Spring security Spring Security oauth2创建自定义oauth_客户端_详细信息表
我想在我的SpringREST应用程序中实现oauth2。首先,我实现了我的自定义身份验证和userdetails(使用我自己的角色和权限)。这在基本身份验证中可以正常工作 表: 用户: 用户id、姓名、电子邮件、密码(散列)、活动 角色: 角色\u id,角色 用户到角色(将用户与其角色连接): 角色id、用户id 现在,我正在尝试实现oauth2 我的资源服务器类看起来:Spring security Spring Security oauth2创建自定义oauth_客户端_详细信息表,spring-security,oauth-2.0,userdetailsservice,Spring Security,Oauth 2.0,Userdetailsservice,我想在我的SpringREST应用程序中实现oauth2。首先,我实现了我的自定义身份验证和userdetails(使用我自己的角色和权限)。这在基本身份验证中可以正常工作 表: 用户: 用户id、姓名、电子邮件、密码(散列)、活动 角色: 角色\u id,角色 用户到角色(将用户与其角色连接): 角色id、用户id 现在,我正在尝试实现oauth2 我的资源服务器类看起来: @Configuration @EnableResourceServer public class ResourceSe
@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
private static final String RESOURCE_ID = "my_rest_api";
@Override
public void configure(ResourceServerSecurityConfigurer resources) {
resources.resourceId(RESOURCE_ID).stateless(false);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.anonymous().disable()
.cors().and()
.csrf().disable()
.authorizeRequests().antMatchers("/" + Constants.VERSION + "/**").authenticated().and()
.httpBasic().and()
.headers().frameOptions().sameOrigin().and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and().exceptionHandling().accessDeniedHandler(new OAuth2AccessDeniedHandler());
}
}
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfiguration extends
AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private org.apache.tomcat.jdbc.pool.DataSource dataSource;
@Autowired
private ClientDetailsService clientDetailsService;
@Override
public void configure(
AuthorizationServerSecurityConfigurer oauthServer)
throws Exception {
oauthServer
.tokenKeyAccess("permitAll()")
.checkTokenAccess("isAuthenticated()")
.allowFormAuthenticationForClients();
}
@Override
public void configure(ClientDetailsServiceConfigurer clients)
throws Exception {
clients.jdbc(dataSource).clients(clientDetailsService);
}
@Override
public void configure(
AuthorizationServerEndpointsConfigurer endpoints)
throws Exception {
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager)
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
}
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
}
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private ClientDetailsService clientDetailsService;
private UserDetailsService userDetailsService;
private PasswordEncoder passwordEncoder;
@Autowired
public SecurityConfiguration(UserDetailsService userDetailsService,
PasswordEncoder passwordEncoder) {
this.userDetailsService = userDetailsService;
this.passwordEncoder = passwordEncoder;
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.anonymous().disable()
.authorizeRequests()
.antMatchers("/oauth/token").permitAll();
}
@Bean
@Autowired
public TokenStoreUserApprovalHandler userApprovalHandler(TokenStore tokenStore) {
TokenStoreUserApprovalHandler handler = new TokenStoreUserApprovalHandler();
handler.setTokenStore(tokenStore);
handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
handler.setClientDetailsService(clientDetailsService);
return handler;
}
@Bean
@Autowired
public ApprovalStore approvalStore(TokenStore tokenStore) throws Exception {
TokenApprovalStore store = new TokenApprovalStore();
store.setTokenStore(tokenStore);
return store;
}
}
谢谢大家:)。您可以通过实现ClientDetails服务和ClientDetails接口来实现这一点