springboot oauth 鉴权之——password、authorization_code鉴权
生活随笔
收集整理的這篇文章主要介紹了
springboot oauth 鉴权之——password、authorization_code鉴权
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
參考一下兩個案例:https://www.cnblogs.com/haoliyou/p/9606018.html
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ??https://www.cnblogs.com/haoliyou/p/9606036.html
.authorizedGrantTypes("authorization_code", "password", "refresh_token")//授權碼模式和password模式
package com.auth.server.config;import javax.sql.DataSource;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;/*** 授權配置* @author wb0024**/ @Configuration @EnableAuthorizationServer public class ServerConfig extends AuthorizationServerConfigurerAdapter {@Autowiredprivate AuthenticationManager authenticationManager;@Qualifier("myUserDetailsService")@Autowiredprivate UserDetailsService userDetailsService;// @Autowired // @Qualifier("dataSource") // private DataSource dataSource;@Overridepublic void configure(AuthorizationServerSecurityConfigurer security) throws Exception {// 配置token獲取和驗證時的策略security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");}@Overridepublic void configure(ClientDetailsServiceConfigurer clients) throws Exception {clients.inMemory().withClient("client")// secret密碼配置從 Spring Security 5.0開始必須以 {加密方式}+加密后的密碼 這種格式填寫/* * 當前版本5新增支持加密方式:* bcrypt - BCryptPasswordEncoder (Also used for encoding)* ldap - LdapShaPasswordEncoder* MD4 - Md4PasswordEncoder* MD5 - new MessageDigestPasswordEncoder("MD5")* noop - NoOpPasswordEncoder* pbkdf2 - Pbkdf2PasswordEncoder* scrypt - SCryptPasswordEncoder* SHA-1 - new MessageDigestPasswordEncoder("SHA-1")* SHA-256 - new MessageDigestPasswordEncoder("SHA-256")* sha256 - StandardPasswordEncoder*/.secret("{noop}secret").scopes("all").authorizedGrantTypes("authorization_code", "password", "refresh_token")//授權碼模式和password模式.autoApprove(true);}@Overridepublic void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // // 配置tokenStore,保存到redis緩存中 // endpoints.authenticationManager(authenticationManager) // .tokenStore(new MyRedisTokenStore(redisConnectionFactory)) // // 不添加userDetailsService,刷新access_token時會報錯 // .userDetailsService(userDetailsService);// 使用最基本的InMemoryTokenStore生成tokenendpoints.authenticationManager(authenticationManager).tokenStore(memoryTokenStore());}// 使用最基本的InMemoryTokenStore生成token@Beanpublic TokenStore memoryTokenStore() {return new InMemoryTokenStore();} }
轉載于:https://www.cnblogs.com/haoliyou/p/9606055.html
總結
以上是生活随笔為你收集整理的springboot oauth 鉴权之——password、authorization_code鉴权的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: shell 密码输入不显示,Shell输
- 下一篇: ANOI 2009 【同类分布】