spring-security-oauth2认证服务和资源服务示例
该项目是基于spring-security-oauth2实现的demo 包含了认证服务和资源服务示例,由于用户认证采用了jdbc的方式,所以要先导入oauth2.sql文件 主要参考了官方文档得以实现,为了方便自己学习和供他人参考,特记录于此,项目中难免有写得不当之处,若有疑问,可发送邮箱[email protected]共同交流
第一步: 请求http://localhost:8080/oauth/authorize?client_id=testclient&response_type=code&redirect_uri=https://www.baidu.com获取code 第二步: https://www.baidu.com/?code=Z0HXTU 第三步: 通过code获取access_token http://localhost:8080/oauth/token?grant_type=authorization_code&code=Z0HXTU&client_id=testclient&client_secret=testsecret&redirect_uri=https://www.baidu.com
http://testclient:testsecret@localhost:8080/oauth/token?grant_type=refresh_token&refresh_token=e9f25584-5c6e-4dc8-9903-bb5657815ea0 需要在AuthorizationServerEndpointsConfigurer中注入UserDetailsService
http://testclient:testsecret@localhost:8080/oauth/token?grant_type=client_credentials
http://localhost:8080/oauth/token?username=user1&password=123456&grant_type=password&scope=read&client_id=testclient&client_secret=testsecret 需要重写WebSecurityConfigurerAdapter类中authenticationManagerBean方法
要实现密码模式,须重写WebSecurityConfigurerAdapter类中authenticationManagerBean方法
在认证服务和资源服务示例的基础上,添加了客户端集成示例。
更新表数据
UPDATE `oauth2`.`oauth_client_details` SET `resource_ids` = NULL, `client_secret` = 'testsecret', `scope` = 'read,write', `authorized_grant_types` = 'authorization_code,refresh_token,implicit,client_credentials,password', `web_server_redirect_uri` = 'https://www.baidu.com,http://localhost:8082,http://localhost:8082/login/oauth2/code/test1,http://localhost:8082/login/oauth2/code/r1', `authorities` = 'ROLE_USER', `access_token_validity` = NULL, `refresh_token_validity` = NULL, `additional_information` = NULL, `autoapprove` = '0' WHERE `client_id` = Cast('testclient' AS Binary(10));
UPDATE `oauth2`.`oauth_client_details` SET `resource_ids` = NULL, `client_secret` = 'testsecret1', `scope` = 'read,write', `authorized_grant_types` = 'authorization_code,refresh_token,implicit,client_credentials,password', `web_server_redirect_uri` = 'https://www.baidu.com,http://localhost:8082,http://localhost:8082/login/oauth2/code/test2,http://localhost:8082/login/oauth2/code/r2', `authorities` = '', `access_token_validity` = NULL, `refresh_token_validity` = NULL, `additional_information` = NULL, `autoapprove` = '0' WHERE `client_id` = Cast('testclient1' AS Binary(11));