spring oauth2 admin 401错误
spring-oauth2 admin 401错误
没有加@PreAuthorize("…")的默认需要全限
可能默认权限是 user 而不是 admin
生成RSA令牌demo
@Test
public void testCreateToken(){
ClassPathResource resource=new ClassPathResource("changgou68.jks");
KeyStoreKeyFactory keyStoreKeyFactory=new KeyStoreKeyFactory(resource,"changgou68".toCharArray());
KeyPair keyPair =keyStoreKeyFactory.getKeyPair("changgou","changgou68".toCharArray());
RSAPrivateKey privateKey =(RSAPrivateKey)keyPair.getPrivate();
Map<String,Object> payload=new HashMap<>();
payload.put("nikename","tomcat");
payload.put("address","sz");
payload.put("authorities",new String[]{"admin","oauth","user"});
Jwt jwt = JwtHelper.encode(JSON.toJSONString(payload), new RsaSigner(privateKey));
String token =jwt.getEncoded();
System.out.println(token);
}
令牌加入到header中(注意bearer的空格)
template.header("Authorization","bearer "+token);
生成RSA密钥
1、找个文件夹 ->cmd
keytool -genkeypair -alias changgou -keyalg RSA -keypass changgou -keystore changgou.jks -storepass changgou
2、导出public.key
keytool -list -keystore changgou.jks
3、公钥要在需要请求的微服务下
![微服务目录](https://img-blog.csdnimg.cn/1e9cc390c0bf4674b3d4b352d1b94668.png)
4、要有config
![微服务目录](https://img-blog.csdnimg.cn/aa631051a1b645e6be8d40d802234ce2.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dxbmR5X3lh,size_16,color_FFFFFF,t_70)
@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
private static final String PUBLIC_KEY = "public.key";
@Bean
public TokenStore tokenStore(JwtAccessTokenConverter jwtAccessTokenConverter) {
return new JwtTokenStore(jwtAccessTokenConverter);
}
@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
converter.setVerifierKey(getPubKey());
return converter;
}
private String getPubKey() {
Resource resource = new ClassPathResource(PUBLIC_KEY);
try {
InputStreamReader inputStreamReader = new InputStreamReader(resource.getInputStream());
BufferedReader br = new BufferedReader(inputStreamReader);
return br.lines().collect(Collectors.joining("\n"));
} catch (IOException ioe) {
return null;
}
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers(
"/user/add").
permitAll()
.anyRequest().
authenticated();
}
}