springboot oauth 鉴权之——password、authorization_code鉴权
生活随笔
收集整理的这篇文章主要介绍了
springboot oauth 鉴权之——password、authorization_code鉴权
小编觉得挺不错的,现在分享给大家,帮大家做个参考.
参考一下两个案例:https://www.cnblogs.com/haoliyou/p/9606018.html
https://www.cnblogs.com/haoliyou/p/9606036.html
.authorizedGrantTypes("authorization_code", "password", "refresh_token")//授权码模式和password模式
package com.auth.server.config;import javax.sql.DataSource;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;/*** 授权配置* @author wb0024**/ @Configuration @EnableAuthorizationServer public class ServerConfig extends AuthorizationServerConfigurerAdapter {@Autowiredprivate AuthenticationManager authenticationManager;@Qualifier("myUserDetailsService")@Autowiredprivate UserDetailsService userDetailsService;// @Autowired // @Qualifier("dataSource") // private DataSource dataSource;@Overridepublic void configure(AuthorizationServerSecurityConfigurer security) throws Exception {// 配置token获取和验证时的策略security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");}@Overridepublic void configure(ClientDetailsServiceConfigurer clients) throws Exception {clients.inMemory().withClient("client")// secret密码配置从 Spring Security 5.0开始必须以 {加密方式}+加密后的密码 这种格式填写/* * 当前版本5新增支持加密方式:* bcrypt - BCryptPasswordEncoder (Also used for encoding)* ldap - LdapShaPasswordEncoder* MD4 - Md4PasswordEncoder* MD5 - new MessageDigestPasswordEncoder("MD5")* noop - NoOpPasswordEncoder* pbkdf2 - Pbkdf2PasswordEncoder* scrypt - SCryptPasswordEncoder* SHA-1 - new MessageDigestPasswordEncoder("SHA-1")* SHA-256 - new MessageDigestPasswordEncoder("SHA-256")* sha256 - StandardPasswordEncoder*/.secret("{noop}secret").scopes("all").authorizedGrantTypes("authorization_code", "password", "refresh_token")//授权码模式和password模式.autoApprove(true);}@Overridepublic void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // // 配置tokenStore,保存到redis缓存中 // endpoints.authenticationManager(authenticationManager) // .tokenStore(new MyRedisTokenStore(redisConnectionFactory)) // // 不添加userDetailsService,刷新access_token时会报错 // .userDetailsService(userDetailsService);// 使用最基本的InMemoryTokenStore生成tokenendpoints.authenticationManager(authenticationManager).tokenStore(memoryTokenStore());}// 使用最基本的InMemoryTokenStore生成token@Beanpublic TokenStore memoryTokenStore() {return new InMemoryTokenStore();} }
转载于:https://www.cnblogs.com/haoliyou/p/9606055.html
总结
以上是生活随笔为你收集整理的springboot oauth 鉴权之——password、authorization_code鉴权的全部内容,希望文章能够帮你解决所遇到的问题。
- 上一篇: shell 密码输入不显示,Shell输
- 下一篇: ANOI 2009 【同类分布】