oauth2-令牌使用jwt字符串并且自定义Token数据

x33g5p2x  于2022-04-17 转载在 其他  
字(16.7k)|赞(0)|评价(0)|浏览(268)

1.项目结构图

2.建表语句

  1. DROP TABLE IF EXISTS `oauth_client_details`;
  2. CREATE TABLE `oauth_client_details`  (
  3.   `client_id` varchar(48) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
  4.   `resource_ids` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  5.   `client_secret` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  6.   `scope` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  7.   `authorized_grant_types` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  8.   `web_server_redirect_uri` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  9.   `authorities` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  10.   `access_token_validity` int(11) NULL DEFAULT NULL,
  11.   `refresh_token_validity` int(11) NULL DEFAULT NULL,
  12.   `additional_information` varchar(4096) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  13.   `autoapprove` varchar(256) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL,
  14.   PRIMARY KEY (`client_id`) USING BTREE
  15. ) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
  17. -- ----------------------------
  18. -- Records of oauth_client_details
  19. -- ----------------------------
  20. INSERT INTO `oauth_client_details` VALUES ('yl', 'res1', '$2a$10$O8G0X/sUPAA76MV7U3BwY.3Uo8/QMBcqK678Rwkoz.fowbce.CLtO', 'all', 'authorization_code,refresh_token,implicit,password,client_credentials', 'http://localhost:8082/01.html,http://localhost:8082/02.html', NULL, 7200, 7200, NULL, 'true');
  22. SET FOREIGN_KEY_CHECKS = 1;

3.授权服务器的搭建(auth-server)

1.pom.xml

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  3.          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
  4.     <modelVersion>4.0.0</modelVersion>
  5.     <parent>
  6.         <groupId>org.springframework.boot</groupId>
  7.         <artifactId>spring-boot-starter-parent</artifactId>
  8.         <version>2.2.5.RELEASE</version>
  9.         <relativePath/> <!-- lookup parent from repository -->
  10.     </parent>
  11.     <groupId>com.yl</groupId>
  12.     <artifactId>auth-server</artifactId>
  13.     <version>0.0.1-SNAPSHOT</version>
  14.     <name>auth-server</name>
  15.     <description>Demo project for Spring Boot</description>
  16.     <properties>
  17.         <java.version>11</java.version>
  18.     </properties>
  19.     <dependencies>
  20.         <dependency>
  21.             <groupId>org.springframework.boot</groupId>
  22.             <artifactId>spring-boot-starter-web</artifactId>
  23.         </dependency>
  24.         <dependency>
  25.             <groupId>org.springframework.boot</groupId>
  26.             <artifactId>spring-boot-starter-jdbc</artifactId>
  27.         </dependency>
  28.         <dependency>
  29.             <groupId>com.alibaba</groupId>
  30.             <artifactId>druid-spring-boot-starter</artifactId>
  31.             <version>1.1.10</version>
  32.         </dependency>
  33.         <dependency>
  34.             <groupId>mysql</groupId>
  35.             <artifactId>mysql-connector-java</artifactId>
  36.             <scope>runtime</scope>
  37.         </dependency>
  38.         <dependency>
  39.             <groupId>org.springframework.boot</groupId>
  40.             <artifactId>spring-boot-starter-data-redis</artifactId>
  41.         </dependency>
  42.         <dependency>
  43.             <groupId>org.springframework.cloud</groupId>
  44.             <artifactId>spring-cloud-security</artifactId>
  45.             <version>2.2.5.RELEASE</version>
  46.         </dependency>
  47.         <dependency>
  48.             <groupId>org.springframework.cloud</groupId>
  49.             <artifactId>spring-cloud-starter-oauth2</artifactId>
  50.             <version>2.2.5.RELEASE</version>
  51.         </dependency>
  53.         <dependency>
  54.             <groupId>org.springframework.boot</groupId>
  55.             <artifactId>spring-boot-starter-test</artifactId>
  56.             <scope>test</scope>
  57.         </dependency>
  59.     </dependencies>
  61.     <build>
  62.         <plugins>
  63.             <plugin>
  64.                 <groupId>org.springframework.boot</groupId>
  65.                 <artifactId>spring-boot-maven-plugin</artifactId>
  66.             </plugin>
  67.         </plugins>
  68.     </build>
  70. </project>

