Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
smileNicky
jeeplatform
提交
539155a2
J
jeeplatform
项目概览
smileNicky
/
jeeplatform
通知
8
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
5
列表
看板
标记
里程碑
合并请求
4
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jeeplatform
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
5
Issue
5
列表
看板
标记
里程碑
合并请求
4
合并请求
4
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
539155a2
编写于
5月 11, 2020
作者:
马
马增群
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
JWT方式保存令牌
上级
712dfc4d
变更
1
隐藏空白更改
内联
并排
Showing
1 changed file
with
28 addition
and
24 deletion
+28
-24
code/jeeplatform-sso-oauth2/src/main/java/org/muses/jeeplatform/oauth/configuration/OAuth2Configuration.java
.../jeeplatform/oauth/configuration/OAuth2Configuration.java
+28
-24
未找到文件。
code/jeeplatform-sso-oauth2/src/main/java/org/muses/jeeplatform/oauth/configuration/OAuthConfiguration.java
→
code/jeeplatform-sso-oauth2/src/main/java/org/muses/jeeplatform/oauth/configuration/OAuth
2
Configuration.java
浏览文件 @
539155a2
...
...
@@ -4,6 +4,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import
org.springframework.beans.factory.annotation.Qualifier
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
import
org.springframework.http.HttpMethod
;
import
org.springframework.security.authentication.AuthenticationManager
;
import
org.springframework.security.core.userdetails.UserDetailsService
;
import
org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
;
...
...
@@ -14,13 +15,12 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.A
import
org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer
;
import
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer
;
import
org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer
;
import
org.springframework.security.oauth2.provider.ClientDetailsService
;
import
org.springframework.security.oauth2.provider.OAuth2Authentication
;
import
org.springframework.security.oauth2.provider.client.JdbcClientDetailsService
;
import
org.springframework.security.oauth2.provider.token.DefaultTokenServices
;
import
org.springframework.security.oauth2.provider.token.TokenStore
;
import
org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore
;
import
org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter
;
import
org.springframework.security.oauth2.provider.token.store.JwtTokenStore
;
import
javax.annotation.Resource
;
import
javax.sql.DataSource
;
...
...
@@ -31,7 +31,7 @@ import java.util.concurrent.TimeUnit;
/**
* <pre>
*
*
OAuth2.0配置
* </pre>
*
* <pre>
...
...
@@ -43,7 +43,7 @@ import java.util.concurrent.TimeUnit;
@Configuration
//开启授权服务
@EnableAuthorizationServer
public
class
OAuthConfiguration
extends
AuthorizationServerConfigurerAdapter
{
public
class
OAuth
2
Configuration
extends
AuthorizationServerConfigurerAdapter
{
@Autowired
private
AuthenticationManager
authenticationManager
;
...
...
@@ -94,20 +94,23 @@ public class OAuthConfiguration extends AuthorizationServerConfigurerAdapter {
.refreshTokenValiditySeconds(FREFRESH_TOKEN_VALIDITY_SECONDS)
//允许授权类型
.authorizedGrantTypes(GRANT_TYPE_PASSWORD , AUTHORIZATION_CODE , REFRESH_TOKEN , IMPLICIT);*/
// 数据库保存配置信息到oauth_client_details表,schema参考sql/oauth_client_details
clients
.
jdbc
(
dataSource
);
}
@Override
public
void
configure
(
AuthorizationServerEndpointsConfigurer
endpoints
)
throws
Exception
{
//endpoints.tokenStore(jwtTokenStore()).authenticationManager(authenticationManager)
//.accessTokenConverter(accessTokenConverter())
//.userDetailsService(userDetailsService) //必须注入userDetailsService否则根据refresh_token无法加载用户信息
//.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST,HttpMethod.OPTIONS) //支持GET POST 请求获取token
//.reuseRefreshTokens(true); //开启刷新token
//.tokenServices(tokenServices());
// 使用最基本的InMemoryTokenStore生成token
endpoints
.
authenticationManager
(
authenticationManager
).
tokenStore
(
memoryTokenStore
());
endpoints
.
tokenStore
(
jwtTokenStore
()).
authenticationManager
(
authenticationManager
)
.
accessTokenConverter
(
accessTokenConverter
())
//必须注入userDetailsService否则根据refresh_token无法加载用户信息
//.userDetailsService(userDetailsService)
//支持获取token方式
.
allowedTokenEndpointRequestMethods
(
HttpMethod
.
GET
,
HttpMethod
.
POST
,
HttpMethod
.
PUT
,
HttpMethod
.
DELETE
,
HttpMethod
.
OPTIONS
)
//开启刷新token
.
reuseRefreshTokens
(
true
)
.
tokenServices
(
tokenServices
());
// 使用内存保存生成的token
//endpoints.authenticationManager(authenticationManager).tokenStore(memoryTokenStore());
}
/**
...
...
@@ -147,28 +150,29 @@ public class OAuthConfiguration extends AuthorizationServerConfigurerAdapter {
return
token
;
}
};
// 设置签署key
converter
.
setSigningKey
(
"bcrypt"
);
return
converter
;
}
// @Bean
// public TokenStore jwtTokenStore() {
// //基于jwt实现令牌(Access Token)
// return new JwtTokenStore(accessTokenConverter());
// }
@Bean
public
TokenStore
memory
TokenStore
()
{
//
最基本的InMemoryTokenStore生成token
return
new
InMemoryTokenStore
(
);
public
TokenStore
jwt
TokenStore
()
{
//
基于jwt实现令牌(Access Token)保存
return
new
JwtTokenStore
(
accessTokenConverter
()
);
}
// @Bean
// public TokenStore memoryTokenStore() {
// // 最基本的InMemoryTokenStore生成token
// return new InMemoryTokenStore();
// }
@Bean
public
DefaultTokenServices
tokenServices
()
{
final
DefaultTokenServices
defaultTokenServices
=
new
DefaultTokenServices
();
defaultTokenServices
.
setTokenEnhancer
(
accessTokenConverter
());
defaultTokenServices
.
setTokenStore
(
memory
TokenStore
());
defaultTokenServices
.
setSupportRefreshToken
(
true
);
defaultTokenServices
.
setTokenStore
(
jwt
TokenStore
());
//
defaultTokenServices.setSupportRefreshToken(true);
defaultTokenServices
.
setAccessTokenValiditySeconds
((
int
)
TimeUnit
.
DAYS
.
toSeconds
(
30
));
// 30天
return
defaultTokenServices
;
}
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录