SpringSecurityOAuth认证配置及Token的存储

Posted Coreqi

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了SpringSecurityOAuth认证配置及Token的存储相关的知识,希望对你有一定的参考价值。

⒈pom依赖

 1         <dependency>
 2             <groupId>org.springframework.boot</groupId>
 3             <artifactId>spring-boot-starter-security</artifactId>
 4         </dependency>
 5         <dependency>
 6             <groupId>org.springframework.boot</groupId>
 7             <artifactId>spring-boot-starter-data-redis</artifactId>
 8         </dependency>
 9         <dependency>
10             <groupId>org.springframework.boot</groupId>
11             <artifactId>spring-boot-starter-web</artifactId>
12         </dependency>
13         <dependency>
14             <groupId>org.springframework.security.oauth</groupId>
15             <artifactId>spring-security-oauth2</artifactId>
16             <version>2.3.5.RELEASE</version>
17         </dependency>
18         <dependency>
19             <groupId>commons-collections</groupId>
20             <artifactId>commons-collections</artifactId>
21             <version>3.2.2</version>
22         </dependency>
23         <dependency>
24             <groupId>org.springframework.boot</groupId>
25             <artifactId>spring-boot-starter-test</artifactId>
26             <scope>test</scope>
27         </dependency>
28         <dependency>
29             <groupId>org.springframework.security</groupId>
30             <artifactId>spring-security-test</artifactId>
31             <scope>test</scope>
32         </dependency>

⒉OAuth配置

 1 package cn.coreqi.config;
 2 
 3 import org.springframework.beans.factory.annotation.Autowired;
 4 import org.springframework.beans.factory.annotation.Qualifier;
 5 import org.springframework.context.annotation.Bean;
 6 import org.springframework.context.annotation.Configuration;
 7 import org.springframework.data.redis.connection.RedisConnectionFactory;
 8 import org.springframework.security.authentication.AuthenticationManager;
 9 import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
10 import org.springframework.security.core.userdetails.UserDetailsService;
11 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
12 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
13 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
14 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
15 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
16 import org.springframework.security.oauth2.provider.token.TokenStore;
17 import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;
18 
19 @Configuration
20 @EnableAuthorizationServer  //开启认证服务器
21 public class CoreqiAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
22 
23     @Autowired
24     //@Qualifier("authenticationManagerBean")
25     private AuthenticationManager authenticationManager;
26 
27     @Autowired
28     private UserDetailsService userDetailsService;
29 
30     /**
31      * TokenStore   负责令牌的存取
32      * @param redisConnectionFactory
33      * @return
34      */
35     @Bean
36     public TokenStore redisTokenStore(RedisConnectionFactory redisConnectionFactory){
37         return new RedisTokenStore(redisConnectionFactory);
38     }
39 
40     @Autowired
41     private TokenStore redisTokenStore;
42 
43 //    @Autowired
44 //    private AuthenticationConfiguration authenticationConfiguration;
45 
46     /**
47      * 针对端点的配置
48      * @param authorizationServerEndpointsConfigurer
49      * @throws Exception
50      */
51     @Override
52     public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception {
53         //authorizationServerEndpointsConfigurer.authenticationManager(authenticationConfiguration.getAuthenticationManager());
54         authorizationServerEndpointsConfigurer.tokenStore(redisTokenStore)  //将Token存放到Redis中
55                                             .authenticationManager(authenticationManager)
56                                             .userDetailsService(userDetailsService);
57     }
58 
59     /**
60      * 第三方应用客户端的有关配置
61      * @param clientDetailsServiceConfigurer
62      * @throws Exception
63      */
64     @Override
65     public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception {
66         clientDetailsServiceConfigurer.inMemory()
67                 .withClient("coreqi")   //client_id
68                 .secret("coreqiSecret") //client_id的密码
69                 .accessTokenValiditySeconds(7200) //令牌的有效时间(单位秒)
70                 .redirectUris("https://www.baidu.com")
71                 .scopes("all","read","write")  //所支持的权限有那些
72                 .authorities("COREQI_READ")
73                 .authorizedGrantTypes("authorization_code","password"); //针对当前client所支持的授权模式
74     }
75 
76     /**
77      * 针对安全性有关的配置
78      * @param security
79      * @throws Exception
80      */
81     @Override
82     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
83         super.configure(security);
84     }
85 }

 

以上是关于SpringSecurityOAuth认证配置及Token的存储的主要内容,如果未能解决你的问题,请参考以下文章

Spring Security 解析 —— 认证过程

OpenStack 运维 - 部署Keystone组件 [T版]

(CVE-2016-4977) SpringSecurityOauth 远程命令执行

SpringSecurityOauth2(四种模式)

SpringBoot 基于 OAuth2 统一身份认证流程详解

手把手教你如何使用Spring Security(中):接口认证