2.application.properties

  1. spring.datasource.url=jdbc:mysql://localhost:3306/demo?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai
  2. spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
  3. spring.datasource.driver-class-name = com.mysql.cj.jdbc.Driver
  4. spring.datasource.username=root
  5. spring.datasource.password=root
  6. spring.main.allow-bean-definition-overriding=true
  8. # redis的配置
  9. spring.redis.host=192.168.244.138
  10. spring.redis.port=6379
  11. spring.redis.password=root123
  12. spring.redis.database=0

3.token的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.beans.factory.annotation.Autowired;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.data.redis.connection.RedisConnectionFactory;
  7. import org.springframework.security.oauth2.provider.token.TokenStore;
  8. import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
  9. import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
  10. import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
  11. import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
  13. @Configuration
  14. public class AccessTokenConfig {
  16.     // 服务端不需要保存jwt的字符串
  17.     @Bean
  18.     TokenStore tokenStore() {
  19.         return new JwtTokenStore(jwtAccessTokenConverter());
  20.     }
  22.     @Bean
  23.     JwtAccessTokenConverter jwtAccessTokenConverter() {
  24.         JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
  25.         converter.setSigningKey("tom");
  26.         return converter;
  27.     }
  28. }

4.security的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.context.annotation.Bean;
  4. import org.springframework.context.annotation.Configuration;
  5. import org.springframework.security.authentication.AuthenticationManager;
  6. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
  7. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  8. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  9. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  10. import org.springframework.security.crypto.password.PasswordEncoder;
  12. @Configuration
  13. public class SecurityConfig extends WebSecurityConfigurerAdapter {
  15.     @Bean
  16.     PasswordEncoder passwordEncoder() {
  17.         return new BCryptPasswordEncoder();
  18.     }
  20.     @Bean
  21.     @Override
  22.     public AuthenticationManager authenticationManagerBean() throws Exception {
  23.         return super.authenticationManagerBean();
  24.     }
  26.     @Override
  27.     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  28.         auth.inMemoryAuthentication()
  29.                 .withUser("admin")
  30.                 .password(passwordEncoder().encode("123"))
  31.                 .roles("admin")
  32.                 .and()
  33.                 .withUser("root")
  34.                 .password(passwordEncoder().encode("123"))
  35.                 .roles("root");
  36.     }
  38.     @Override
  39.     protected void configure(HttpSecurity http) throws Exception {
  40.         http.csrf().disable().formLogin();
  41.     }
  42. }

5.自定义token数据返回的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
  4. import org.springframework.security.oauth2.common.OAuth2AccessToken;
  5. import org.springframework.security.oauth2.provider.OAuth2Authentication;
  6. import org.springframework.security.oauth2.provider.token.TokenEnhancer;
  7. import org.springframework.stereotype.Component;
  9. import java.util.Map;
  11. @Component
  12. public class AdditionalInformation implements TokenEnhancer {
  13.     @Override
  14.     public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
  15.         Map<String, Object> map = oAuth2AccessToken.getAdditionalInformation();
  16.         map.put("msg","hello oauth2");
  17.         map.put("网站","www.baidu.com");
  18.         map.put("微信","66");
  19.         ((DefaultOAuth2AccessToken)oAuth2AccessToken).setAdditionalInformation(map);
  20.         return oAuth2AccessToken;
  21.     }
  22. }

