@override public void configure(clientdetailsserviceconfigurer clients) throws exception { clients.inmemory() .withclient(clientid) .secret(passwordencoder.encode(clientsecret)) .authorizedgranttypes("authorization_code", "refresh_token", "password", "implicit") .scopes("read","write","del","userinfo") .redirecturis(redirecturls); }
@override public void configure(authorizationserversecurityconfigurer oauthserver) throws exception { oauthserver.tokenkeyaccess("permitall()") .checktokenaccess("isauthenticated()") .allowformauthenticationforclients();//支持把secret和clientid写在url上,否则需要在头上 }
authorization ccode------rfrlfy access_token_url http://localhost:8081/oauth/token?client_id=android1&code=rfrlfy&grant_type=authorization_code&redirect_uri=http://localhost:8081/callback&client_secret=android1 access token response ---------{"access_token":"faadf3bf-6488-4036-bc3b-21b0a979602c","token_type":"bearer","refresh_token":"1b01f133-c5ab-419f-8125-088c85916ecb","expires_in":43187,"scope":"read"}
回调页面代码,主要实现了对code的获取,对access_token的组织,然后请求时把access_token带上,这个方法一般会做成公用的过滤器
@controller public class usercontroller { @requestmapping(value = "/callback", method = requestmethod.get) public responseentity<string> callback(@requestparam("code") string code) throws jsonprocessingexception, ioexception { responseentity<string> response = null; system.out.println("authorization ccode------" + code); resttemplate resttemplate = new resttemplate(); string access_token_url = "http://localhost:8081/oauth/token"; access_token_url += "?client_id=android1&code=" + code; access_token_url += "&grant_type=authorization_code"; access_token_url += "&redirect_uri=http://localhost:8081/callback"; access_token_url += "&client_secret=android1"; system.out.println("access_token_url " + access_token_url); response = resttemplate.exchange(access_token_url, httpmethod.post, null, string.class); objectmapper mapper = new objectmapper(); jsonnode node = mapper.readtree(response.getbody()); string token = node.path("access_token").astext(); system.out.println("access_token" +access_token);
string url = "http://localhost:8081/index"; httpheaders headers1 = new httpheaders(); headers1.add("authorization", "bearer " + token); httpentity<string> entity = new httpentity<>(headers1); responseentity<string> result = resttemplate.exchange(url, httpmethod.get, entity, string.class); return result; }
如对本文有疑问, 点击进行留言回复!!
详解SpringBoot修改启动端口server.port的四种方式
网友评论