oauth2-自定义jwt数据

x33g5p2x  于2022-04-19 转载在 其他  
字(11.9k)|赞(0)|评价(0)|浏览(284)

1.pom.xml

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  3.          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
  4.     <modelVersion>4.0.0</modelVersion>
  5.     <parent>
  6.         <groupId>org.springframework.boot</groupId>
  7.         <artifactId>spring-boot-starter-parent</artifactId>
  8.         <version>2.2.5.RELEASE</version>
  9.         <relativePath/> <!-- lookup parent from repository -->
  10.     </parent>
  11.     <groupId>com.yl</groupId>
  12.     <artifactId>auth-server</artifactId>
  13.     <version>0.0.1-SNAPSHOT</version>
  14.     <name>auth-server</name>
  15.     <description>Demo project for Spring Boot</description>
  16.     <properties>
  17.         <java.version>11</java.version>
  18.     </properties>
  19.     <dependencies>
  20.         <dependency>
  21.             <groupId>org.springframework.boot</groupId>
  22.             <artifactId>spring-boot-starter-web</artifactId>
  23.         </dependency>
  24.         <dependency>
  25.             <groupId>org.springframework.boot</groupId>
  26.             <artifactId>spring-boot-starter-jdbc</artifactId>
  27.         </dependency>
  28.         <dependency>
  29.             <groupId>com.alibaba</groupId>
  30.             <artifactId>druid-spring-boot-starter</artifactId>
  31.             <version>1.1.10</version>
  32.         </dependency>
  33.         <dependency>
  34.             <groupId>mysql</groupId>
  35.             <artifactId>mysql-connector-java</artifactId>
  36.             <scope>runtime</scope>
  37.         </dependency>
  38.         <dependency>
  39.             <groupId>org.springframework.boot</groupId>
  40.             <artifactId>spring-boot-starter-data-redis</artifactId>
  41.         </dependency>
  42.         <dependency>
  43.             <groupId>org.springframework.cloud</groupId>
  44.             <artifactId>spring-cloud-security</artifactId>
  45.             <version>2.2.5.RELEASE</version>
  46.         </dependency>
  47.         <dependency>
  48.             <groupId>org.springframework.cloud</groupId>
  49.             <artifactId>spring-cloud-starter-oauth2</artifactId>
  50.             <version>2.2.5.RELEASE</version>
  51.         </dependency>
  53.         <dependency>
  54.             <groupId>org.springframework.boot</groupId>
  55.             <artifactId>spring-boot-starter-test</artifactId>
  56.             <scope>test</scope>
  57.         </dependency>
  59.     </dependencies>
  61.     <build>
  62.         <plugins>
  63.             <plugin>
  64.                 <groupId>org.springframework.boot</groupId>
  65.                 <artifactId>spring-boot-maven-plugin</artifactId>
  66.             </plugin>
  67.         </plugins>
  68.     </build>
  70. </project>

2.application.properties

  1. spring.datasource.url=jdbc:mysql://localhost:3306/demo?useUnicode=true&characterEncoding=utf8&useSSL=false&serverTimezone=Asia/Shanghai
  2. spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
  3. spring.datasource.driver-class-name = com.mysql.cj.jdbc.Driver
  4. spring.datasource.username=root
  5. spring.datasource.password=root
  6. spring.main.allow-bean-definition-overriding=true
  8. # redis的配置
  9. spring.redis.host=192.168.244.138
  10. spring.redis.port=6379
  11. spring.redis.password=root123
  12. spring.redis.database=0

