Spring Security OAuth2

package ;

import ;

import .;

import ;

@Configuration

@EnableAuthorizationServer

class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

//SpringSecurity 用户自定义授权认证类

@Autowired

UserDetailsService userDetailsService;

//授权认证管理器

@Autowired

AuthenticationManager authenticationManager;

//令牌持久化存储接口

@Autowired

TokenStore tokenStore;

    //数据源，用于从数据库获取数据进行认证操作，测试可以从内存中获取

@Autowired

private DataSource dataSource;

//jwt令牌转换器

@Autowired

private JwtAccessTokenConverter jwtAccessTokenConverter;

@Autowired

private CustomUserAuthenticationConverter customUserAuthenticationConverter;

@Resource(name = "keyProp")

private KeyProperties keyProperties;

/***

* 客户端信息配置

* @param clients

* @throws Exception

@Override

    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

(dataSource).clients(this.clientDetails());

// ()

// .withClient("changgou") //客户端id

// .secret("changgou") //秘钥

// .redirectUris("http://localhost") //重定向地址

//                .accessTokenValiditySeconds(3600)          //访问令牌有效期

//                .refreshTokenValiditySeconds(3600)         //刷新令牌有效期

// .authorizedGrantTypes(

//                        "authorization_code",          //根据授权码生成令牌

// "client_credentials", //客户端认证

// "refresh_token", //刷新令牌

// "password") //密码方式认证

//                .scopes("app");                         //客户端范围，名称自定义，必填

}

/***

* 授权服务器端点配置

* @param endpoints

* @throws Exception

@Override

    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

(jwtAccessTokenConverter)

.authenticationManager(authenticationManager)//认证管理器

.tokenStore(tokenStore) //令牌存储

.userDetailsService(userDetailsService); //用户信息service

}

/***

* 授权服务器的安全配置

* @param oauthServer

* @throws Exception

@Override

    public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {

()

.passwordEncoder(new BCryptPasswordEncoder())

.tokenKeyAccess("permitAll()")

.checkTokenAccess("isAuthenticated()");

}

//读取密钥的配置

@Bean("keyProp")

    public KeyProperties keyProperties() {

        return new KeyProperties();

}

//客户端配置

@Bean

    public ClientDetailsService clientDetails() {

        return new JdbcClientDetailsService(dataSource);

}

@Bean

@Autowired

    public TokenStore tokenStore(JwtAccessTokenConverter jwtAccessTokenConverter) {

        return new JwtTokenStore(jwtAccessTokenConverter);

}

/****

* JWT令牌转换器

* @param customUserAuthenticationConverter

* @return

@Bean

    public JwtAccessTokenConverter jwtAccessTokenConverter(CustomUserAuthenticationConverter customUserAuthenticationConverter) {

        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();

        KeyPair keyPair = new KeyStoreKeyFactory(

().getLocation(), //证书路径

().getSecret().toCharArray()) //证书秘钥 changgouapp

.getKeyPair(

().getAlias(), //证书别名 changgou

().getPassword().toCharArray()); //证书密码 changgou

(keyPair);

//配置自定义的CustomUserAuthenticationConverter

        DefaultAccessTokenConverter accessTokenConverter = (DefaultAccessTokenConverter) ();

(customUserAuthenticationConverter);

return converter;

}

秒客网

Spring Security OAuth2

相关文章