1. 程式人生 > >SpringSecurityOAuth認證配置及Token的存儲

SpringSecurityOAuth認證配置及Token的存儲

extend not details 認證 test frame pass sta aid

⒈pom依賴

 1         <dependency>
 2             <groupId>org.springframework.boot</groupId>
 3             <artifactId>spring-boot-starter-security</artifactId>
 4         </dependency>
 5         <dependency>
 6             <groupId>org.springframework.boot</
groupId> 7 <artifactId>spring-boot-starter-data-redis</artifactId> 8 </dependency> 9 <dependency> 10 <groupId>org.springframework.boot</groupId> 11 <artifactId>spring-boot-starter-web</artifactId>
12 </dependency> 13 <dependency> 14 <groupId>org.springframework.security.oauth</groupId> 15 <artifactId>spring-security-oauth2</artifactId> 16 <version>2.3.5.RELEASE</version> 17 </dependency
> 18 <dependency> 19 <groupId>commons-collections</groupId> 20 <artifactId>commons-collections</artifactId> 21 <version>3.2.2</version> 22 </dependency> 23 <dependency> 24 <groupId>org.springframework.boot</groupId> 25 <artifactId>spring-boot-starter-test</artifactId> 26 <scope>test</scope> 27 </dependency> 28 <dependency> 29 <groupId>org.springframework.security</groupId> 30 <artifactId>spring-security-test</artifactId> 31 <scope>test</scope> 32 </dependency>

⒉OAuth配置

 1 package cn.coreqi.config;
 2 
 3 import org.springframework.beans.factory.annotation.Autowired;
 4 import org.springframework.beans.factory.annotation.Qualifier;
 5 import org.springframework.context.annotation.Bean;
 6 import org.springframework.context.annotation.Configuration;
 7 import org.springframework.data.redis.connection.RedisConnectionFactory;
 8 import org.springframework.security.authentication.AuthenticationManager;
 9 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
10 import org.springframework.security.core.userdetails.UserDetailsService;
11 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
12 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
13 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
14 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
15 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
16 import org.springframework.security.oauth2.provider.token.TokenStore;
17 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
18 
19 @Configuration
20 @EnableAuthorizationServer  //開啟認證服務器
21 public class CoreqiAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
22 
23     @Autowired
24     //@Qualifier("authenticationManagerBean")
25     private AuthenticationManager authenticationManager;
26 
27     @Autowired
28     private UserDetailsService userDetailsService;
29 
30     /**
31      * TokenStore   負責令牌的存取
32      * @param redisConnectionFactory
33      * @return
34      */
35     @Bean
36     public TokenStore redisTokenStore(RedisConnectionFactory redisConnectionFactory){
37         return new RedisTokenStore(redisConnectionFactory);
38     }
39 
40     @Autowired
41     private TokenStore redisTokenStore;
42 
43 //    @Autowired
44 //    private AuthenticationConfiguration authenticationConfiguration;
45 
46     /**
47      * 針對端點的配置
48      * @param authorizationServerEndpointsConfigurer
49      * @throws Exception
50      */
51     @Override
52     public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
53         //authorizationServerEndpointsConfigurer.authenticationManager(authenticationConfiguration.getAuthenticationManager());
54         authorizationServerEndpointsConfigurer.tokenStore(redisTokenStore)  //將Token存放到Redis中
55                                             .authenticationManager(authenticationManager)
56                                             .userDetailsService(userDetailsService);
57     }
58 
59     /**
60      * 第三方應用客戶端的有關配置
61      * @param clientDetailsServiceConfigurer
62      * @throws Exception
63      */
64     @Override
65     public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
66         clientDetailsServiceConfigurer.inMemory()
67                 .withClient("coreqi")   //client_id
68                 .secret("coreqiSecret") //client_id的密碼
69                 .accessTokenValiditySeconds(7200) //令牌的有效時間(單位秒)
70                 .redirectUris("https://www.baidu.com")
71                 .scopes("all","read","write")  //所支持的權限有那些
72                 .authorities("COREQI_READ")
73                 .authorizedGrantTypes("authorization_code","password"); //針對當前client所支持的授權模式
74     }
75 
76     /**
77      * 針對安全性有關的配置
78      * @param security
79      * @throws Exception
80      */
81     @Override
82     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
83         super.configure(security);
84     }
85 }

SpringSecurityOAuth認證配置及Token的存儲