在Spring Security OAuth中,如何使用passwordEncoder来处理客户端机密?

时间:2014-11-11 10:15:27

标签: spring oauth spring-security spring-security-oauth2

我试图在使用Spring Security Oauth2时将客户机密码存储在数据库中。我可以看到JdbcClientDetailsService有一个setPasswordEncoder方法(mentioned in this question)。但是,ClientDetailsServiceConfigurer上的AuthorizationServerConfigurerAdapter没有显示设置密码编码器的任何明显方法。有谁知道如何做到这一点?我已经包含了授权服务器配置:

@Configuration
@EnableAuthorizationServer
public static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {

    @Autowired
    private DataSource dataSource;
    @Autowired
    private PasswordEncoder passwordEncoder;
    @Autowired
    private TokenStore tokenStore;
    @Autowired
    private UserApprovalHandler userApprovalHandler;
    @Autowired
    private ClientDetailsService clientDetailsService;
    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.jdbc(dataSource);
    }

    @Bean
    public TokenStore tokenStore() {
        return new JdbcTokenStore(dataSource);
    }

    @Bean
    public TokenApprovalStore tokenApprovalStore() {
        TokenApprovalStore tokenApprovalStore = new TokenApprovalStore();
        tokenApprovalStore.setTokenStore(tokenStore);
        return tokenApprovalStore;
    }

    @Bean
    public UserApprovalHandler userApprovalHandler() {
        LocalUserApprovalHandler handler = new LocalUserApprovalHandler();
        handler.setApprovalStore(tokenApprovalStore());
        handler.setRequestFactory(new DefaultOAuth2RequestFactory(clientDetailsService));
        handler.setClientDetailsService(clientDetailsService);
        handler.setUseApprovalStore(true);
        return handler;
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
        endpoints.tokenStore(tokenStore)
                .userApprovalHandler(userApprovalHandler)
                .authenticationManager(authenticationManager);
    }


    @Override
    public void configure(AuthorizationServerSecurityConfigurer oauthServer) {
        oauthServer.realm("abcdefgh/client");
    }

}

2 个答案:

答案 0 :(得分:5)

从版本2.0.5开始,passwordEncoder(...)ClientDetailsServiceConfigurer现在都可以使用AuthorizationServerSecurityConfigurer方法,这些方法在扩展AuthorizationServerConfigurerAdapter时可用。在两者上使用相同的PasswordEncoder实现,配置相对容易。

答案 1 :(得分:1)

如果密码已经在数据库中,

ClientDetailsServiceConfigurer并不真正需要对密码进行编码。如果您使用后端存储,则应将其注入配置器,并将后端数据创建作为单独的问题处理。

相关问题
最新问题