springsecurity授权码模式

1、引入依赖


            org.springframework.cloud
            spring-cloud-starter-oauth2
        
        
            org.springframework.cloud
            spring-cloud-starter-security
        
        
            org.springframework.boot
            spring-boot-starter-web

2、设置加密模式,新建SecurityConfig类

/**
 * security配置
 *
 * @Author: wujun
 * @Date: 2022/3/30 14:34
 */
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    /**
     * 设置加密方式
     *
     * @return
     */
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        // 关闭csrf
        http.csrf().disable();
        http.authorizeRequests()
                // 放行令牌接口
                .antMatchers("/oauth/**", "/login/**", "logout")
                .permitAll()
                // 剩余接口需要认证
                .anyRequest().authenticated()
                .and()
                // 表单登录放行
                .formLogin().permitAll();

    }
}

3、自定义用户

/**
 * @Author: wujun
 * @Date: 2022/3/30 14:44
 */
@Service
public class UserService implements UserDetailsService {

    @Resource
    private PasswordEncoder passwordEncoder;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        String encode = passwordEncoder.encode("123456");
        return new User("wujun", encode, AuthorityUtils.commaSeparatedStringToAuthorityList("admin"));
    }
}

4、配置授权服务器

/**
 * 授权服务器配置
 *
 * @Author: wujun
 * @Date: 2022/3/30 14:39
 */
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Resource
    private PasswordEncoder passwordEncoder;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("gusulab")
                .secret(passwordEncoder.encode("112233"))
                .scopes("all")
                // 跳转成功地址
                .redirectUris("http://www.baidu.com")
                .authorizedGrantTypes("authorization_code");
    }
}

5、资源服务器设置

/**
 * 资源服务器配置
 *
 * @Author: wujun
 * @Date: 2022/3/30 14:41
 */
@Configuration
@EnableResourceServer
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests().anyRequest().authenticated()
                .and()
                .requestMatchers().antMatchers("/user/**");
    }
}

6、用户接口

/**
 * @Author: wujun
 * @Date: 2022/3/30 14:45
 */
@RestController
@RequestMapping("/user")
public class UserController {

    @GetMapping("/getCurrentUser")
    public Object getCurrentUser(Authentication authentication) {
        return authentication.getPrincipal();
    }
}

7、测试

获取授权码http://127.0.0.1:8081/oauth/authorize?response_type=code&client_id=gusulab&redirect_uri=http://www.baidu.com&scope=all
自动跳转到登录页面，输入用户名密码，跳转到设置的redirect_uri，并且后面跟着code

1648627817(1).png

获取token

1648627895(1).png

1648627917(1).png

测试接口

1648627958(1).png

springsecurity授权码模式

你可能感兴趣的:(springsecurity授权码模式)