Fatal编程技术网
  • spring-security/
  • Spring security 具有spring安全性的多个oauth2提供程序

Spring security 具有spring安全性的多个oauth2提供程序

spring-security oauth-2.0 yaml

Spring security 具有spring安全性的多个oauth2提供程序,spring-security,oauth-2.0,yaml,Spring Security,Oauth 2.0,Yaml,我有一个移动客户端和一个浏览器客户端,我正在使用oauth2。 如何在yaml文件中的oauth szenario中定义多个提供者 例如,oauth2-1 oauth2-2 security: user: password: none oauth2: client: accessTokenUri: http://localhost:9999/uaa/oauth/token userAuthorizationUri: http://localhost

我有一个移动客户端和一个浏览器客户端,我正在使用oauth2。 如何在yaml文件中的oauth szenario中定义多个提供者

例如,oauth2-1 oauth2-2

security:
  user:
    password: none
  oauth2:
    client:
      accessTokenUri: http://localhost:9999/uaa/oauth/token
      userAuthorizationUri: http://localhost:9999/uaa/oauth/authorize
      tokenName: oauth_token
      clientId: acme
      clientSecret: acmesecret
代码如下所示:

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        String clientId = authProperties.getSecurity().getAuthentication().getOauth().getClientid();

        // @formatter:off
        clients.inMemory()
               .withClient(clientId).scopes("read", "write")
               .autoApprove(true)
               .authorities(AuthoritiesConstants.ADMIN, AuthoritiesConstants.USER)
               .authorizedGrantTypes("password", "refresh_token", "authorization_code", "implicit", "client_credentials")
               .secret(authProperties.getSecurity().getAuthentication().getOauth().getSecret())
               .accessTokenValiditySeconds(authProperties.getSecurity().getAuthentication().getOauth().getTokenValidityInSeconds())

               .and()
                    .inMemory()
                    .withClient("readonlyClient")
                    .scopes("read")
                    .authorities(AuthoritiesConstants.ADMIN, AuthoritiesConstants.USER)
                    .authorizedGrantTypes("password", "refresh_token", "authorization_code", "implicit",
                       "client_credentials")
                    .secret(authProperties.getSecurity().getAuthentication().getOauth().getSecret())
                    .accessTokenValiditySeconds(authProperties.getSecurity().getAuthentication().getOauth()
                                                              .getTokenValidityInSeconds())

               .and()
                    .inMemory()
                    .withClient("imp")
                    .authorizedGrantTypes("implicit")
                    .scopes("read", "write")
                    .authorities(AuthoritiesConstants.ADMIN, AuthoritiesConstants.USER)
                    .autoApprove(true)
                    .accessTokenValiditySeconds(authProperties.getSecurity().getAuthentication().getOauth()
                                                              .getTokenValidityInSeconds()); 
         // @formatter:on
    }