0. 前言

  之前帐号认证用过自己写的进行匹配,现在要学会使用标准了。准备了解和使用这个OAuth2.0协议。

1. 配置

1.1 配置pom.xml

  有些可能会用不到,我把我项目中用到的所有包都贴出来。

         <dependency>

             <groupId>org.springframework.boot</groupId>

             <artifactId>spring-boot-starter-data-redis</artifactId>

         </dependency>

         <dependency>

             <groupId>org.springframework.boot</groupId>

             <artifactId>spring-boot-starter-security</artifactId>

         </dependency>

         <dependency>

             <groupId>org.springframework.security.oauth</groupId>

             <artifactId>spring-security-oauth2</artifactId>

             <version>2.3.3.RELEASE</version>

         </dependency>

         <dependency>

             <groupId>org.springframework.boot</groupId>

             <artifactId>spring-boot-starter-web</artifactId>

         </dependency>

         <dependency>

             <groupId>org.mybatis.spring.boot</groupId>

             <artifactId>mybatis-spring-boot-starter</artifactId>

             <version>1.3.2</version>

         </dependency>

         <!-- https://mvnrepository.com/artifact/com.github.pagehelper/pagehelper-spring-boot-starter -->

         <dependency>

             <groupId>com.github.pagehelper</groupId>

             <artifactId>pagehelper-spring-boot-starter</artifactId>

             <version>1.2.5</version>

         </dependency>

         <dependency>

             <groupId>org.springframework.cloud</groupId>

             <artifactId>spring-cloud-starter-oauth2</artifactId>

         </dependency>

         <dependency>

             <groupId>org.springframework.cloud</groupId>

             <artifactId>spring-cloud-starter-security</artifactId>

         </dependency>

         <dependency>

             <groupId>org.springframework.boot</groupId>

             <artifactId>spring-boot-devtools</artifactId>

             <scope>runtime</scope>

         </dependency>

         <dependency>

             <groupId>org.postgresql</groupId>

             <artifactId>postgresql</artifactId>

             <scope>runtime</scope>

         </dependency>

         <dependency>

             <groupId>org.springframework.boot</groupId>

             <artifactId>spring-boot-starter-test</artifactId>

             <scope>test</scope>

         </dependency>

         <dependency>

             <groupId>org.springframework.security</groupId>

             <artifactId>spring-security-test</artifactId>

             <scope>test</scope>

         </dependency>

1.2 配置application.properties

 #server

 server.port=8080

 server.servlet.session.timeout=2520000

 #redis

 spring.redis.database=0

 spring.redis.host=172.16.23.203

 spring.redis.port=6379

 spring.redis.password=

 spring.redis.jedis.pool.max-active=8

 spring.redis.jedis.pool.max-wait=60

 spring.redis.jedis.pool.max-idle=8

 spring.redis.jedis.pool.min-idle=0

 spring.redis.timeout=10000

1.3 资源服务器配置

 /**

  * OAuth 资源服务器配置

  * @author

  * @date 2018-05-29

  */

 @Configuration

 @EnableResourceServer

 public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

     private static final String DEMO_RESOURCE_ID = "order";

     @Override

     public void configure(ResourceServerSecurityConfigurer resources) {

         resources.resourceId(DEMO_RESOURCE_ID).stateless(true);

     }

     @Override

     public void configure(HttpSecurity http) throws Exception {

         // Since we want the protected resources to be accessible in the UI as well we need

         // session creation to be allowed (it's disabled by default in 2.0.6)

         http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)

             .and()

             .requestMatchers().anyRequest()

             .and()

             .anonymous()

             .and()

             .authorizeRequests()

             .antMatchers("/order/**").authenticated();//配置order访问控制,必须认证过后才可以访问

     }

 }

1.4 授权服务器配置

 /**

  * OAuth 授权服务器配置

  * @author

  * @date 2018-05-29

  */

 @Configuration

 @EnableAuthorizationServer

 public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

     private static final String DEMO_RESOURCE_ID = "order";

