artifactId>jackson-module-parameter-names</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-jta-atomikos</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-redis</artifactId>
			<version>1.4.7.RELEASE</version>
		</dependency>
		<!--安全框架 security-->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.security.oauth.boot</groupId>
			<artifactId>spring-security-oauth2-autoconfigure</artifactId>
			<version>2.0.3.RELEASE</version>
		</dependency>
		<!-- redis中 不用可以去除-->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-data-redis</artifactId>
		</dependency>

		<dependency>
			<groupId>commons-lang</groupId>
			<artifactId>commons-lang</artifactId>
			<version>2.6</version>
		</dependency>
		<dependency>
			<groupId>org.projectlombok</groupId>
			<artifactId>lombok</artifactId>
			<optional>true</optional>
		</dependency>

		<!-- mybatis-plus -->
		<dependency>
			<groupId>com.baomidou</groupId>
			<artifactId>mybatis-plus-boot-starter</artifactId>
			<version>3.0.4</version>
		</dependency>

		<!--swagger start-->
		<dependency>
			<groupId>io.springfox</groupId>
			<artifactId>springfox-swagger2</artifactId>
			<version>2.9.2</version>
		</dependency>

		<dependency>
			<groupId>io.springfox</groupId>
			<artifactId>springfox-swagger-ui</artifactId>
			<version>2.9.2</version>
		</dependency>
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-thymeleaf</artifactId>
		</dependency>
		<!--swagger end-->
		 
	</dependencies>

	<build>
		<plugins>
			<plugin>
				<groupId>org.springframework.boot</groupId>
				<artifactId>spring-boot-maven-plugin</artifactId>
			</plugin>
		</plugins>
	</build>

</project>

2.在config目录下新建认证服务端配置AuthorizationServerConfiguration.java

package com.pdl.config;


import com.pdl.security.BootClientDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;


@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private BootClientDetailsService clientDetailsService;


    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        // 允许表单登录
        security.allowFormAuthenticationForClients();
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

        clients.withClientDetails(clientDetailsService);
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                // tonken 存储于内存中
                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)// add get method
                .tokenStore(new InMemoryTokenStore())
                .authenticationManager(authenticationManager);
    }

}

3.在config目录下新建认证资源配置ResourceServerConfiguration.java

package com.pdl.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;

@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        super.configure(resources);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/register").permitAll()
                .antMatchers("/druid/*").permitAll()
                .anyRequest()
                .authenticated();
    }

}

注:如果需要开放某个接口不许认证操作时应该在ResourceServerConfiguration放开该方法的认证,具体实现是

.antMatchers("/register").permitAll()

如果不加这句话访问/register会一直报

{
    "error": "unauthorized",
    "error_description": "Full authentication is required to access this resource"
}

这个坑坑我了一天,解决后特此标注一下,以便小伙伴们不再趟坑

4.在config目录下新建WebSecurity 配置

package com.pdl.config;


import com.pdl.security.BootUserDetailService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

/**
 * Created by wangle on 2018/12/28.
 */
@Configuration
@EnableWebSecurity
@Order(1)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

    @Autowired
    private BootUserDetailService userDetailService;


    /**
     * 让Security 忽略这些url,不做拦截处理
     * @param web
     * @throws Exception
     */
    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers
                ("/swagger-ui.html/**", "/webjars/**",
                        "/swagger-resources/**", "/v2/api-docs/**",
                        "/swagger-resources/configuration/ui/**", "/swagger-resources/configuration/security/**",
                        "/images/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http
                .formLogin().and()
                .requestMatchers()
                .antMatchers("/login","/oauth/authorize")
                .and()
                .authorizeRequests()
                .anyRequest()
                .authenticated();

        http.httpBasic().disable();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailService);
    }


    @Override
    @Bean
    public AuthenticationManager authenticationManager() throws Exception {
        return super.authenticationManager();
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }



}

5.自定义自定义 UserDetailsService 和 BootClientDetailsService

package com.pdl.security;

import com.pdl.domain.User;
import com.pdl.service.AdminService;
import com.pdl.service.UserService;
import org.apache.commons.lang.StringUtils;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

import java.util.ArrayList;
import java.util.List;

