spring cloud搭建oauth2资源服务
依赖
pom.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.5.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<properties>
<java.version>11</java.version>
<spring-cloud.version>Hoxton.SR4</spring-cloud.version>
</properties>
<dependencies>
<!-- spring cloud oauth2 -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<!-- spring cloud -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>${spring-cloud.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
配置
application.yml
security:
oauth2:
client:
client-id: application-client-id
client-secret: application-client-secret
access-token-uri: http://authsite-host/oauth/token
resource:
id: application-resource-id
tokenInfoUri: http://authsite-host/oauth/check_token
userInfoUri: http://authsite-host/oauth/check_user
- application-client-id、application-client-secret、application-resource-id修改为OAUTH2授权服务中注册的客户端、资源对应值
- 注意: 资源服务也需要配置注册为客户端, 否则无法通过认证服务器获取TOKEN和用户信息
JAVA配置
创建JAVA配置: ResourceServerConfig.java
@Configuration
// 启用资源服务器配置
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
protected ResourceServerProperties resource;
public ResourceServerConfig(ResourceServerProperties resource) {
this.resource = resource;
}
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources.resourceId(this.resource.getResourceId());
}
@Override
public void configure(HttpSecurity http) throws Exception {
// 自定义访问控制逻辑
http.authorizeRequests().anyRequest().authenticated();
}
}