The framework uses Springboot + Spring security Oauth2 +postman

Last Update:2018-08-19 Source: Internet

Author: User

Tags oauth redis

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Framework using Springboot + Spring security Oauth2
Mainly completes the client authorization
can be validated by reading the current client table information from the MySQL database, token stored in the database 1. Introducing Dependencies

OAUTH2 relies on spring security, which requires the introduction of spring, Mysql,redis, MyBatis

<dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency > <groupId>org.springframework.security.oauth</groupId> <artifactid>spring-se curity-oauth2</artifactid> </dependency> <dependency> &LT;GROUPID&GT;ORG.SPR Ingframework.boot</groupid> <artifactId>spring-boot-starter-web</artifactId> </de Pendency> <dependency> <groupId>org.springframework.boot</groupId> &
            Lt;artifactid>spring-boot-starter-data-redis</artifactid> </dependency> <dependency> <groupId>org.springframework.boot</groupId> &LT;ARTIFACTID&GT;SPRING-BOOT-STARTER-ACTU
Ator</artifactid>        </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>1.3.0</version
            > </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> </dependency> </dependencies>

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 2. configuration file

Server:
  port:8081

Spring:
  DataSource:
    url:jdbc:mysql://127.0.0.1:3306/oauth2?useunicode=true &characterencoding=utf-8&usessl=false
    username:root
    password:123456
    driver-class-name: Com.mysql.jdbc.Driver
  Redis:
    host:127.0.0.1
    database:0

mybatis:
  mapper-locations:mapper /*.xml security

:
  oauth2:
    resource:
      filter-order:3

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20-21 3. Configure

About OAUTH2 protocol content and authorization process view other posts

3 classes are used primarily to configure the Authorizationserverconfiguration authorization authentication configuration
Inherit Authorizationserverconfigureradapter, configure information about the authorization, the core of the configuration is here
Configure the client here, configure the token storage mode, etc.

Package Oauth.security.client.configauto;
Import Org.apache.tomcat.jdbc.pool.DataSource;
Import org.springframework.beans.factory.annotation.Autowired;
Import Org.springframework.context.annotation.Bean;
Import org.springframework.context.annotation.Configuration;
Import Org.springframework.data.redis.connection.RedisConnectionFactory;
Import Org.springframework.security.authentication.AuthenticationManager;
Import Org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; Import
Org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
Import Org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; Import
Org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; Import

Org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; Import Org.springframewoRk.security.oauth2.provider.token.TokenStore;
Import Org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
Import Org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

Import Oauth.security.client.configauto.jdbcdetail.MyJdbcTokenStore; @Configuration @EnableAuthorizationServer public class Authorizationserverconfiguration extends

    Authorizationserverconfigureradapter {private static final String demo_resource_id = "*";

    @Autowired AuthenticationManager AuthenticationManager;

    @Autowired redisconnectionfactory redisconnectionfactory;

    @Autowired private DataSource DataSource; 
    Initialize Jdbctokenstore @Autowired public tokenstore Gettokenstore () {return new Jdbctokenstore (DataSource); //Custom Database store Tokenstore @Autowired public Tokenstore Getmytokenstore () {return new Myjdbctokens
    Tore (DataSource);
       @Autowired private Tokenstore Getredistokenstore () { return new Redistokenstore (redisconnectionfactory); @Bean//Declaration Applyclientdetailservice Public Applyclientdetailservice Getclientdetails () {return new A
    Pplyclientdetailservice (); @Override public void Configure (Clientdetailsserviceconfigurer clients) throws Exception {//config client, for
Client Authentication Clients.withclientdetails (Getclientdetails ()); ////Use existing in-memory configuration Clients.inmemory (). Withclient ("Client_1"). Resourceids (demo_resource_i
                D). Authorizedgranttypes ("Client_credentials", "Refresh_token"). Scopes ("all") . Authorities ("Client"). Secret ("123456"); */} @Override public void Configure (Authorizat Ionserverendpointsconfigurer endpoints) throws Exception {Endpoints.tokenstore (new Redistokenstore (redisconnectio   nfactory)). AuthenticationManager (AuthenticationManager); Redis Save Token/* Endpoints.tokenstore (Gettokenstore ())//Database Save token. AuthenticationManager (AuthenticationManager);/} @Override public void Configure (Authorizationserversecurityconfigurer oauthserver) throws Exception {//Allow form authentication Oaut
    Hserver.allowformauthenticationforclients ();
 }

}

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26-27--28 29---30 31--32 33 34 35 36 37 38-39 40 41 42 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 5 86

In the configuration client, the Applyclientdetailservice class is used to customize a class that obtains the client, inheriting the Clientdetailsservice

Access to the client depends mainly on the implementation of the Jdbcclientdetailsservice class, must use the official database structure, if you want to customize the database structure, you can rewrite the implementation of the Jdbcclientdetailsservice class according to the requirements.

Package Oauth.security.client.configauto;

Import Org.apache.tomcat.jdbc.pool.DataSource;
Import org.springframework.beans.factory.annotation.Autowired;
Import Org.springframework

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More