@Component
public class BootUserDetailService implements UserDetailsService {

    @Autowired
    private UserService userService;

    private Logger logger = LoggerFactory.getLogger(getClass());

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        User user= this.userService.selectUserByUsername(username);
        if(user==null) {
            throw new UsernameNotFoundException("用户名不存在");
        }
        GrantedAuthority authority = new SimpleGrantedAuthority("ROLE_USER");

        List <GrantedAuthority>authorities = new ArrayList<>();
        authorities.add(authority);
        user.setAuthorities(authorities);
        return user;
    }
}

新建类 BootClientDetailsService 实现ClientDetailsService 接口,覆盖loadClientByClientId(String clientId)方法,将其声明为spring组件,方便后面配置使用

package com.pdl.security;

import com.pdl.domain.Client;
import com.pdl.service.AdminService;
import com.pdl.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.ClientRegistrationException;
import org.springframework.stereotype.Component;

@Component
public final class BootClientDetailsService implements ClientDetailsService {

    @Autowired
    private UserService userService;

    @Override
    public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {

        Client client = userService.selectClientByClientId(clientId);

        if(client==null){
            throw new ClientRegistrationException("客户端不存在");
        }

        return new BootClientDetails(client);
    }

}

package com.pdl.security;


import com.pdl.domain.Client;
import com.pdl.util.CommonUtils;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.provider.ClientDetails;

import java.util.Collection;
import java.util.Map;
import java.util.Set;

/**
 * @author wangle
 * @date 2018/10/16  15:36
 *
 **/
@Data
@SuppressWarnings("unchecked")
public final class BootClientDetails implements ClientDetails {

    private Client client;
    private Set<String> scope;

    public BootClientDetails(Client client) {
        this.client = client;
    }

    public BootClientDetails() {
    }

    @Override
    public String getClientId() {
        return client.getClientId();
    }

    @Override
    public Set<String> getResourceIds() {
        return client.getResourceIds()!=null?
                CommonUtils.transformStringToSet(client.getResourceIds(),String.class):null;
    }

    @Override
    public boolean isSecretRequired() {
        return client.getIsSecretRequired();
    }

    @Override
    public String getClientSecret() {
        return client.getClientSecret();
    }

    @Override
    public boolean isScoped() {
        return client.getIsScoped();
    }

    @Override
    public Set<String> getScope() {

        this.scope = client.getScope()!=null?
                CommonUtils.transformStringToSet(client.getScope(),String.class):null;

        return client.getScope()!=null?
                CommonUtils.transformStringToSet(client.getScope(),String.class):null;
    }

    @Override
    public Set<String> getAuthorizedGrantTypes() {
        return client.getAuthorizedGrantTypes()!=null?
                CommonUtils.transformStringToSet(client.getAuthorizedGrantTypes(),String.class):null;
    }

    @Override
    public Set<String> getRegisteredRedirectUri() {
        return client.getRegisteredRedirectUri()!=null?
                CommonUtils.transformStringToSet(client.getRegisteredRedirectUri(),String.class):null;
    }

    @Override
    public Collection<GrantedAuthority> getAuthorities() {
        return (client.getAuthorities()!=null&&client.getAuthorities().trim().length()>0)?
                AuthorityUtils.commaSeparatedStringToAuthorityList(client.getAuthorities()):null;
    }

    @Override
    public Integer getAccessTokenValiditySeconds() {
        return client.getAccessTokenValiditySeconds();
    }

    @Override
    public Integer getRefreshTokenValiditySeconds() {
        return client.getRefreshTokenValiditySeconds();
    }

    @Override
    public boolean isAutoApprove(String scope) {
        return  this.client.getIsAutoApprove()==null ? false: this
                .client.getIsAutoApprove();
    }

    @Override
    public Map<String, Object> getAdditionalInformation() {
        return null;
    }
}

