1

zhujie

5 天以前 ec15861e14c66c38b1a8f5fffc6975d7da6c315c

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package com.mzl.flower.config;
 
import com.mzl.flower.service.impl.BaseUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.config.annotation.builders.InMemoryClientDetailsServiceBuilder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
 
import java.util.List;
 
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
 
    @Autowired
    private AuthenticationManager authenticationManager;
 
    @Autowired
    private RedisConnectionFactory redisConnectionFactory;
 
    @Autowired
    private BaseUserDetailsService baseUserDetailsService;
 
 
    @Autowired
    private OAuth2Properties oAuth2Properties;
 
    @Autowired
    private TokenStore tokenStore;
 
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        InMemoryClientDetailsServiceBuilder builder = clients.inMemory();
        List<OAuth2Properties.ClientConfiguration> configurations =  oAuth2Properties.getClientConfigurations();
 
        for(OAuth2Properties.ClientConfiguration configuration:configurations){
            builder.withClient(configuration.getClientId())
                    .secret(new BCryptPasswordEncoder().encode(configuration.getSecret()))
                    .authorizedGrantTypes("implicit", "refresh_token", "password", "authorization_code")
                    .scopes("openid")
                    .accessTokenValiditySeconds(configuration.getAccessTokenValidityInSeconds())
                    .refreshTokenValiditySeconds(configuration.getRefreshTokenValidityInSecondsForRememberMe());
        }
    }
 
    /**
     * 认证服务端点配置
     */
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
        endpoints
                //用户管理
                .userDetailsService(baseUserDetailsService)
                //token存到redis
                .tokenStore(tokenStore)
                //启用oauth2管理
                .authenticationManager(authenticationManager)
                //接收GET和POST
                .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);
    }
 
    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
        oauthServer.allowFormAuthenticationForClients()
                .tokenKeyAccess("permitAll()")
                .checkTokenAccess("permitAll()");
    }
}