3.security的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.context.annotation.Bean;
  4. import org.springframework.context.annotation.Configuration;
  5. import org.springframework.security.authentication.AuthenticationManager;
  6. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
  7. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  8. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  9. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  10. import org.springframework.security.crypto.password.PasswordEncoder;
  12. @Configuration
  13. public class SecurityConfig extends WebSecurityConfigurerAdapter {
  15.     @Bean
  16.     PasswordEncoder passwordEncoder() {
  17.         return new BCryptPasswordEncoder();
  18.     }
  20.     @Bean
  21.     @Override
  22.     public AuthenticationManager authenticationManagerBean() throws Exception {
  23.         return super.authenticationManagerBean();
  24.     }
  26.     @Override
  27.     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  28.         auth.inMemoryAuthentication()
  29.                 .withUser("admin")
  30.                 .password(passwordEncoder().encode("123"))
  31.                 .roles("admin")
  32.                 .and()
  33.                 .withUser("root")
  34.                 .password(passwordEncoder().encode("123"))
  35.                 .roles("root");
  36.     }
  38.     @Override
  39.     protected void configure(HttpSecurity http) throws Exception {
  40.         http.csrf().disable().formLogin();
  41.     }
  42. }

4.自定义token数据

  1. package com.yl.authserver.config;
  3. import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
  4. import org.springframework.security.oauth2.common.OAuth2AccessToken;
  5. import org.springframework.security.oauth2.provider.OAuth2Authentication;
  6. import org.springframework.security.oauth2.provider.token.TokenEnhancer;
  7. import org.springframework.stereotype.Component;
  9. import java.util.Map;
  11. @Component
  12. public class AdditionalInformation implements TokenEnhancer {
  13.     @Override
  14.     public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
  15.         Map<String, Object> map = oAuth2AccessToken.getAdditionalInformation();
  16.         map.put("msg","hello oauth2");
  17.         map.put("网站","www.baidu.com");
  18.         map.put("微信","66");
  19.         ((DefaultOAuth2AccessToken)oAuth2AccessToken).setAdditionalInformation(map);
  20.         return oAuth2AccessToken;
  21.     }
  22. }

5.自定义jwt转换器

  1. package com.yl.authserver.config;
  3. import org.springframework.security.core.context.SecurityContextHolder;
  4. import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
  5. import org.springframework.security.oauth2.common.OAuth2AccessToken;
  6. import org.springframework.security.oauth2.provider.OAuth2Authentication;
  7. import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
  9. import java.util.Date;
  10. import java.util.HashMap;
  11. import java.util.Map;
  13. public class MyJwtConverter extends JwtAccessTokenConverter {
  14.     @Override
  15.     public OAuth2AccessToken enhance(OAuth2AccessToken accessToken, OAuth2Authentication authentication) {
  16.         Map<String,Object> map = new HashMap<>();
  17.         Map<String,Object> info = new HashMap<>();
  18.         map.put("author","wfj");
  19.         map.put("date",new Date());
  20.         map.put("site","www.yy.com");
  21.         map.put("userInfo", SecurityContextHolder.getContext().getAuthentication());
  22.         info.put("info",map);
  23.         ((DefaultOAuth2AccessToken)accessToken).setAdditionalInformation(info);
  24.         return super.enhance(accessToken,authentication);
  25.     }
  26. }

6.token的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.beans.factory.annotation.Autowired;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.data.redis.connection.RedisConnectionFactory;
  7. import org.springframework.security.oauth2.provider.token.TokenStore;
  8. import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
  9. import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
  10. import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
  11. import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
  13. @Configuration
  14. public class AccessTokenConfig {
  16.     // 服务端不需要保存jwt的字符串
  17.     @Bean
  18.     TokenStore tokenStore() {
  19.         return new JwtTokenStore(jwtAccessTokenConverter());
  20.     }
  22.     @Bean
  23.     JwtAccessTokenConverter jwtAccessTokenConverter() {
  24.         JwtAccessTokenConverter converter = new MyJwtConverter();
  25.         converter.setSigningKey("tom");
  26.         return converter;
  27.     }
  28. }

