本人在工作中需要构建这么一个后台框架,基于springboot,登录时认证使用自定义authenticationmanager;同时支持oauth2访问指定api接口,认证时的authenticationmanager和登录规则不同。在研究了源码的基础上参考很多文章,目前基本得以解决。
我要评论
@configuration
public class oauth2configuration {
@springbootapplication
@restcontroller
@enableresourceserver
@configuration
@enableauthorizationserver
protected static class authorizationserverconfiguration extends authorizationserverconfigureradapter implements environmentaware {
private static final string env_oauth = "authentication.oauth.";
private static final string prop_clientid = "clientid";
private static final string prop_secret = "secret";
private static final string prop_token_validity_seconds = "tokenvalidityinseconds";
private relaxedpropertyresolver propertyresolver;
@autowired
private datasource datasource;
@bean
public tokenstore tokenstore() {
return new jdbctokenstore(datasource);
}
// @autowired
// @qualifier("authenticationmanagerbean")
// private authenticationmanager authenticationmanager;
@autowired
@qualifier("daoauhthenticationoauthprovider")
private authenticationprovider daoauhthenticationoauthprovider;
@override
public void configure(authorizationserverendpointsconfigurer endpoints)
throws exception {
// @formatter:off
endpoints
.tokenstore(tokenstore())
.authenticationmanager(new authenticationmanager(){
@override
public authentication authenticate(authentication authentication) throws authenticationexception {
// todo auto-generated method stub
return daoauhthenticationoauthprovider.authenticate(authentication);
}
});
// @formatter:on
}
@override
public void configure(clientdetailsserviceconfigurer clients) throws exception {
clients
.inmemory()
.withclient(propertyresolver.getproperty(prop_clientid))
.scopes("read", "write")
.authorities(authorities.role_channel.name())
.authorizedgranttypes("password", "refresh_token")
.secret(propertyresolver.getproperty(prop_secret))
.accesstokenvalidityseconds(propertyresolver.getproperty(prop_token_validity_seconds, integer.class, 1800));
}
@override
public void setenvironment(environment environment) {
this.propertyresolver = new relaxedpropertyresolver(environment, env_oauth);
}
@configuration
@enableresourceserver
protected static class resourceserverconfiguration extends resourceserverconfigureradapter {
@override
public void configure(httpsecurity http) throws exception {
http
.antmatcher("/api/dev/**")
.authorizerequests()
.anyrequest()
.hasrole("develepor")
.and()
.antmatcher("/api/channel/**")
.authorizerequests()
.anyrequest()
.hasrole("channel");
}
}
}
}
以上是oauth2的主要配置,securityconfiguration的配置就不贴了,大家可以去github上找资料,下面是如何自定一个daoauhthenticationprovider。
@bean(name="daoauhthenticationprovider")
public authenticationprovider daoauhthenticationprovider() {
daoauthenticationprovider daoauthenticationprovider = new daoauthenticationprovider();
daoauthenticationprovider.setuserdetailsservice(userdetailsservice);
daoauthenticationprovider.sethideusernotfoundexceptions(false);
daoauthenticationprovider.setpasswordencoder(passwordencoder);
return daoauthenticationprovider;
}
@bean(name="daoauhthenticationoauthprovider")
public authenticationprovider daoauhthenticationoauthprovider() {
daoauthenticationprovider daoauthenticationprovider = new daoauthenticationprovider();
daoauthenticationprovider.setuserdetailsservice(userdetailsoauthservice);
daoauthenticationprovider.sethideusernotfoundexceptions(false);
daoauthenticationprovider.setpasswordencoder(passwordencoder);
return daoauthenticationprovider;
}
@override
public void configure(authenticationmanagerbuilder auth) throws exception {
auth.authenticationprovider(daoauhthenticationprovider());
// auth.authenticationprovider(daoauhthenticationprovider1());
}
@bean
@override
public authenticationmanager authenticationmanagerbean() throws exception {
return super.authenticationmanagerbean();
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持移动技术网。
如对本文有疑问, 点击进行留言回复!!
![[JVM学习之路]一、初识JVM,了解其结构、模型及生命周期](http://www.lhsxpumps.com/_images5/10qianwan/20200726/s_0_202007261744394527.png)
[JVM学习之路]一、初识JVM,了解其结构、模型及生命周期
【JAVA并发编程】LinkedBlockingQueue原理
网友评论