6.在DAO层新建UserMapper.java

package com.pdl.dao.crm;

import com.pdl.domain.Client;
import com.pdl.domain.User;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;

import java.util.HashMap;
import java.util.List;

@Mapper
public interface UserMapper {

    List<User> selectAllUser();

    void insert(HashMap params);

    User selectUserByUserName( @Param("username") String username);

    Client selectClientByClientId(@Param("clientId") String clientId);

    int insertClient(Client client);


}

7.在domain层新建实体类Client.java和User.java

package com.pdl.domain;

import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;

import javax.validation.constraints.NotNull;

/**
 * @author wangle
 * @date  2018/10/16  9:23
 *
 **/
@Data
@TableName("clients")
public class Client  {

    @TableId
    private String id;
    @TableField("clientId")
    @NotNull
    private String clientId;
    @TableField("resourceIds")
    private String resourceIds;
    @TableField("isSecretRequired")
    private Boolean isSecretRequired;
    @TableField("clientSecret")
    @NotNull
    private String clientSecret;
    @TableField("isScoped")
    private Boolean isScoped;
    @TableField("scope")
    private String scope;
    @TableField("authorizedGrantTypes")
    @NotNull
    private String authorizedGrantTypes;
    @TableField("registeredRedirectUri")
    @NotNull
    private String registeredRedirectUri;
    @TableField("authorities")
    private String authorities;
    @TableField("isAutoApprove")
    private Boolean isAutoApprove;
    @TableField("accessTokenValiditySeconds")
    @NotNull
    private Integer accessTokenValiditySeconds;
    @TableField("refreshTokenValiditySeconds")
    @NotNull
    private Integer refreshTokenValiditySeconds;
    @TableField("createTime")
    @NotNull
    private String createTime;
    @TableField("modifyTime")
    @NotNull
    private String modifyTime;



}

package com.pdl.domain;


import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;
import java.util.List;

/**
 * @author wangle
 * @date 2018/10/9  15:43
 *
 **/
@Data
@TableName("user")
public class User implements UserDetails {
    @TableId
    private String id;
    private String username;
    private String email;
    @TableField("isEnable")
    private Boolean isEnable;
    @TableField("isExpired")
    private Boolean isExpired;
    @TableField("isLocked")
    private Boolean isLocked;
    private String password;
    private String gender;

    @TableField(exist = false)
    private List<GrantedAuthority> authorities;

    @Override
    public List<? extends GrantedAuthority> getAuthorities() {
        return authorities;
    }

    @Override
    public String getPassword() {
        return password;
    }

    @Override
    public String getUsername() {
        return username;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return this.isLocked;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return this.isEnable;
    }
}

8.在service层新建UserService类

package com.pdl.service;

import com.pdl.dao.crm.UserMapper;
import com.pdl.domain.Client;
import com.pdl.domain.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import java.util.HashMap;
import java.util.List;
import java.util.Map;

@Service
public class UserService {

    @Autowired
    private UserMapper userMapper;

    public Map selectUser(){
        Map data = new HashMap();
        List<User> userList = userMapper.selectAllUser();
        data.put("recordList",userList);
        data.put("total",userList.size());
        return data;
    }



    public User selectUserByUsername(String username){
        User user = userMapper.selectUserByUserName(username);
        return user;
    }


    public Client selectClientByClientId(String clientId){
        Client client = userMapper.selectClientByClientId(clientId);
        return client;
    }

    public boolean addClient(Client client){
        boolean flag = false;
        int res = userMapper.insertClient(client);
        if(res==1){
            flag = true;
        }
        return flag;
    }



}

9.在controller层新建ClientController.java

package com.pdl.controller;

import com.pdl.domain.Client;
import com.pdl.security.response.BaseResponse;
import com.pdl.security.response.HttpResponse;
import com.pdl.service.UserService;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.validation.Valid;
import java.util.UUID;

@RestController
public class ClientController {

    @Autowired
    private UserService userService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @PostMapping("/register")
    public BaseResponse clientRegistered(@RequestBody @Valid Client client){
        client.setId(UUID.randomUUID().toString());
        client.setClientSecret(passwordEncoder.encode(client.getClientSecret()));
        boolean i = userService.addClient(client);
        return HttpResponse.baseResponse(200);
    }

