Spring Zuul Oauth2网关/资源服务器

时间:2018-05-03 10:34:36

标签: spring spring-security oauth netflix-zuul

是否可以使用Zuul作为"假的"资源服务器,在返回代理&#d; d内容之前检查OAuth2范围?

类似的东西:

project.task('stageMyEar', type: Upload) { configuration = getDefaultConfiguration() repositories { maven { url "${projectProperty('releaseArtifactoryUrl')}" credentials { username "${projectProperty('releaseArtifactoryUsername')}" password "${projectProperty('releaseArtifactoryPassword')}" } } } } private getDefaultConfiguration() { def defaultConfiguration = project.configurations.archives defaultConfiguration.artifacts.each { it.buildDependencies.values.clear() } project.version = 'current' return defaultConfiguration }

内部API服务可以免于任何安全问题,Zuul代理服务充当网关。以上所有都是Spring应用程序,如果这有所不同。

1 个答案:

答案 0 :(得分:1)

绝对

您还必须配置资源服务器的配置 创建一个bean ResourceServerConfig,它扩展ResourceServerConfigurerAdapter并覆盖configure(HttpSecurity security)方法。使用@EnableResourceServer注释对其进行注释。

类似这样的事情

@Configuration
@EnableResourceServer
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.sessionManagement()
                .sessionCreationPolicy(SessionCreationPolicy.IF_REQUIRED)
                .and()
                .authorizeRequests()
                // .antMatchers("/swagger*", "/v2/**")
                // .access("#oauth2.hasScope('read')")
                .anyRequest()
                .permitAll();
    }

    @Bean
    @Primary
    public DefaultTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setTokenStore(tokenStore());
        return defaultTokenServices;
    }

    @Bean
    public TokenStore tokenStore() {

        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter() {
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
         converter.setSigningKey("123");

//        Resource resource = new ClassPathResource("publicKey.txt");
//        String publicKey = null;
//
//        try {
//            publicKey = IOUtils.toString(resource.getInputStream(), Charset.defaultCharset());
//        } catch (final IOException e) {
//            throw new RuntimeException(e);
//        }
//        converter.setVerifierKey(publicKey);
        return converter;
    }
}