SpringBoot實現標準的OAuth服務提供商
阿新 • • 發佈:2019-04-06
模式 ons dir span test pre 提供商 哪些 自己
⒈添加pom依賴
1 <dependency> 2 <groupId>org.springframework.boot</groupId> 3 <artifactId>spring-boot-starter-security</artifactId> 4 </dependency> 5 <dependency> 6 <groupId>org.springframework.boot</groupId> 7 <artifactId>spring-boot-starter-web</artifactId> 8 </dependency> 9 <dependency> 10 <groupId>org.springframework.security.oauth</groupId> 11 <artifactId>spring-security-oauth2</artifactId> 12 <version>2.3.5.RELEASE</version> 13 </dependency> 14 <dependency> 15 <groupId>org.springframework.boot</groupId> 16 <artifactId>spring-boot-starter-test</artifactId> 17 <scope>test</scope> 18 </dependency> 19 <dependency> 20 <groupId>org.springframework.security</groupId> 21 <artifactId>spring-security-test</artifactId> 22 <scope>test</scope> 23 </dependency>
⒉配置SpringSecurity
1 package cn.coreqi.config; 2 3 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 4 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 5 6 @EnableWebSecurity 7 public class CoreqiWebSecurityConfig extends WebSecurityConfigurerAdapter { 8 }
⒊配置OAuth
1 package cn.coreqi.config; 2 3 import org.springframework.context.annotation.Configuration; 4 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; 5 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer; 6 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; 7 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; 8 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; 9 10 @Configuration 11 @EnableAuthorizationServer //開啟認證服務器 12 public class CoreqiAuthorizationServerConfig implements AuthorizationServerConfigurer { 13 14 @Override 15 public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception { 16 17 } 18 19 @Override 20 public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception { 21 clientDetailsServiceConfigurer.inMemory() 22 .withClient("coreqi") 23 .secret("coreqiSecret") 24 .redirectUris("https://www.baidu.com") 25 .scopes("ALL") 26 .authorities("COREQI_READ") 27 .authorizedGrantTypes("authorization_code"); 28 } 29 30 @Override 31 public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception { 32 33 } 34 }
⒋測試
1.訪問http://localhost:8080/登錄
為什麽要登錄?因為這個地址是我們提供給第三方應用,由第三方應用來引導用戶進行授權的,作為服務提供商,我們需要知道,1.是那個應用在請求授權(通過client_id),2.第三方應用在請求我們哪個用戶的授權(通過此時登錄的用戶名密碼判斷是我們系統中的哪個用戶),3.需要我們給第三方應用該用戶的哪些權限(通過scope參數,scope參數是由我們自己定義的)。
2.訪問http://localhost:8080/oauth/authorize?response_type=code&client_id=coreqi&redirect_uri=https://www.baidu.com&scope=ALL進行測試
參數介紹:
response_type:必填,值必須為code
client_id:必填,客戶端id
redirect_uri:可選,授權碼模式下可用
scope:必須要有,要麽在服務器端配置,要麽在請求參數中配置。
state:推薦
SpringBoot實現標準的OAuth服務提供商