特别注意,以下内容如果有疑问,可先学习前一章节:
SpringSecurity +oauth2自定义异常(三)
一 引入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
二 配置文件修改
redis:
port: 6379
host: 127.0.0.1
timeout: 3000
database: 1
password: 123456
三 修改AuthorizationServerConfig.java类
Autowired
private RedisConnectionFactory redisConnectionFactory;
@Bean
public TokenStore tokenStore() {
return new RedisTokenStore(redisConnectionFactory);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManagerBean) // 使用密码模式必须配置
.tokenStore(tokenStore())//配置存储令牌策略
.accessTokenConverter(jwtAccessTokenConverter)//使用jwt
.reuseRefreshTokens(false)//refresh_tokens是否重复使用
.userDetailsService(userDetailsService)//刷新令牌授权是否包含对用户信息的检查
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);//支持get和post请求
}
该类全部代码如下:
package com.yty.system.oauth.config.jwt;
import com.yty.system.oauth.config.OauthConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private JwtAccessTokenConverter jwtAccessTokenConverter;
@Autowired
private AuthenticationManager authenticationManagerBean;
@Autowired
private OauthConfig oauthConfig;
@Autowired
private RedisConnectionFactory redisConnectionFactory;
@Bean
public TokenStore tokenStore() {
return new RedisTokenStore(redisConnectionFactory);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManagerBean) // 使用密码模式必须配置
.tokenStore(tokenStore())//配置存储令牌策略
.accessTokenConverter(jwtAccessTokenConverter)//使用jwt
.reuseRefreshTokens(false)//refresh_tokens是否重复使用
.userDetailsService(userDetailsService)//刷新令牌授权是否包含对用户信息的检查
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);//支持get和post请求
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
//允许表单认证
security.allowFormAuthenticationForClients();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
//配置client_id
.withClient(oauthConfig.getClient())
//配置client‐secret
.secret(passwordEncoder.encode(oauthConfig.getSecret()))
//配置访问token的有效期
.accessTokenValiditySeconds(oauthConfig.getAccessTokenValiditySeconds())
//配置刷新token的有效期
.refreshTokenValiditySeconds(oauthConfig.getRefreshTokenValiditySeconds())
//配置申请的权限范围
.scopes("all")
//配置grant_type,表示授权类型
.authorizedGrantTypes("authorization_code", "password", "client_credentials", "refresh_token");
}
}
对此,集成完毕,测试:
去redis客户端查看存储值,如下:
说明已存储信息