     @Autowired

     AuthenticationManager authenticationManager;

     @Autowired

     RedisConnectionFactory redisConnectionFactory;

     @Override

     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

         String finalSecret = "{bcrypt}"+new BCryptPasswordEncoder().encode("123456");

         //配置两个客户端,一个用于password认证一个用于client认证

         clients.inMemory()

             .withClient("client_1")

             .resourceIds(DEMO_RESOURCE_ID)

             .authorizedGrantTypes("client_credentials", "refresh_token")

             .scopes("select")

             .authorities("oauth2")

             .secret(finalSecret)

             .and()

             .withClient("client_2")

             .resourceIds(DEMO_RESOURCE_ID)

             .authorizedGrantTypes("password", "refresh_token")

             .scopes("select")

             .authorities("oauth2")

             .secret(finalSecret);

     }

     @Override

     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

         endpoints

                 .tokenStore(new RedisTokenStore(redisConnectionFactory))

                 .authenticationManager(authenticationManager)

                 .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);

     }

     @Override

     public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {

         //允许表单认证

         oauthServer.allowFormAuthenticationForClients();

     }

 }

1.5 Spring Security配置

 /**

  * Spring-Security 配置<br>

  * 具体参考: https://github.com/lexburner/oauth2-demo

  * @author

  * @date 2018-05-28

  */

 @Configuration

 @EnableWebSecurity

 public class SecurityConfiguration extends WebSecurityConfigurerAdapter {

     @Bean

     @Override

     protected UserDetailsService userDetailsService(){

         InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();

         BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();

         String finalPassword = "{bcrypt}"+bCryptPasswordEncoder.encode("123456");

         manager.createUser(User.withUsername("user_1").password(finalPassword).authorities("USER").build());

         finalPassword = "{noop}123456";

         manager.createUser(User.withUsername("user_2").password(finalPassword).authorities("USER").build());

         return manager;

     }

     @Override

     protected void configure(HttpSecurity http) throws Exception {

         http

             .requestMatchers().anyRequest()

             .and()

                 .authorizeRequests()

                 .antMatchers("/oauth/*").permitAll();

     }

     /**

      * Spring Boot 2 配置,这里要bean 注入

      */

     @Bean

     @Override

     public AuthenticationManager authenticationManagerBean() throws Exception {

         AuthenticationManager manager = super.authenticationManagerBean();

         return manager;

     }

     @Bean

     PasswordEncoder passwordEncoder() {

         return PasswordEncoderFactories.createDelegatingPasswordEncoder();

     }

1.6 定义一个资源点

 @RestController

 @RequestMapping(value="/")

 public class TestController {

     @RequestMapping(value="order/demo")

     public YYModel getDemo() {

         Authentication auth = SecurityContextHolder.getContext().getAuthentication();

         System.out.println(auth);

         YYModel yy = new YYModel();

         yy.setYy("中文");

         yy.setZz(3);

         return yy;

     }

     @GetMapping("/test")

     public String getTest() {

         YYModel yy = new YYModel();

         yy.setYy("中文");

         yy.setZz(3);

         return yy.toJSONString();

     }

 }

2. 工具测试

  

  

  参考: http://blog.didispace.com/spring-security-oauth2-xjf-1/

Spring Boot 2.0 利用 Spring Security 实现简单的OAuth2.0认证方式1的更多相关文章

  1. Spring Boot 2.0 利用 Spring Security 实现简单的OAuth2.0认证方式2

    0.前言 经过前面一小节已经基本配置好了基于SpringBoot+SpringSecurity+OAuth2.0的环境.这一小节主要对一些写固定InMemory的User和Client进行扩展.实现动 ...

  2. Spring Boot 2(一):Spring Boot 2.0新特性

    Spring Boot 2(一):Spring Boot 2.0新特性 Spring Boot依赖于Spring,而Spring Cloud又依赖于Spring Boot,因此Spring Boot2 ...

