The framework uses Springboot + Spring security Oauth2 +postman

Source: Internet
Author: User
Tags oauth redis

Framework using Springboot + Spring security Oauth2
Mainly completes the client authorization
can be validated by reading the current client table information from the MySQL database, token stored in the database 1. Introducing Dependencies

OAUTH2 relies on spring security, which requires the introduction of spring, Mysql,redis, MyBatis

<dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency > <groupId>org.springframework.security.oauth</groupId> <artifactid>spring-se curity-oauth2</artifactid> </dependency> <dependency> &LT;GROUPID&GT;ORG.SPR Ingframework.boot</groupid> <artifactId>spring-boot-starter-web</artifactId> </de Pendency> <dependency> <groupId>org.springframework.boot</groupId> &
            Lt;artifactid>spring-boot-starter-data-redis</artifactid> </dependency> <dependency> <groupId>org.springframework.boot</groupId> &LT;ARTIFACTID&GT;SPRING-BOOT-STARTER-ACTU
Ator</artifactid>        </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>1.3.0</version
            > </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> </dependency> </dependencies>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 2. configuration file
Server:
  port:8081

Spring:
  DataSource:
    url:jdbc:mysql://127.0.0.1:3306/oauth2?useunicode=true &characterencoding=utf-8&usessl=false
    username:root
    password:123456
    driver-class-name: Com.mysql.jdbc.Driver
  Redis:
    host:127.0.0.1
    database:0

mybatis:
  mapper-locations:mapper /*.xml security

:
  oauth2:
    resource:
      filter-order:3
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20-21 3. Configure

About OAUTH2 protocol content and authorization process view other posts

3 classes are used primarily to configure the Authorizationserverconfiguration authorization authentication configuration
Inherit Authorizationserverconfigureradapter, configure information about the authorization, the core of the configuration is here
Configure the client here, configure the token storage mode, etc.

Package Oauth.security.client.configauto;
Import Org.apache.tomcat.jdbc.pool.DataSource;
Import org.springframework.beans.factory.annotation.Autowired;
Import Org.springframework.context.annotation.Bean;
Import org.springframework.context.annotation.Configuration;
Import Org.springframework.data.redis.connection.RedisConnectionFactory;
Import Org.springframework.security.authentication.AuthenticationManager;
Import Org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; Import
Org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
Import Org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; Import
Org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; Import

Org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; Import Org.springframewoRk.security.oauth2.provider.token.TokenStore;
Import Org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
Import Org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

Import Oauth.security.client.configauto.jdbcdetail.MyJdbcTokenStore; @Configuration @EnableAuthorizationServer public class Authorizationserverconfiguration extends

    Authorizationserverconfigureradapter {private static final String demo_resource_id = "*";

    @Autowired AuthenticationManager AuthenticationManager;

    @Autowired redisconnectionfactory redisconnectionfactory;

    @Autowired private DataSource DataSource; 
    Initialize Jdbctokenstore @Autowired public tokenstore Gettokenstore () {return new Jdbctokenstore (DataSource); //Custom Database store Tokenstore @Autowired public Tokenstore Getmytokenstore () {return new Myjdbctokens
    Tore (DataSource);
       @Autowired private Tokenstore Getredistokenstore () { return new Redistokenstore (redisconnectionfactory); @Bean//Declaration Applyclientdetailservice Public Applyclientdetailservice Getclientdetails () {return new A
    Pplyclientdetailservice (); @Override public void Configure (Clientdetailsserviceconfigurer clients) throws Exception {//config client, for
Client Authentication Clients.withclientdetails (Getclientdetails ()); ////Use existing in-memory configuration Clients.inmemory (). Withclient ("Client_1"). Resourceids (demo_resource_i
                D). Authorizedgranttypes ("Client_credentials", "Refresh_token"). Scopes ("all") . Authorities ("Client"). Secret ("123456"); */} @Override public void Configure (Authorizat Ionserverendpointsconfigurer endpoints) throws Exception {Endpoints.tokenstore (new Redistokenstore (redisconnectio   nfactory)). AuthenticationManager (AuthenticationManager); Redis Save Token/* Endpoints.tokenstore (Gettokenstore ())//Database Save token. AuthenticationManager (AuthenticationManager);/} @Override public void Configure (Authorizationserversecurityconfigurer oauthserver) throws Exception {//Allow form authentication Oaut
    Hserver.allowformauthenticationforclients ();
 }

}
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26-27--28 29---30 31--32 33 34 35 36 37 38-39 40 41 42 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 5 86

In the configuration client, the Applyclientdetailservice class is used to customize a class that obtains the client, inheriting the Clientdetailsservice

Access to the client depends mainly on the implementation of the Jdbcclientdetailsservice class, must use the official database structure, if you want to customize the database structure, you can rewrite the implementation of the Jdbcclientdetailsservice class according to the requirements.

Package Oauth.security.client.configauto;

Import Org.apache.tomcat.jdbc.pool.DataSource;
Import org.springframework.beans.factory.annotation.Autowired;
Import Org.springframework

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.