}

10.配置application.yml文件

server:
  port: 8060
spring:
  datasource:
    druid:
      crm:
        #配置监控统计拦截的filters,去掉后监控界面SQL无法进行统计,'wall'用于防火墙
        filters: stat,wall
        driver-class-name:  com.mysql.jdbc.Driver
        url: jdbc:mysql://localhost:3306/pdl_oauth?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true&serverTimezone=GMT%2B8
        username: root
        password: 123456
        #初始化大小
        initial-size: 50
        #最小连接数
        min-idle: 50
        #最大连接数
        max-active: 200
        #获取连接等待超时时间
        max-wait: 60000
        #间隔多久才进行一次检测,检测需要关闭的空闲连接,单位毫秒
        time-between-eviction-runs-millis: 60000
        #一个连接在池中最小生存的时间,单位是毫秒
        min-evictable-idle-time-millis: 30000
        #测试语句是否执行正确
        validation-query: SELECT 'x'
        #指明连接是否被空闲连接回收器(如果有)进行检验.如果检测失败,则连接将被从池中去除.
        test-while-idle: true
        #借出连接时不要测试,否则很影响性能
        test-on-borrow: false
        test-on-return: false
        #打开PSCache,并指定每个连接上PSCache的大小。oracle设为true,mysql设为false。分库分表较多推荐设置为false
        pool-prepared-statements: false
        #与Oracle数据库PSCache有关,再druid下可以设置的比较高
        max-pool-prepared-statement-per-connection-size: 20
      #数据源2
      hr:
        filters: stat,wall
        driver-class-name: org.postgresql.Driver
        url: jdbc:postgresql://localhost:5432/pdl_hr?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true
        username: postgres
        password: 123456
        initial-size: 50
        min-idle: 50
        max-active: 200
        max-wait: 60000
        time-between-eviction-runs-millis: 60000
        min-evictable-idle-time-millis: 30000
        validation-query: SELECT 'x'
        test-while-idle: true
        test-on-borrow: false
        test-on-return: false
        pool-prepared-statements: false
        max-pool-prepared-statement-per-connection-size: 20
  redis:
    host: 127.0.0.1
    port: 6379
    jedis:
      pool:
        max-active: 8
        max-wait: -1s
        min-idle: 0
        max-idle: 8
  security:

到此为止我们的项目搭建工作已经完成

访问http://localhost:8060/oauth/authorize?response_type=code&client_id=lovar&redirect_uri=http://www.baidu.com&scope=all

输入账号:admin ,密码:123qwe,进行登录进入授权页面

授权完成后会获得授权码https://www.baidu.com/?code=OJN1hB

接下来在postman上进行操作

授权码的操作已完成,下面我们开始测试注册客户端,打开http://localhost:8060/swagger-ui.html

访问/register接口进行客户端注册

{
  "accessTokenValiditySeconds": 1800,
  "authorities": "ADMIN",
  "authorizedGrantTypes": "refresh_token,authorization_code",
  "clientId": "lovar",
  "clientSecret": "123456",
  "isAutoApprove": false,
  "isSecretRequired": true,
  "refreshTokenValiditySeconds": 3600,
  "registeredRedirectUri": "http://localhost:8060",
  "scope": "all",
  "scoped": true,
  "secretRequired": true,
  "createTime": "2019-02-18 00:12:10",
  "modifyTime": "2019-02-18 00:12:10",
  "resourceIds": "boot-server"
}

 

 