6.授权服务器的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.beans.factory.annotation.Autowired;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.security.authentication.AuthenticationManager;
  7. import org.springframework.security.crypto.password.PasswordEncoder;
  8. import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
  9. import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
  10. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
  11. import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
  12. import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
  13. import org.springframework.security.oauth2.provider.ClientDetailsService;
  14. import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
  15. import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
  16. import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
  17. import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
  18. import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
  19. import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
  20. import org.springframework.security.oauth2.provider.token.TokenStore;
  21. import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
  23. import javax.sql.DataSource;
  24. import java.util.Arrays;
  26. //配置授权服务器
  27. @Configuration
  28. @EnableAuthorizationServer
  29. public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
  30.     @Autowired
  31.     TokenStore tokenStore;
  32.     // 客户端信息
  33. //    @Autowired
  34. //    ClientDetailsService clientDetailsService;
  35.     @Autowired
  36.     PasswordEncoder passwordEncoder;
  37.     @Autowired
  38.     JwtAccessTokenConverter jwtAccessTokenConverter;
  39.     @Autowired
  40.     AdditionalInformation additionalInformation;
  41.     @Autowired
  42.     AuthenticationManager authenticationManager;
  43.     @Autowired
  44.     DataSource dataSource;
  46.     @Bean
  47.     ClientDetailsService clientDetailsService() {
  48.         return new JdbcClientDetailsService(dataSource);
  49.     }
  51.     //配置Token服务
  52.     AuthorizationServerTokenServices authorizationServerTokenServices() {
  53.         DefaultTokenServices tokenServices = new DefaultTokenServices();
  54.         tokenServices.setClientDetailsService(clientDetailsService());
  55.         tokenServices.setSupportRefreshToken(true);
  56.         tokenServices.setAccessTokenValiditySeconds(60 * 60 * 2); //token有限期设置为2小时
  57.         tokenServices.setRefreshTokenValiditySeconds(60 * 60 * 24 * 7);
  58.         tokenServices.setTokenStore(tokenStore);
  59.         TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
  60.         tokenEnhancerChain.setTokenEnhancers(Arrays.asList(jwtAccessTokenConverter,additionalInformation));
  61.         tokenServices.setTokenEnhancer(tokenEnhancerChain);
  62.         return tokenServices;
  63.     }
  65.     //配置token
  66.     @Override
  67.     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
  68.         security.checkTokenAccess("permitAll()")// /oauth/check_token   带时候会调用这个请求来校验token
  69.                 .checkTokenAccess("isAuthenticated()")
  70.                 .allowFormAuthenticationForClients();
  72.     }
  74.     //配置客户端的信息(客户端信息存于内存)
  75. //    @Override
  76. //    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
  77. //        clients.inMemory()
  78. //                .withClient("yl") //客户端名
  79. //                .secret(passwordEncoder.encode("123")) //客户端密码
  80. //                .scopes("all")
  81. //                .resourceIds("res1") //资源id
  82. //                .authorizedGrantTypes("authorization_code","refresh_token","implicit","password","client_credentials")
  83. //                // authorization_code授权码模式,password密码模式,implicit简化模式,client_credentials客户端模式,可以设置同时支持多种模式
  84. //                .autoApprove(true) //自动授权
  85.                 .redirectUris("http://localhost:8082/index.html"); //授权码模式界面
  86.                 .redirectUris("http://localhost:8082/01.html");//简化模式界面
  87. //                .redirectUris("http://localhost:8082/02.html");//密码模式界面
  88. //    }
  90.     //配置客户端的信息(客户端信息存于数据库)
  91.     @Override
  92.     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
  93.        clients.withClientDetails(clientDetailsService());
  94.     }
  96.     //配置端点信息(主要获取授权码,要先拿到授权码,然后再根据授权码去获取token)
  97.     @Override
  98.     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
  99.         endpoints.authorizationCodeServices(authorizationCodeServices())
  100.                 .authenticationManager(authenticationManager)
  101.                 .tokenServices(authorizationServerTokenServices());
  102.     }
  104.     @Bean
  105.     AuthorizationCodeServices authorizationCodeServices() {
  106.         return new InMemoryAuthorizationCodeServices();
  107.     }
  108. }

4. 资源服务器的搭建(user-server)

