是金子在哪都会发光的——每个说这句话的人都误以为自己是金子。
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/spring-security-OAuth205.png
前言
在Spring Security源码分析十一:Spring Security OAuth2整合JWT中,我们使用Spring Boot 1.5.6.RELEASE版本整合Spring Security Oauth2实现了授权码模式、密码模式以及用户自定义登录返回token。但更新至Spring Boot 2.0.1.RELEASE版本时会出现一些小问题。在此,帮大家踩一下坑。关于OAuth2请参考理解OAuth 2.0
修改pom.xml
更新Spring Boot版本为Spring Boot 2.0.1.RELEASE
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.1.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
新增SecurityConfig配置
新增SecurityConfig用于暴露AuthenticationManager
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
AuthenticationManager manager = super.authenticationManagerBean();
return manager;
}
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
// .formLogin().and()
.httpBasic().and()
.csrf().disable();
}
}
修改MerryyouAuthorizationServerConfig
修改MerryyouAuthorizationServerConfig用于加密clientsecret和设置重定向地址
......
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
InMemoryClientDetailsServiceBuilder build = clients.inMemory();
if (ArrayUtils.isNotEmpty(oAuth2Properties.getClients())) {
for (OAuth2ClientProperties config : oAuth2Properties.getClients()) {
build.withClient(config.getClientId())
.secret(passwordEncoder.encode(config.getClientSecret()))
.accessTokenValiditySeconds(config.getAccessTokenValiditySeconds())
.refreshTokenValiditySeconds(60 * 60 * 24 * 15)
.authorizedGrantTypes("refresh_token", "password", "authorization_code")//OAuth2支持的验证模式
.redirectUris("http://www.merryyou.cn")
.scopes("all");
}
}
......
修改application.yml
由于在2.x版本中由于引入了不同的客户端,需要指定配置哪种连接池。
server:
port: 8888
redis:
host: localhost
port: 6379
jedis:
pool:
max-active: 8
max-wait: -1
min-idle: 0
max-idle: 8
logging:
level:
org.springframework: info
merryyou:
security:
oauth2:
storeType: redis #或者jwt
jwtSigningKey: merryyou
clients[0]:
clientId: merryyou
clientSecret: merryyou
clients[1]:
clientId: merryyou1
clientSecret: merryyou1
效果如下
授权码模式
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth202.gif
密码模式
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth203.gif
自定义登录
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth204.gif
刷新token
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/security/spring-security-oauth205.gif
代码下载
- github:springboot2.0-oauth2
- gitee:springboot2.0-oauth2
参考
- https://github.com/lexburner/oauth2-demo
- https://stackoverflow.com/questions/49122867/spring-boot-2-0-0-oauth2
- https://www.jianshu.com/p/be2c09cd27d8?utm_campaign=hugo&utm_medium=reader_share&utm_content=note&utm_source=weixin-friends
推荐文章
- Java创建区块链系列
- Spring Security源码分析系列
- Spring Data Jpa 系列
- 【译】数据结构中关于树的一切(java版)
- SpringBoot+Docker+Git+Jenkins实现简易的持续集成和持续部署
https://raw.githubusercontent.com/longfeizheng/longfeizheng.github.io/master/images/wechat/xiaochengxu.png
🙂🙂🙂关注微信小程序java架构师历程
上下班的路上无聊吗?还在看小说、新闻吗?不知道怎样提高自己的技术吗?来吧这里有你需要的java架构文章,1.5w+的java工程师都在看,你还在等什么?
网友评论