springboot Oauth2 springboot+Oauth2实现自定义AuthenticationManager和认证path
huhanguang89 人气:2想了解springboot+Oauth2实现自定义AuthenticationManager和认证path的相关内容吗,huhanguang89在本文为您仔细讲解springboot Oauth2的相关知识和一些Code实例,欢迎阅读和指正,我们先划重点:springboot,Oauth2,springboot集成oauth2,spring,boot,oauth2,下面大家一起来学习吧。
本人在工作中需要构建这么一个后台框架,基于springboot,登录时认证使用自定义AuthenticationManager;同时支持Oauth2访问指定API接口,认证时的AuthenticationManager和登录规则不同。在研究了源码的基础上参考很多文章,目前基本得以解决。
@Configuration public class OAuth2Configuration { @SpringBootApplication @RestController @EnableResourceServer @Configuration @EnableAuthorizationServer protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter implements EnvironmentAware { private static final String ENV_OAUTH = "authentication.oauth."; private static final String PROP_CLIENTID = "clientid"; private static final String PROP_SECRET = "secret"; private static final String PROP_TOKEN_VALIDITY_SECONDS = "tokenValidityInSeconds"; private RelaxedPropertyResolver propertyResolver; @Autowired private DataSource dataSource; @Bean public TokenStore tokenStore() { return new JdbcTokenStore(dataSource); } // @Autowired // @Qualifier("authenticationManagerBean") // private AuthenticationManager authenticationManager; @Autowired @Qualifier("daoAuhthenticationOauthProvider") private AuthenticationProvider daoAuhthenticationOauthProvider; @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { // @formatter:off endpoints .tokenStore(tokenStore()) .authenticationManager(new AuthenticationManager(){ @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { // TODO Auto-generated method stub return daoAuhthenticationOauthProvider.authenticate(authentication); } }); // @formatter:on } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients .inMemory() .withClient(propertyResolver.getProperty(PROP_CLIENTID)) .scopes("read", "write") .authorities(Authorities.ROLE_CHANNEL.name()) .authorizedGrantTypes("password", "refresh_token") .secret(propertyResolver.getProperty(PROP_SECRET)) .accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS, Integer.class, 1800)); } @Override public void setEnvironment(Environment environment) { this.propertyResolver = new RelaxedPropertyResolver(environment, ENV_OAUTH); } @Configuration @EnableResourceServer protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter { @Override public void configure(HttpSecurity http) throws Exception { http .antMatcher("/api/dev/**") .authorizeRequests() .anyRequest() .hasRole("DEVELEPOR") .and() .antMatcher("/api/channel/**") .authorizeRequests() .anyRequest() .hasRole("CHANNEL"); } } } }
以上是Oauth2的主要配置,SecurityConfiguration的配置就不贴了,大家可以去github上找资料,下面是如何自定一个daoAuhthenticationProvider。
@Bean(name="daoAuhthenticationProvider") public AuthenticationProvider daoAuhthenticationProvider() { DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); daoAuthenticationProvider.setUserDetailsService(userDetailsService); daoAuthenticationProvider.setHideUserNotFoundExceptions(false); daoAuthenticationProvider.setPasswordEncoder(passwordEncoder); return daoAuthenticationProvider; } @Bean(name="daoAuhthenticationOauthProvider") public AuthenticationProvider daoAuhthenticationOauthProvider() { DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider(); daoAuthenticationProvider.setUserDetailsService(userDetailsOauthService); daoAuthenticationProvider.setHideUserNotFoundExceptions(false); daoAuthenticationProvider.setPasswordEncoder(passwordEncoder); return daoAuthenticationProvider; } @Override public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.authenticationProvider(daoAuhthenticationProvider()); // auth.authenticationProvider(daoAuhthenticationProvider1()); } @Bean @Override public AuthenticationManager authenticationManagerBean() throws Exception { return super.authenticationManagerBean(); }
加载全部内容