spring cloud 搭建oauth2授权服务 使用redis存储令牌

依赖

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>

配置文件

spring:
  application:
    name: oauth2-server
  redis:
    host: localhost
    port: 6379
    database: 1
server:
  port: 80

TokenStore

@Configuration
public class RedisTokenStoreConfig {
    @Bean
    public TokenStore redisTokenStore(RedisConnectionFactory redisConnectionFactory) {
        return new RedisTokenStore(redisConnectionFactory);
    }
}

WebSecuritry

@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 	@Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                // 登陆页
                .formLogin().permitAll()
                // 登出页
                .and().logout().logoutUrl("/logout").logoutSuccessUrl("/")
                // 其余所有请求全部需要鉴权认证
                .and().authorizeRequests().anyRequest().authenticated()
                // 关闭csrf
                .and().csrf().disable();
    }
    
    @Bean
    public PasswordEncoder passwordEncoder() {
        return NoOpPasswordEncoder.getInstance();// new BCryptPasswordEncoder();
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
    
	@Bean
    public UserDetailsService userDetailsService() {
        return new UserDetailsServiceImpl();
    }

    public static class UserDetailsServiceImpl implements UserDetailsService {

        @Override
        public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
           ...
        }
    }
}

AuthorizationServer

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
    AuthenticationManager authenticationManager;
    PasswordEncoder passwordEncoder;
    ClientRepository clientRepo;
    TokenStore redisTokenStore;

    public AuthorizationServerConfig(AuthenticationManager authenticationManager,
                                     PasswordEncoder passwordEncoder,
                                     ClientRepository clientRepo,
                                     TokenStore redisTokenStore
    ) {
        this.authenticationManager = authenticationManager;
        this.passwordEncoder = passwordEncoder;
        this.clientRepo = clientRepo;
        this.redisTokenStore = redisTokenStore;
    }


    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    	// 集成websecurity认证
        endpoints.authenticationManager(authenticationManager);
        // 注册redis令牌仓库
        endpoints.tokenStore(redisTokenStore);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
    	// 允许通过form提交客户端认证信息(client_id,client_secret),默认为basic方式认证
        security.allowFormAuthenticationForClients();
        // "/oauth/check_token"端点默认不允许访问
        security.checkTokenAccess("isAuthenticated()");
        // "/oauth/token_key"断点默认不允许访问
        security.tokenKeyAccess("isAuthenticated()");
        // 配置密码编码器
        security.passwordEncoder(passwordEncoder);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
    	// 注册自定义客户端信息服务
        clients.withClientDetails(new ClientDetailsServiceImpl(clientRepo));
    }

    public static class ClientDetailsServiceImpl implements ClientDetailsService {

        @Override
        public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {
            // 实现客户端信息查询逻辑
        }
    }
}

posted on   路过君  阅读(3159)  评论(0编辑  收藏  举报

编辑推荐:
· 一个奇形怪状的面试题:Bean中的CHM要不要加volatile?
· [.NET]调用本地 Deepseek 模型
· 一个费力不讨好的项目,让我损失了近一半的绩效!
· .NET Core 托管堆内存泄露/CPU异常的常见思路
· PostgreSQL 和 SQL Server 在统计信息维护中的关键差异
阅读排行:
· DeepSeek “源神”启动!「GitHub 热点速览」
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· 我与微信审核的“相爱相杀”看个人小程序副业
· C# 集成 DeepSeek 模型实现 AI 私有化(本地部署与 API 调用教程)
· spring官宣接入deepseek,真的太香了~

导航

< 2025年2月 >
26 27 28 29 30 31 1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 1
2 3 4 5 6 7 8
点击右上角即可分享
微信分享提示