1.pom.xml

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  3.          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
  4.     <modelVersion>4.0.0</modelVersion>
  5.     <parent>
  6.         <groupId>org.springframework.boot</groupId>
  7.         <artifactId>spring-boot-starter-parent</artifactId>
  8.         <version>2.2.5.RELEASE</version>
  9.         <relativePath/> <!-- lookup parent from repository -->
  10.     </parent>
  11.     <groupId>com.yl</groupId>
  12.     <artifactId>user-server</artifactId>
  13.     <version>0.0.1-SNAPSHOT</version>
  14.     <name>user-server</name>
  15.     <description>Demo project for Spring Boot</description>
  16.     <properties>
  17.         <java.version>11</java.version>
  18.     </properties>
  19.     <dependencies>
  20.         <dependency>
  21.             <groupId>org.springframework.boot</groupId>
  22.             <artifactId>spring-boot-starter-web</artifactId>
  23.         </dependency>
  24.         <dependency>
  25.             <groupId>org.springframework.cloud</groupId>
  26.             <artifactId>spring-cloud-security</artifactId>
  27.             <version>2.2.5.RELEASE</version>
  28.         </dependency>
  29.         <dependency>
  30.             <groupId>org.springframework.cloud</groupId>
  31.             <artifactId>spring-cloud-starter-oauth2</artifactId>
  32.             <version>2.2.5.RELEASE</version>
  33.         </dependency>
  34.         <dependency>
  35.             <groupId>org.springframework.boot</groupId>
  36.             <artifactId>spring-boot-starter-test</artifactId>
  37.             <scope>test</scope>
  38.         </dependency>
  39.     </dependencies>
  41.     <build>
  42.         <plugins>
  43.             <plugin>
  44.                 <groupId>org.springframework.boot</groupId>
  45.                 <artifactId>spring-boot-maven-plugin</artifactId>
  46.             </plugin>
  47.         </plugins>
  48.     </build>
  50. </project>

2.application.properties

  1. server.port=8081

3.contoller

  1. package com.yl.userserver.controller;
  3. import org.springframework.web.bind.annotation.CrossOrigin;
  4. import org.springframework.web.bind.annotation.GetMapping;
  5. import org.springframework.web.bind.annotation.RestController;
  7. @RestController
  8. @CrossOrigin(value = "*")
  9. public class HelloController {
  11.     @GetMapping("/hello")
  12.     public String hello() {
  13.         return "hello";
  14.     }
  16.     @GetMapping("/admin")
  17.     public String admin() {
  18.         return "hello admin";
  19.     }
  20. }

4.token的配置

  1. package com.yl.userserver.config;
  3. import org.springframework.context.annotation.Bean;
  4. import org.springframework.context.annotation.Configuration;
  5. import org.springframework.security.oauth2.provider.token.TokenStore;
  6. import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
  7. import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
  9. @Configuration
  10. public class AccessTokenConfig {
  12.     // 服务端不需要保存jwt的字符串
  13.     @Bean
  14.     TokenStore tokenStore() {
  15.         return new JwtTokenStore(jwtAccessTokenConverter());
  16.     }
  18.     @Bean
  19.     JwtAccessTokenConverter jwtAccessTokenConverter() {
  20.         JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
  21.         converter.setSigningKey("tom");
  22.         return converter;
  23.     }
  24. }

5.资源服务器的配置

  1. package com.yl.userserver.config;
  3. import org.springframework.beans.factory.annotation.Autowired;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  7. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
  8. import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
  9. import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
  10. import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
  11. import org.springframework.security.oauth2.provider.token.TokenStore;
  13. //配置资源服务器
  14. @Configuration
  15. @EnableResourceServer
  16. public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
  17.     @Autowired
  18.     TokenStore tokenStore;
  20.     @Override
  21.     public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
  22.         resources.resourceId("res1")
  23.                 .tokenStore(tokenStore)
  24.                 .stateless(true);
  26.     }
  28.     @Override
  29.     public void configure(HttpSecurity http) throws Exception {
  30.         http.authorizeRequests()
  31.                 .antMatchers("/admin/**")
  32.                 .hasRole("admin")
  33.                 .anyRequest().authenticated()
  34.                 .and().cors();
  35.     }
  36. }

5. 测试

1.启动redis
2.启动授权服务器和资源服务器
3.获取token

4.携带token访问资源服务器的hello接口

版权说明 : 本文为转载文章, 版权归原作者所有 版权申明

原文链接 : https://blog.csdn.net/weixin_41359273/article/details/124217210

内容来源于网络,如有侵权,请联系作者删除!

spring

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com