大佬教程收集整理的这篇文章主要介绍了Spring Boot + Oauth2客户端凭据,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
我们有受Oauth2客户端凭据方案保护的REST服务。资源和授权服务在同一应用程序中运行,但可以拆分为不同的应用程序。
@Configuration
public class SecurityConfig {
@Configuration
@EnableresourceServer
protected static class resourceServer extends resourceServerConfigurerAdapter {
// IDentifIEs this resource server. Usefull if the AuthorisationServer authorises multiple resource servers
private static final String resource_id = "*****";
@resource(name = "OAuth")
@autowired
Datasource datasource;
@OverrIDe
public voID configure(httpSecurity http) throws Exception {
// @formatter:off
http
.authorizerequests().anyrequest().authenticated();
// @formatter:on
}
@OverrIDe
public voID configure(resourceServerSecurityConfigurer resources) throws Exception {
resources.resourcEID(resource_id);
resources.tokenStore(tokenStore());
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(datasourcE);
}
}
@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
@resource(name = "OAuth")
@autowired
Datasource datasource;
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(datasourcE);
}
@OverrIDe
public voID configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(tokenStore());
}
@OverrIDe
public voID configure(ClIEntDetailsserviceConfigurer clIEnts) throws Exception {
clIEnts.jdbc(datasourcE);
}
}
}
Oauth2表的数据源配置:
@Bean(name = "OAuth")
@ConfigurationPropertIEs(prefix="datasource.oauth")
public Datasource secondaryDatasource() {
return DatasourceBuilder.create().build();
}
与身份验证和资源服务器通信如下
curl -H "Accept: application/Json" user:password@localhost:8080/oauth/token -d grant_type=clIEnt_credentials
curl -H "Authorization: Bearer token" localhost:8080/...
Oauth2数据库中存在以下记录:
clIEnt_ID resource_ids clIEnt_secret scope authorized_grant_types web_server_redirect_uri authoritIEs access_token_valIDity refresh_token_valIDity additional_information autoapprove
user **** password NulL clIEnt_credentials NulL X NulL NulL NulL NulL
客户端应用程序中的Resttemplate配置
@Configuration
@EnabLeoauth2client
public class OAuthConfig {
@Value("${oauth2clientID}")
private String oauth2clientID;
@Value("${oauth2clientSecret}")
private String oauth2clientSecret;
@Value("${Oauth2AccesTokenUri}")
private String accesstokenUri;
@Bean
public RestTemplate oAuthRestTemplate() {
ClIEntCredentialsresourceDetails resourceDetails = new ClIEntCredentialsresourceDetails();
resourceDetails.setID("1");
resourceDetails.setClIEntID(oauth2clientID);
resourceDetails.setClIEntSecret(oauth2clientSecret);
resourceDetails.setAccesstokenUri(accesstokenUri);
/*
When using @EnabLeoauth2client spring creates a oauth2clientContext for us:
"The oauth2clientContext is placed (for you) in session scope to keep the state for different users separate.
Without that you would have to manage the equivalent data structure yourself on the server,
mapPing incoming requests to users, and associaTing each user with a separate instance of the oauth2clientContext."
(http://projects.spring.io/spring-security-oauth/docs/oauth2.HTML#clIEnt-configuration)
Internally the SessionScope works with a threadlocal to store variables, hence a new thread cAnnot access those.
Therefore we can not use @Async
Solution: create a new oauth2clientContext that has no scope.
*Note: this is only safe when using clIEnt_credentials as OAuth grant type!
*/
// oauth2resttemplate restTemplate = new oauth2resttemplate(resourceDetails, oauth2clientContext);
oauth2resttemplate restTemplate = new oauth2resttemplate(resourceDetails, new Defaultoauth2clientContext());
return restTemplate;
}
}
您可以注入restTemplate以(异步)与Oauth2安全服务进行通信。我们目前不使用范围。
以上是大佬教程为你收集整理的Spring Boot + Oauth2客户端凭据全部内容,希望文章能够帮你解决Spring Boot + Oauth2客户端凭据所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。