1.这种方式配置之后,并没有生效
package com.enterprise.auth.config;
import com.enterprise.auth.handler.OAuthServerWebResponseExceptionTranslator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import org.springframework.security.oauth2.provider.token.*;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import javax.annotation.Resource;
import javax.sql.DataSource;
import java.util.ArrayList;
import java.util.List;
@Configuration
@EnableAuthorizationServer // 标识为认证服务器
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Bean // 客户端使用jdbc管理
public ClientDetailsService jdbcClientDetailsService() {
return new JdbcClientDetailsService(dataSource);
}
/**
* 配置被允许访问认证服务的客户端信息:数据库方式管理客户端信息
* @param clients
* @throws Exception
*/
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.withClientDetails( jdbcClientDetailsService() );
}
@Autowired // 在SpringSecurityConfig中已经添加到容器中了
private AuthenticationManager authenticationManager;
@Autowired
private UserDetailsService userDetailsService;
@Resource
private TokenStore tokenStore;
@Resource
private JwtAccessTokenConverter jwtAccessTokenConverter;
@Resource // 注入增强器
private TokenEnhancer jwtTokenEnhancer;
/**
* 关于认证服务器端点配置
* @param endpoints
* @throws Exception
*/
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
// 密码模块必须使用这个authenticationManager实例
endpoints.authenticationManager(authenticationManager);
// 刷新令牌需要 使用userDetailsService
endpoints.userDetailsService(userDetailsService);
// 令牌管理方式
endpoints.tokenStore(tokenStore).accessTokenConverter(jwtAccessTokenConverter);
// 异常转换器
endpoints.exceptionTranslator(new OAuthServerWebResponseExceptionTranslator());
// 添加增强器
TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
// 组合 增强器和jwt转换器
List<TokenEnhancer> enhancerList = new ArrayList<>();
enhancerList.add(jwtTokenEnhancer);
enhancerList.add(jwtAccessTokenConverter);
enhancerChain.setTokenEnhancers(enhancerList);
// 将认证信息的增强器添加到端点上
endpoints.tokenEnhancer(enhancerChain)
.accessTokenConverter(jwtAccessTokenConverter);
/*// 配置TokenService参数,设置token默认过期时间
DefaultTokenServices tokenService = new DefaultTokenServices();
tokenService.setTokenStore(endpoints.getTokenStore());
tokenService.setSupportRefreshToken(true);
tokenService.setClientDetailsService(endpoints.getClientDetailsService());
tokenService.setTokenEnhancer(endpoints.getTokenEnhancer());
// token默认过期时间
tokenService.setAccessTokenValiditySeconds(7200);
// refresh_token默认过期时间
tokenService.setRefreshTokenValiditySeconds(86400);
// 该字段设置设置refresh token是否重复使用,true:reuse;false:no reuse.
tokenService.setReuseRefreshToken(false);
endpoints.tokenServices(tokenService);*/
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
// /oauth/check_token 解析令牌,默认情况 下拒绝访问
security.checkTokenAccess("permitAll()");
}
}
2.第二种方法时改数据库的配置,测试配置有效
![[react基础]关于v6版本route的变化,以及常见应用模式](https://img-blog.csdnimg.cn/00e17e7a3c134d09aa5dcae6f96209bf.png)
