Warning: file_get_contents(/data/phpspider/zhask/data//catemap/5/spring-mvc/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Spring boot 如何使用OAuth2.0(SpringCloud)保护我的SpringWeb应用程序_Spring Boot_Spring Mvc_Oauth 2.0_Spring Cloud_Spring Security Oauth2 - Fatal编程技术网
Fatal编程技术网
  • spring-boot/
  • Spring boot 如何使用OAuth2.0(SpringCloud)保护我的SpringWeb应用程序

Spring boot 如何使用OAuth2.0(SpringCloud)保护我的SpringWeb应用程序

spring-boot spring-mvc oauth-2.0 spring-cloud

Spring boot 如何使用OAuth2.0(SpringCloud)保护我的SpringWeb应用程序,spring-boot,spring-mvc,oauth-2.0,spring-cloud,spring-security-oauth2,Spring Boot,Spring Mvc,Oauth 2.0,Spring Cloud,Spring Security Oauth2,我正在用OAuth2创建一个POC spring web应用程序。我需要创建一个授权服务器和一个客户机兼资源服务器。我已经完成了授权服务器。现在我正在尝试构建一个基于百里香叶子的web(MVC)应用程序,它既是我的客户机,也是资源服务器。所以基本要求是如果我要求http://localhost:8080/createCustomer (返回模型和视图)第一次,它应该重定向到AS。用户以身份成功登录后,应重定向到http://localhost:8080/createCustomer 使用访问令牌

我正在用OAuth2创建一个POC spring web应用程序。我需要创建一个授权服务器和一个客户机兼资源服务器。我已经完成了授权服务器。现在我正在尝试构建一个基于百里香叶子的web(MVC)应用程序,它既是我的客户机,也是资源服务器。所以基本要求是如果我要求http://localhost:8080/createCustomer (返回模型和视图)第一次,它应该重定向到AS。用户以身份成功登录后,应重定向到http://localhost:8080/createCustomer 使用访问令牌(JWT)。在这个场景中,我不确定我需要使用哪些代码流以及需要进行哪些配置。再次确保这不是一个休息的终点。我的终点返回一个模型和视图,该模型和视图在Thymeleaf的帮助下加载到浏览器中

这些是我为客户机或资源服务器提供的一些配置文件

ResourceServerConfig  class file

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Bean
    public TokenStore jwtTokenStore() {
        return new JwtTokenStore(jwtAccessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter accessTokenConverter = new JwtAccessTokenConverter();

        accessTokenConverter.setSigningKey("developer1");
        accessTokenConverter.setVerifierKey("developer1");
        return accessTokenConverter;
    }

    @Autowired
    private TokenStore jwtTokenStore;

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources.tokenStore(jwtTokenStore);
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().antMatchers("/login").permitAll().and().authorizeRequests().anyRequest()
                .authenticated();
    }
}

Controller

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class CodeClientController {

    @Autowired
    HttpServletRequest request;

    @Autowired
    HttpServletResponse response;

    @GetMapping(value = "index")
    public ModelAndView index(ModelAndView model) {
        model.setViewName("index");
        return model;
    }

    @GetMapping(value = "createCustomer")
    public ModelAndView home(ModelAndView model) {
        model.setViewName("createCustomer");
        return model;
    }

}


properties.yml file

server:
  port: 8080

security:
  oauth2:
    client:
      client-id: client1
      client-secret: client1-secret
      user-authorization-uri: http://localhost:7070/oauth/authorize
      access-token-uri: http://localhost:7070/oauth/token
    resource:
      jwt:
        key-uri: http://localhost:7070/oauth/token_key
        key-value: developer1
    authorization:
      check-token-access: http://localhost:7070/oauth/check_token
logging:
  level:
    org:
      hibernate:
        type: trace
    org.springframework: DEBUG
    org.springframework.security.oauth2: DEBUG

and pom.xml 

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.2.3.RELEASE</version>
        <relativePath /> <!-- lookup parent from repository -->
    </parent>

    <modelVersion>4.0.0</modelVersion>
    <groupId>com.oauth2.client</groupId>
    <artifactId>oauth2-client</artifactId>
    <name>oauth2-client</name>

    <properties>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <maven.compiler.source>1.8</maven.compiler.source>
        <maven.compiler.target>1.8</maven.compiler.target>
        <spring-cloud.version>Greenwich.SR3</spring-cloud.version>
    </properties>

    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-starter-oauth2</artifactId>
        </dependency>

        <dependency>
            <groupId>io.jsonwebtoken</groupId>
            <artifactId>jjwt</artifactId>
            <version>0.9.1</version>
        </dependency>

        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>

        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <scope>provided</scope>
        </dependency>
    </dependencies>

    <dependencyManagement>
        <dependencies>
            <dependency>
                <groupId>org.springframework.cloud</groupId>
                <artifactId>spring-cloud-dependencies</artifactId>
                <version>${spring-cloud.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
            </plugin>
        </plugins>
    </build>
</project>



ResourceServerConfig类文件
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.context.annotation.Bean;
导入org.springframework.context.annotation.Configuration;
导入org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
导入org.springframework.security.config.annotation.web.builders.HttpSecurity;
导入org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
导入org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
导入org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigure;
导入org.springframework.security.oauth2.provider.token.TokenStore;
导入org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
导入org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
@配置
@EnableResourceServer
@EnableGlobalMethodSecurity(Prespenabled=true)
公共类ResourceServerConfig扩展了ResourceServerConfigurerAdapter{
@豆子
公共令牌库jwtTokenStore(){
返回新的JwtTokenStore(jwtAccessTokenConverter());
}
@豆子
公共JwtAccessTokenConverter JwtAccessTokenConverter(){
JwtAccessTokenConverter accessTokenConverter=新的JwtAccessTokenConverter();
accessTokenConverter.setSigningKey(“developer1”);
setVerifierKey(“developer1”);
返回转换器;
}
@自动连线
私有TokenStore jwtTokenStore;
@凌驾
public void configure(ResourceServerSecurityConfigure资源)引发异常{
tokenStore(jwtTokenStore);
}
@凌驾
public void configure(HttpSecurity http)引发异常{
http.authorizeRequests().antMatchers(“/login”).permitAll()和()
.authenticated();
}
}
控制器
导入javax.servlet.http.HttpServletRequest;
导入javax.servlet.http.HttpServletResponse;
导入org.springframework.beans.factory.annotation.Autowired;
导入org.springframework.stereotype.Controller;
导入org.springframework.web.bind.annotation.GetMapping;
导入org.springframework.web.servlet.ModelAndView;
@控制器
公共类CodeClientController{
@自动连线
HttpServletRequest请求;
@自动连线
HttpServletResponse;
@GetMapping(value=“index”)
公共模型和视图索引(模型和视图模型){
model.setViewName(“索引”);
收益模型;
}
@GetMapping(value=“createCustomer”)
公共模型和视图主视图(模型和视图模型){
model.setViewName(“createCustomer”);
收益模型;
}
}
properties.yml文件
服务器:
端口:8080
安全:
oauth2:
客户:
客户端id:client1
客户端机密:客户端1机密
用户授权uri:http://localhost:7070/oauth/authorize
访问令牌uri:http://localhost:7070/oauth/token
资源:
jwt:
密钥uri:http://localhost:7070/oauth/token_key
键值:developer1
授权:
检查令牌访问:http://localhost:7070/oauth/check_token
登录中:
级别:
组织:
冬眠:
类型:跟踪
org.springframework:DEBUG
org.springframework.security.oauth2:调试
和pom.xml
org.springframework.boot