LOVAR
关注
  • 3
    点赞
  • 16
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
专栏目录
spring boot +spring Security+ jwt+oauth2.rar
06-13
下载可以直接运行。使用mysql保存数据。包括数据文件、测试过可以正常使用(API权限可控) 服务器端和客户端样例程序都有
一次排查springboot-oauth2与配置中心不兼容问题
qq_35721287的博客
03-23 1159
一次排查springboot-oauth2与配置中心不兼容问题问题描述问题排查试验解决问题总结 问题描述 1.当应用引入spring-security-oauth2-autoconfigure依赖,并把security.oauth2.client.client-id配置到配置中心,比如nacos或apollo等组件 2.启动应用时,oauth2特性无法使用例如统一登录等接口完全失效,无法登陆,而把clientid配置到本地的properties中时,oauth2正常 问题排查 1.首先我们来看一下oauth
SpringBoot集成OAuth2
最新发布
禅与计算机程序设计艺术
01-28 916
1.背景介绍 1. 背景介绍 OAuth2 是一种授权协议,允许用户授权第三方应用程序访问他们的资源。它是一种“授权”模式,而不是“认证”模式。OAuth2 的主要目的是允许用户授权第三方应用程序访问他们的资源,而不需要将他们的凭据(如用户名和密码)传递给第三方应用程序。 Spring Boot 是一个用于构建新 Spring 应用程序的开箱即用的 Spring 框架。它旨在简化开发人员的工...
Spring Security——org.springframework.security.oauth:spring-security-oauth2项目已过时解决方案
无限迭代中......
04-20 4191
问题描述 Maven <!--Spring Security--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-sec...
spring-security-oauth2-autoconfigure引入不生效报红的问题
京北游戏官方
01-08 9491
我的父pml文件中单独引入了springcloud的格林尼治版本 <dependency> <groupId>org.springframework.cloud</groupId> <artifactId>spring-cloud-dependencies</artifactId> <version>Greenwich.RELEASE<
Spring Boot2 使用 Spring Security + OAuth2 实现单点登录SSO
lovelichao12的专栏
03-25 9333
前言 目前系统都是比较流行的微服务架构,在企业发展初期,企业使用的系统很少,通常一个或者两个,每个系统都有自己的登录模块,使用人员每天用自己的账号登录,很方便。但随着企业的发展,用到的微服务系统随之增多,使用人员在操作不同的系统时,需要多次登录,而且每个系统的账号都不一样,都要记录,这对于使用人员来说,很不方便还不友好。于是,就想到是不是可以在一个统一登录门户平台登录,其他系统就不用登录了呢?这就是单点登录要解决的问题。 单点登录英文全称Single signOn,简称就是SSO。它的解释是:在多个应用.
如何在 Spring Boot 中使用 OAuth2
Java徐师兄的博客
06-26 5426
OAuth2 是一种流行的授权协议,用于授权第三方应用程序访问受保护的资源。OAuth2 协议定义了四种角色:资源所有者、客户端、授权服务器和资源服务器。资源所有者是资源的拥有者,客户端是请求访问资源的应用程序,授权服务器是授权客户端访问资源的服务器,资源服务器是托管受保护资源的服务器。客户端向授权服务器发送请求,请求授权访问某个资源。授权服务器向资源所有者询问是否授权客户端访问该资源。如果资源所有者授权客户端访问该资源,则授权服务器向客户端颁发访问令牌。
springboot+spring security +oauth2.0 demo搭建(password模式)(认证授权端与资源服务端分离的形式)...
weixin_33767813的博客
11-26 927
项目security_simple(认证授权项目) 1.新建springboot项目 这儿选择springboot版本我选择的是2.0.6 点击finish后完成项目的创建 2.引入maven依赖 下面是我引入的依赖 1 <?xml version="1.0" encoding="UTF-8"?> 2 <project xmlns...
6spring boot+security+oauth2 第三方登录1
08-08
1.理解OAuth 2.0http://www.ruanyifeng.com/blog/2014/05/oauth_2_0.html2.github第三方登录h
SpringCloud+SpringBoot+OAuth2+Spring Security+Redis实现的微服务统一认证授权.doc
04-01
SpringCloud+SpringBoot+OAuth2+Spring Security+Redis实现的微服务统一认证授权