7.授权服务器的配置

  1. package com.yl.authserver.config;
  3. import org.springframework.beans.factory.annotation.Autowired;
  4. import org.springframework.context.annotation.Bean;
  5. import org.springframework.context.annotation.Configuration;
  6. import org.springframework.security.authentication.AuthenticationManager;
  7. import org.springframework.security.crypto.password.PasswordEncoder;
  8. import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
  9. import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
  10. import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
  11. import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
  12. import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
  13. import org.springframework.security.oauth2.provider.ClientDetailsService;
  14. import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
  15. import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
  16. import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
  17. import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
  18. import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
  19. import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
  20. import org.springframework.security.oauth2.provider.token.TokenStore;
  21. import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
  23. import javax.sql.DataSource;
  24. import java.util.Arrays;
  26. //配置授权服务器
  27. @Configuration
  28. @EnableAuthorizationServer
  29. public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
  30.     @Autowired
  31.     TokenStore tokenStore;
  32.     // 客户端信息
  33. //    @Autowired
  34. //    ClientDetailsService clientDetailsService;
  35.     @Autowired
  36.     PasswordEncoder passwordEncoder;
  37.     @Autowired
  38.     JwtAccessTokenConverter jwtAccessTokenConverter;
  39.     @Autowired
  40.     AdditionalInformation additionalInformation;
  41.     @Autowired
  42.     AuthenticationManager authenticationManager;
  43.     @Autowired
  44.     DataSource dataSource;
  46.     @Bean
  47.     ClientDetailsService clientDetailsService() {
  48.         return new JdbcClientDetailsService(dataSource);
  49.     }
  51.     //配置Token服务
  52.     AuthorizationServerTokenServices authorizationServerTokenServices() {
  53.         DefaultTokenServices tokenServices = new DefaultTokenServices();
  54.         tokenServices.setClientDetailsService(clientDetailsService());
  55.         tokenServices.setSupportRefreshToken(true);
  56.         tokenServices.setAccessTokenValiditySeconds(60 * 60 * 2); //token有限期设置为2小时
  57.         tokenServices.setRefreshTokenValiditySeconds(60 * 60 * 24 * 7);
  58.         tokenServices.setTokenStore(tokenStore);
  59.         TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
  60.         tokenEnhancerChain.setTokenEnhancers(Arrays.asList(jwtAccessTokenConverter,additionalInformation));
  61.         tokenServices.setTokenEnhancer(tokenEnhancerChain);
  62.         return tokenServices;
  63.     }
  65.     //配置token
  66.     @Override
  67.     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
  68.         security.checkTokenAccess("permitAll()")// /oauth/check_token   带时候会调用这个请求来校验token
  69.                 .checkTokenAccess("isAuthenticated()")
  70.                 .allowFormAuthenticationForClients();
  72.     }
  74.     //配置客户端的信息(客户端信息存于内存)
  75.     @Override
  76.     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
  77.         clients.inMemory()
  78.                 .withClient("yl") //客户端名
  79.                 .secret(passwordEncoder.encode("123")) //客户端密码
  80.                 .scopes("all")
  81.                 .resourceIds("res1") //资源id
  82.                 .authorizedGrantTypes("authorization_code","refresh_token","implicit","password","client_credentials")
  83.                 // authorization_code授权码模式,password密码模式,implicit简化模式,client_credentials客户端模式,可以设置同时支持多种模式
  84.                 .autoApprove(true) //自动授权
  85. //                .redirectUris("http://localhost:8082/index.html"); //授权码模式界面
  86. //                .redirectUris("http://localhost:8082/01.html");//简化模式界面
  87.                 .redirectUris("http://localhost:8082/02.html");//密码模式界面
  88.     }
  90.     //配置客户端的信息(客户端信息存于数据库)
  91. //    @Override
  92. //    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
  93. //       clients.withClientDetails(clientDetailsService());
  94. //    }
  96.     //配置端点信息(主要获取授权码,要先拿到授权码,然后再根据授权码去获取token)
  97.     @Override
  98.     public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
  99.         endpoints.authorizationCodeServices(authorizationCodeServices())
  100.                 .authenticationManager(authenticationManager)
  101.                 .tokenServices(authorizationServerTokenServices());
  102.     }
  104.     @Bean
  105.     AuthorizationCodeServices authorizationCodeServices() {
  106.         return new InMemoryAuthorizationCodeServices();
  107.     }
  108. }

8.测试

1.获取token

2.解析token

版权说明 : 本文为转载文章, 版权归原作者所有 版权申明

原文链接 : https://blog.csdn.net/weixin_41359273/article/details/124263505

内容来源于网络,如有侵权,请联系作者删除!

spring

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com