需要帮助以了解OAuth2

时间:2019-11-18 12:13:57

标签: spring-boot oauth-2.0

我正在尝试使用此工作指南https://www.devglan.com/spring-security/spring-boot-security-oauth2-example

来介绍OAuth2

本教程的讲解很好,但是我们必须在两个地方定义用户名/密码,但是为什么呢?

这是我不明白的...

AuthorizationServerConfig中的第一名:

        configurer
            .inMemory()
            .withClient(CLIEN_ID)
            .secret(CLIENT_SECRET)
            .authorizedGrantTypes(GRANT_TYPE_PASSWORD, AUTHORIZATION_CODE, REFRESH_TOKEN, IMPLICIT )
            .scopes(SCOPE_READ, SCOPE_WRITE, TRUST)
            .accessTokenValiditySeconds(ACCESS_TOKEN_VALIDITY_SECONDS).
            refreshTokenValiditySeconds(FREFRESH_TOKEN_VALIDITY_SECONDS);

尤其是

            .withClient(CLIEN_ID)
            .secret(CLIENT_SECRET)

数据库中的第二个位置:

@Service(value = "userService")
public class UserServiceImpl implements UserDetailsService, UserService {

@Autowired
private UserDao userDao;

public UserDetails loadUserByUsername(String userId) throws UsernameNotFoundException {
    User user = userDao.findByUsername(userId);
    if(user == null){
        throw new UsernameNotFoundException("Invalid username or password.");
    }
    return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), getAuthority());
}

0 个答案:

没有答案
相关问题
最新问题