SpringSecurity+OAuth2.0整合简单案例(SpringBoot)(1)1 新建SpringBoot项⽬
新建SpringBoot项⽬后将l修改,版本号尽量⼀致,以免出现⼀些奇奇怪怪的bug
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="maven.apache/POM/4.0.0"xsi="www.w3/2001/XMLSchema-instance"
schemaLocation="maven.apache/POM/4.0.0 maven.apache/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.5.RELEASE</version>
<relativePath/>
</parent>
<groupId>com.study</groupId>
<artifactId>springcurityoauth2-demo</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>springcurityoauth2-demo</name>
<description>Demo project for Spring Boot</description>
<properties>
<java.version>1.8</java.version>
<spring-cloud.version>Greenwich.SR2</spring-cloud.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
陡直
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-curity</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
北京周边游
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
1.1 编写SpringSecurity的配置类SecurityConfig
package;
import Bean;
import Configuration;
import AuthenticationManager;
import HttpSecurity;
import WebSecurityConfigurerAdapter; import BCryptPasswordEncoder;
import PasswordEncoder;
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}怎样才能美白
@Override
protected void configure(HttpSecurity http)throws Exception {
http.csrf().disable()
.authorizeRequests()
.antMatchers("/oauth/**","/login/**","logout/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.permitAll();
}
}
1.2 编写授权服务器配置类AuthorizationServerConfig
该类需要继承AuthorizationServerConfigurerAdapter
@EnableAuthorizationServer注解不要忘了加
import UrService;
import Autowired;
import Configuration;
import AuthenticationManager;
import PasswordEncoder;
import ClientDetailsServiceConfigurer;
import AuthorizationServerConfigurerAdapter; import EnableAuthorizationServer;
import AuthorizationServerEndpointsConfigurer; /**
* 授权服务器配置
*/
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private PasswordEncoder passwordEncoder;
@Override
翕动的意思public void configure(ClientDetailsServiceConfigurer clients)throws Exception {
爱尔兰英语// inMemory() 只在内存中⽣效
clients.inMemory()
// 配置client-id
.withClient("admin")
/
事务性工作是什么意思/ 配置client-cret
.de("112233"))
// 配置访问token 的有效期
哺乳期能吃南瓜吗
// .accessTokenValiditySeconds(3600)
// 配置redirect_uri, ⽤于授权成功后跳转
.redirectUris("")
// 配置申请的权限范围
.scopes("all")
// authorization_code:授权码模式
// password:密码模式
.authorizedGrantTypes("authorization_code");
/
/ .authorizedGrantTypes("password");
}
}
1.3 编写资源服务器配置类ResourceServerConfig
该类需要继承ResourceServerConfigurerAdapter
@EnableResourceServer注解不要忘了加
import Configuration;
import HttpSecurity;
import EnableResourceServer;
import ResourceServerConfigurerAdapter;
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http)throws Exception {
http.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.requestMatchers()
.antMatchers("/ur/**");
}
}
1.4 SpringSecurity⽤于认证授权的接⼝UrDetailsService
1. 新建UrService,实现UrDetailsService接⼝
2. 因为该项⽬只是⽤于测试,所以没有写相关数据库查询的逻辑,只是把⽤户名和密码硬编码了。后期需要⽤的话只需要把硬编码修改
成从数据库中查询相关⽤户的权限即可
package;
import Ur;
import Autowired;
import GrantedAuthority;
import AuthorityUtils;
import UrDetails;
import UrDetailsService;
import UrnameNotFoundException;
import PasswordEncoder;
import Service;
import List;
@Service
public class UrService implements UrDetailsService {
@Autowired
private PasswordEncoder passwordEncoder;
@Override
public UrDetails loadUrByUrname(String urname)throws UrnameNotFoundException {
String password = de("123456");
List<GrantedAuthority> authorities = ateAuthorityList("admin");
return new Ur("admin", password, authorities);
}
}
1.5 Ur,UrController奇迹暖暖清秀佳人
1. Ur类需要实现UrDetails接⼝,然后可以⾃⼰添加⼀些需要的属性
2. UrController是⽤于测试的Controller
1.5.1 Ur
package;
import GrantedAuthority;
import UrDetails;
import Collection;
import List;
public class Ur implements UrDetails {
private String urname;
private String password;
private List<GrantedAuthority> authorities;
public Ur(String urname, String password, List<GrantedAuthority> authorities){ this.urname = urname;
this.password = password;
this.authorities = authorities;
}
@Override
public Collection<?extends GrantedAuthority>getAuthorities(){
return this.authorities;
}
@Override
public String getPassword(){
return this.password;
}
@Override
public String getUrname(){
return this.urname;
}
@Override
public boolean isAccountNonExpired(){
return true;
}
@Override
public boolean isAccountNonLocked(){
return true;
}
@Override
public boolean isCredentialsNonExpired(){
return true;
}
@Override
public boolean isEnabled(){
return true;
}
}
1.5.2 UrController
