我使用spring-security-oauth2实现的Oauth2服务器运行良好,验证用户身份,刷新令牌,如果我通过身份验证标头" Bearer xxxx"到其中的休息终点,也很有效。
问题是,我想创建一个休息服务,通过oauth服务器传递标题" Bearer xxxx"并且批准了连接,有什么解决方案吗?我真的很沮丧......
Service-Auth =>
AuthorizationServer:
@Configuration
@EnableAuthorizationServer
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
@Autowired
@Qualifier("authenticationManagerBean")
private AuthenticationManager authenticationManager;
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints)
throws Exception {
endpoints
.tokenStore(tokenStore())
.authenticationManager(authenticationManager);
}
@Override
public void configure(final ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.allowFormAuthenticationForClients();
}
}
ResourceServer:
@Configuration
@EnableResourceServer
public class ResourceServer extends ResourceServerConfigurerAdapter {
@Override
public void configure(final HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/auth/**").authenticated();
}
}
安全配置:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Bean
public PasswordEncoder passwordEncoder() {
return new StandardPasswordEncoder();
}
@Autowired
public void configureGlobal(final AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
}
public static Properties getProps() throws IOException {
Properties prop = new Properties();
try (InputStream in = Thread.currentThread().getContextClassLoader().getResourceAsStream("crowd.properties")) {
prop.load(in);
}
return prop;
}
@Override
public void configure(WebSecurity web) throws Exception {
web
.ignoring()
.antMatchers("/api/v1/secure/hello");
}
@Bean
public CrowdUserDetailsService crowdUserDetailsService() throws IOException {
CrowdUserDetailsServiceImpl cusd = new CrowdUserDetailsServiceImpl();
cusd.setAuthorityPrefix("ROLE_");
return cusd;
}
@Override
@Bean
public org.springframework.security.authentication.AuthenticationManager authenticationManagerBean() throws Exception {
return new AuthenticationBasic();
}
}
application.properties:
# Database
spring.datasource.url=jdbc:mysql://xxx.xxx.xxx.xxx:3306/oauth2
spring.datasource.username=admin
spring.datasource.password=password
spring.datasource.schema=oauth2
spring.datasource.driverClassName=com.mysql.jdbc.Driver
# Test connection every hour Database
spring.datasource.testOnBorrow=true
spring.datasource.validationQuery=SELECT 1
spring.datasource.timeBetweenEvictionRunsMillis = 60000
# Web server
server.port=8080
server.contextPath=/api/v1/secure
Service-Client =>
应用
@SpringBootApplication
@EnableOAuth2Client
public class Application extends SpringBootServletInitializer {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
SecurityConfig:
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.anyRequest().permitAll();
}
}
RestController:
@Controller
public class HelloController {
@RequestMapping(value = "/hello",
method = RequestMethod.GET)
@ResponseBody
public String sayHello() {
return "Hello User!";
}
}
application.yml:
security:
oauth2:
client:
clientId: client
clientSecret: secret
accessTokenUri: http://localhost:8080/api/v1/secure/oauth/token
userAuthorizationUri: http://localhost:8080/api/v1/secure/oauth/authorize
clientAuthenticationScheme: header
resource:
tokenInfoUri: http://localhost:8080/api/v1/secure/oauth/check_token
server:
port: 8082
contextPath: /api/v1/auth