company-structure-spring-security-oauth2-authorities:示例Spring Boot + Spring Security + OAuth2项目用于演示
05-26
示例Spring Boot + Hibernate + Spring Security + OAuth2项目用于演示。 入门 先决条件: Java 8 玛文 H2 / PostgreSQL 可以在两个配置文件之一中运行应用程序: 22 Postgres 取决于选择进行测试的数据库引擎...
spring-boot spring-security-oauth2 完整demo
11-22
spring-boot spring-security-oauth2 完整demo,可以使用微信的方式来获取token和查看资源,注意看代码中的备注
Spring Security 学习笔记(六)--OAuth2.0
SuperArc1999的博客
01-08 1703
6.1OAuth2.0介绍 OAuth(开放授权)是一个开放标准,允许用户授权第三方应用访问他们存储在另外的服务提供者上的信息。而不需要将用户名和密码提供给第三方应用或分享他们数据的所有内容。OAuth2.0是OAuth协议的延续版本,但不向后兼容OAuth1.0。即完全废止了OAuth1.0。很多大公司如Google,Yahoo,Microsoft等都提供了OAuth认证服务,这些足以证明OAuth标准逐渐成为开放资源授权的标准。 OAuth2.0已被广泛应用。 下面是OAuth2.0的认证流程
Spring Security OAuth 2.0
KingCruel的专栏
01-24 1058
OAuth 2.0 中的提供者角色实际上分为授权服务和资源服务,虽然它们有时驻留在同一个应用程序中,但使用 Spring Security OAuth,您可以选择将它们拆分为两个应用程序,也可以让多个资源服务共享授权服务。 令牌请求由 Spring MVC 控制器端点处理,对受保护资源的访问由标准 Spring Security 请求过滤器处理。为了实现 OAuth 2.0 授权服务器,Spring Security 过滤器链中需要以下端点: AuthorizationEndpoint用于服务授权请求。默认
Spring BootSpring SecurityOauth2实现的权限控制和认证服务
https://gitee.com/micai-code
02-16 2994
新一代基于Spring BootSpring SecurityOauth2等实现的权限控制和认证服务、支持第三方oauth授权和获取资源信息功能等、详情请点击下面的项目地址查看,欢迎大家使用体验,觉得不错的给个star,谢谢
芋道 Spring Security OAuth2 入门
竹林幽深
03-24 2985
芋道 Spring Security OAuth2 入门 总阅读量:28123次 《Dubbo 实现原理与源码解析 —— 精品合集》 《Netty 实现原理与源码解析 —— 精品合集》 《Spring 实现原理与源码解析 —— 精品合集》 《MyBatis 实现原理与源码解析 —— 精品合集》 《Spring MVC 实现原理与源码解析 —— 精品合集》 《数据库实体设计合集》 《Spring Boot 实现原理与源码解析 —— 精品合集》 《Java 面试题 .
java oauth2 例子_使用SpringSecurityOAuth2默认实现OAuth2授权示例
weixin_39732991的博客
02-25 265
本文记录一下使用SpringSecurityOAuth2实现授权的步骤。1、相关知识2、构建项目本文使用的springboot版本是2.0.4.RELEASE,不同版本可能会有所区别。下面是主要的配置文件和类:1)pom依赖org.springframework.bootspring-boot-starter-securityorg.springframework.security.oauth.b...
Spring Security 0auth2 认证服务器和资源服务器实现
MrLee的博客
02-07 1763
【代码】Spring Security 0auth2 认证服务器和资源服务器实现。
搭建Spring Security OAuth2 Demo(授权码模式)
qq_31516543的博客
09-17 842
文章目录 前言 一、pandas是什么? 二、使用步骤 1.引入库 2.读入数据 总结 前言 搭建Spring Security OAuth2授权码模式demo,一方面在慢慢完善该文过程中做一个系统的总结,一方面做一个知识输出。 一、授权服务器搭建 主要依赖 <dependency> <groupId>org.springframework.boot</groupId> <artifactId&gt...
Springboot+SpringSecurity+oauth2+Jwt
05-16
Spring Boot应用程序中,可以使用Spring SecurityOAuth2来实现基于JWT的身份认证和授权。具体步骤如下: 1. 集成Spring SecurityOAuth2依赖。 2. 配置Spring SecurityOAuth2。 3. 实现自定义的...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值