我试图用单独的资源服务器制造一个oauth服务器,但是它们之间没有连接。
OAuth2Config:
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter
{
@Autowired
@Qualifier("userDetailsService")
private UserDetailsService userDetailsService;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private ResourceLoader resourceLoader;
@Value("${logistics.oauth.tokenTimeout:36000}")
private int expiration;
@Value("${security.jwt.resource-ids}")
private String resourceIds;
@Value("${server.ssl.key-store}")
private String keystore;
@Value("${server.ssl.key-store-password}")
private String password;
@Value("${server.ssl.key-alias}")
private String alias;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer configurer) throws Exception {
TokenEnhancerChain tokenEnhancerChain = new TokenEnhancerChain();
tokenEnhancerChain.setTokenEnhancers(Arrays.asList(tokenEnhancer(), accessTokenConverter()));
configurer.tokenStore(tokenStore())
.accessTokenConverter(accessTokenConverter())
.tokenEnhancer(tokenEnhancerChain)
.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory().withClient("logistics").secret(passwordEncoder().encode("secret")).accessTokenValiditySeconds(expiration)
.scopes("read", "write").authorizedGrantTypes("password", "refresh_token","authorization_code").resourceIds(resourceIds);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
@Bean
@Primary
public DefaultTokenServices tokenServices(){
final DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore());
defaultTokenServices.setTokenEnhancer(accessTokenConverter());
defaultTokenServices.setSupportRefreshToken(true);
return defaultTokenServices;
}
@Bean
public TokenStore tokenStore() {return new JwtTokenStore(accessTokenConverter());}
@Bean
public JwtAccessTokenConverter accessTokenConverter(){
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
Resource resource = resourceLoader.getResource(keystore);
KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(resource,password.toCharArray());
converter.setKeyPair(keyStoreKeyFactory.getKeyPair(alias));
return converter;
}
@Bean
public TokenEnhancer tokenEnhancer(){return new CustomTokenEnhancer();}
}
WebsecurityConfig OAut2Server:
@Configuration
@EnableWebMvc
public class WebSecurityConfig extends WebSecurityConfigurerAdapter
{
@Autowired
private UserDetailsService userDetailsService;
@Bean
@Override
protected AuthenticationManager authenticationManager() throws Exception {
return super.authenticationManager();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService)
.passwordEncoder(passwordEncoder());
}
@Override
protected void configure(final HttpSecurity http) throws Exception {
// @formatter:off
http.authorizeRequests().antMatchers("/login").permitAll()
.antMatchers("/oauth/token/revokeById/**").permitAll()
.antMatchers("/tokens/**").permitAll()
.anyRequest().authenticated()
.and()
.csrf().disable();
// @formatter:on
}
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
application.properties:
server.port=81
server.ssl.key-alias=alias
server.ssl.key-store-type=jks
server.ssl.key-store-password=password
server.ssl.key-password=password
server.ssl.key-store=classpath:keystore.jks
server.ssl.enabled=true
server.ssl.ciphers=TLS_RSA_WITH_AES_128_CBC_SHA256,
INCLUDE_ANY_OTHER_ONES_YOU_NEED_TO_SUPPORT
server.ssl.protocol=TLS
server.ssl.enabled-protocols=TLSv1.2
我不知道我在做什么错。我遵循了多个教程,但没有一个起作用。有人可以看到我在做什么错吗?