安装httpie
安装httpie 需要 python 环境
pip install --upgrade httpie
进入D:\Project目录,在此目录下打开CMD,调用httpie,创建 oauth2 项目
http -d https://start.spring.io/starter.zip javaVersion==17 groupId==com.my.demo artifactId==oauthService name==oauth-service baseDir==oauth-service bootVersion==2.6.6.RELEASE dependencies==cloud-starter
将生成的oauthService.zip解压缩到当前目录,然后进入到oauth-service文件夹
导入数据库脚本
CREATE DATABASE IF NOT EXISTS `oauth2`; USE `oauth2`; CREATE TABLE IF NOT EXISTS `oauth_access_token` ( `token_id` varchar(256) DEFAULT NULL, `token` blob, `authentication_id` varchar(128) NOT NULL, `user_name` varchar(256) DEFAULT NULL, `client_id` varchar(256) DEFAULT NULL, `authentication` blob, `refresh_token` varchar(256) DEFAULT NULL, PRIMARY KEY (`authentication_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `oauth_approvals` ( `userId` varchar(256) DEFAULT NULL, `clientId` varchar(256) DEFAULT NULL, `scope` varchar(256) DEFAULT NULL, `status` varchar(10) DEFAULT NULL, `expiresAt` datetime DEFAULT NULL, `lastModifiedAt` datetime DEFAULT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `oauth_client_details` ( `client_id` varchar(128) NOT NULL, `resource_ids` varchar(256) DEFAULT NULL, `client_secret` varchar(256) DEFAULT NULL, `scope` varchar(256) DEFAULT NULL, `authorized_grant_types` varchar(256) DEFAULT NULL, `web_server_redirect_uri` varchar(256) DEFAULT NULL, `authorities` varchar(256) DEFAULT NULL, `access_token_validity` int DEFAULT NULL, `refresh_token_validity` int DEFAULT NULL, `additional_information` varchar(4096) DEFAULT NULL, `autoapprove` varchar(256) DEFAULT NULL, PRIMARY KEY (`client_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `oauth_client_token` ( `token_id` varchar(256) DEFAULT NULL, `token` blob, `authentication_id` varchar(128) NOT NULL, `user_name` varchar(256) DEFAULT NULL, `client_id` varchar(256) DEFAULT NULL, PRIMARY KEY (`authentication_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `oauth_code` ( `code` varchar(256) DEFAULT NULL, `authentication` blob ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `oauth_refresh_token` ( `token_id` varchar(256) DEFAULT NULL, `token` blob, `authentication` blob ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `rbac_role` ( `id` int NOT NULL AUTO_INCREMENT, `name` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `rbac_user` ( `id` int NOT NULL AUTO_INCREMENT, `username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL, `password` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL, `phone` varchar(11) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL, `email` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL, `create_time` datetime NOT NULL, `isactive` smallint DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8mb3; CREATE TABLE IF NOT EXISTS `rbac_user_role` ( `user_id` int NOT NULL, `role_id` int NOT NULL, KEY `user_id_fk` (`user_id`) USING BTREE, KEY `role_id_fk` (`role_id`) USING BTREE, CONSTRAINT `rbac_user_role_ibfk_1` FOREIGN KEY (`role_id`) REFERENCES `rbac_role` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT, CONSTRAINT `rbac_user_role_ibfk_2` FOREIGN KEY (`user_id`) REFERENCES `rbac_user` (`id`) ON DELETE RESTRICT ON UPDATE RESTRICT ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3; INSERT INTO `oauth_client_details` (`client_id`, `resource_ids`, `client_secret`, `scope`, `authorized_grant_types`, `web_server_redirect_uri`, `authorities`, `access_token_validity`, `refresh_token_validity`, `additional_information`, `autoapprove`) VALUES ('client', NULL, '{noop}123456', 'server', 'password,refresh_token', '', 'oauth2', NULL, NULL, NULL, NULL), ('client_01', NULL, '{noop}123456', 'all', 'authorization_code,implicit', '', 'oauth2', NULL, NULL, NULL, NULL); INSERT INTO `rbac_role` (`id`, `name`) VALUES (1, 'USER'); INSERT INTO `rbac_user` (`id`, `username`, `password`, `phone`, `email`, `create_time`, `isactive`) VALUES (1, 'user_1', '{noop}123456', NULL, NULL, '2021-09-08 11:21:43', 0), (2, 'user_2', '{noop}123456', NULL, NULL, '2021-09-08 11:22:21', 1), (3, 'Test', '{noop}123456', NULL, NULL, '2021-09-08 14:15:51', 1); INSERT INTO `rbac_user_role` (`user_id`, `role_id`) VALUES (1, 1), (2, 1), (3, 1);
可见 user_1的 isactive 为 0,用户的密码都是 {noop}123456 的明文方式
sts中导入项目
修改 POM文件
添加引用 javax.xml.bind等等一堆库 是为解决springSecurityFilterChain的编译错误
POM文件
修改配置文件
修改 application.properties 配置文件
server.port=8509 spring.application.name=oauth-service spring.redis.database=0 spring.redis.host=127.0.0.1 spring.redis.port=6379 spring.redis.password= spring.redis.timeout=2000 spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.url=jdbc:mysql://127.0.0.1:3306/oauth2?serverTimezone=GMT%2B8&useSSL=false spring.datasource.username=root spring.datasource.password=
修改主类文件
主类文件夹下建立 config, service 两个文件夹
config下添加两个配置文件(WebSecurityConfig.java,AuthorizationServerConfig.java),service目录下添加Redis缓存Token实现(RedisTokenStoreService)
如果想用bcrypt编码 则所有的数据库端的密码都保存成
{bcrypt}$2a$10$l4Su6LU.w.HIgpHXn31Hc.1VKbkv7.EY.P7VDzJxyImrZEMDW3Hkq
同时修改AuthorizationServerConfig.java 文件
@Autowired private PasswordEncoder passwordEncoder; @Bean public ClientDetailsService clientDetails() { JdbcClientDetailsService jdbcClientDetailsService = new JdbcClientDetailsService(dataSource); jdbcClientDetailsService.setPasswordEncoder(passwordEncoder); return jdbcClientDetailsService; }
编译,运行
测试
可以看到 user_1 是被禁用的
换成 Test用户,则可以获取到Token
查看Redis缓存
源码点击下载
以上就是Spring Cloud oauth2 认证服务搭建过程示例的详细内容,更多关于Spring Cloud oauth2认证服务搭建的资料请关注脚本之家其它相关文章!