spring cloud oauth2授权服务 clientDetails配置源码

clientDetails

@EnableAuthorizationServer

...
@Import({... AuthorizationServerSecurityConfiguration.class})
...

AuthorizationServerSecurityConfiguration

...
// 引入clientDetails配置
@Import({ ClientDetailsServiceConfiguration.class... })
...
// 注入客制实现的AuthorizationServerConfigurerAdapter
@Autowired 
private List<AuthorizationServerConfigurer> configurers = Collections.emptyList();
@Autowired
private ClientDetailsService clientDetailsService;
@Autowired
public void configure(ClientDetailsServiceConfigurer clientDetails) throws Exception {
	for (AuthorizationServerConfigurer configurer : configurers) {
		configurer.configure(clientDetails); // 此处完成clientDetailsService配置
	}
}
...

ClientDetailsServiceConfiguration

@Configuration
public class ClientDetailsServiceConfiguration {

	@SuppressWarnings("rawtypes")
	private ClientDetailsServiceConfigurer configurer = new ClientDetailsServiceConfigurer(new ClientDetailsServiceBuilder());
	
	@Bean
	public ClientDetailsServiceConfigurer clientDetailsServiceConfigurer() {
		return configurer;
	}

	@Bean
	@Lazy
	@Scope(proxyMode=ScopedProxyMode.INTERFACES)
	public ClientDetailsService clientDetailsService() throws Exception {
		return configurer.and().build();
	}

}

ClientDetailsServiceConfigurer

...
// 替换为自定义客户端信息服务
public ClientDetailsServiceBuilder<?> withClientDetails(ClientDetailsService clientDetailsService) throws Exception {
setBuilder(getBuilder().clients(clientDetailsService));
	return this.and();
}
// 替换为内存客户端信息服务
public InMemoryClientDetailsServiceBuilder inMemory() throws Exception {
	InMemoryClientDetailsServiceBuilder next = getBuilder().inMemory();
	setBuilder(next);
	return next;
}
// 替换为JDBC客户端信息服务
public JdbcClientDetailsServiceBuilder jdbc(DataSource dataSource) throws Exception {
	JdbcClientDetailsServiceBuilder next = getBuilder().jdbc().dataSource(dataSource);
	setBuilder(next);
	return next;
}
...

passwordEncoder

AuthorizationServerConfigurerAdapter

@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
    security.passwordEncoder(passwordEncoder);
}

AuthorizationServerSecurityConfigurer

@Override
public void init(HttpSecurity http) throws Exception {
...
// 根据有无配置编码器实例化ClientDetailsUserDetailsService
	if (passwordEncoder != null) {
		ClientDetailsUserDetailsService clientDetailsUserDetailsService = new ClientDetailsUserDetailsService(clientDetailsService());
		clientDetailsUserDetailsService.setPasswordEncoder(passwordEncoder());
		http.getSharedObject(AuthenticationManagerBuilder.class)
				.userDetailsService(clientDetailsUserDetailsService)
				.passwordEncoder(passwordEncoder());
	}
	else {
		http.userDetailsService(new ClientDetailsUserDetailsService(clientDetailsService()));
	}
}

posted on 2020-04-11 00:08  路过君  阅读(3411)  评论(0编辑  收藏  举报

导航