  3. Spring Boot 多站点利用 Redis 实现 Session 共享

    如何在不同站点(web服务进程)之间共享会话 Session 呢,原理很简单,就是把这个 Session 独立存储在一个地方,所有的站点都从这个地方读取 Session. 通常我们使用 Redis 来 ...

  4. spring boot 是如何利用jackson进行序列化的?

    接上一篇:spring boot 是如何利用jackson进行反序列化的? @RestController public class HelloController { @RequestMapping ...

  5. spring boot rest 接口集成 spring security(2) - JWT配置

    Spring Boot 集成教程 Spring Boot 介绍 Spring Boot 开发环境搭建(Eclipse) Spring Boot Hello World (restful接口)例子 sp ...

  6. spring boot rest 接口集成 spring security(1) - 最简配置

    Spring Boot 集成教程 Spring Boot 介绍 Spring Boot 开发环境搭建(Eclipse) Spring Boot Hello World (restful接口)例子 sp ...

  7. Spring Boot配置篇(基于Spring Boot 2.0系列)

    1:概述 SpringBoot支持外部化配置,配置文件格式如下所示: properties files yaml files environment variables command-line ar ...

  8. (转)Spring Boot 2 (八):Spring Boot 集成 Memcached

    http://www.ityouknow.com/springboot/2018/09/01/spring-boot-memcached.html Memcached 介绍 Memcached 是一个 ...

  9. Spring Boot 2 (八):Spring Boot 集成 Memcached

    Spring Boot 2 (八):Spring Boot 集成 Memcached 一.Memcached 介绍 Memcached 是一个高性能的分布式内存对象缓存系统,用于动态Web应用以减轻数 ...

随机推荐

  1. Android开发之欢迎界面标准

    import java.util.ArrayList; import android.app.Activity; import android.content.SharedPreferences; i ...

  2. 如何通过Html网页调用本地安卓app?

    如何使用html网页和本地app进行传递数据呢?经过研究,发现还是有方法的,总结了一下,大致有一下几种方式 更新一下吧,这篇日志写于2013年11月,离现在已经很久了,依然很多朋友在查阅.目前应该有更 ...

  3. 用dockerfile构建基于centos系统的jar包的镜像

    实际示例: [root@master01 home-dataline]# ls dataline.jar Dockerfile jdk-8u181-linux-x64.tar.gz [root@mas ...

  4. usr/bin/X11各个程序中文详解

    X11程序 animate 输出图形结果 bitmap bmtoa bounce 输出X屏幕保存结果 display 浏览编辑image magick图像 editres 编辑X11资源 flsfon ...

  5. 【LeetCode】216. Combination Sum III

    Combination Sum III Find all possible combinations of k numbers that add up to a number n, given tha ...

  6. sql server 删除所有表、视图、存储过程

    如果由于外键约束删除table失败,则先删除所有约束:   --/第1步**********删除所有表的外键约束*************************/   DECLARE c1 curs ...

  7. 【MySQL】MySQL解析用户权限管理

    一.MySQL权限简介 关于mysql的权限简单的理解就是mysql允许你做你全力以内的事情,不可以越界.比如只允许你执行select操作,那么你就不能执行update操作.只允许你从某台机器上连接m ...

  8. iOS 不支持 PWA,那又怎么样?

    原文链接http://www.zcfy.cc/article/ios-doesn-8217-t-support-progressive-web-apps-so-what-cloud-four-3400 ...

  9. java可视化编程-eclipse安装windowbuilder插件(转载)

    原文地址:http://blog.csdn.net/jason0539/article/details/21219043 一直做在安卓用xml作界面,对于java的控件不熟悉,也不习惯用代码做UI尤其 ...

  10. Html中 <tr> 标签的隐藏与显示

    TR标签的隐藏与显示:block(显示)和none(隐藏) <tr  style="display:none"> <tr id="sample" ...