blame | 历史 | 原始文档
leutu
2024-06-03 3ef35e6cd16bbfa206b26bb3271eac40ad020bcb 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119

package com.fastbee.iot.oauth;


 


 


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.context.annotation.Bean;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.core.userdetails.UserDetailsService;


import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;


import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;


import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;


import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;


import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;


import org.springframework.security.oauth2.provider.OAuth2RequestFactory;


import org.springframework.security.oauth2.provider.approval.ApprovalStore;


import org.springframework.security.oauth2.provider.approval.JdbcApprovalStore;


import org.springframework.security.oauth2.provider.approval.UserApprovalHandler;


import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;


import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;


import org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint;


import org.springframework.security.oauth2.provider.request.DefaultOAuth2RequestFactory;


import org.springframework.security.oauth2.provider.token.TokenStore;


import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;


 


import javax.sql.DataSource;


 


/**


 * 授权服务器配置,配置客户端id,密钥和令牌的过期时间


 */


@Configuration


@EnableAuthorizationServer


public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {


    @Autowired


    private DataSource dataSource;


 


    @Autowired


    private AuthenticationManager authenticationManager;


 


    @Autowired


    private UserDetailsService userDetailsService;


 


    /**


     * 用来配置令牌端点(Token Endpoint)的安全约束


     * @param security


     * @throws Exception


     */


    @Override


    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {


        security.allowFormAuthenticationForClients()


                .authenticationEntryPoint(new OAuth2AuthenticationEntryPoint());


    }


 


    /**


     * 用来配置客户端详情服务


     * @param clients


     * @throws Exception


     */


    @Override


    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {


 


        clients.withClientDetails(getClientDetailsService());


    }


 


    /**


     * 用来配置授权(authorization)以及令牌(token)的访问端点和令牌服务(token services)。


     * @param endpoints


     * @throws Exception


     */


    @Override


    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {


        // 查询用户、授权、分组,可以被重写


        endpoints.userDetailsService(userDetailsService)


                // 审批客户端的授权


                .userApprovalHandler(userApprovalHandler())


                // 授权审批


                .approvalStore(approvalStore())


                // 获取授权码


                .authorizationCodeServices(new JdbcAuthorizationCodeServices(dataSource))


                // 验证token


                .authenticationManager(authenticationManager)


                // 查询、保存、刷新token


                .tokenStore(this.getJdbcTokenStore());


    }


 


    @Bean


    public ApprovalStore approvalStore() {


        return new JdbcApprovalStore(dataSource);


    }


 


    @Bean


    public UserApprovalHandler userApprovalHandler() {


        return new SpeakerApprovalHandler(getClientDetailsService(), approvalStore(), oAuth2RequestFactory());


    }


 


    @Bean


    public JdbcClientDetailsService getClientDetailsService() {


        JdbcClientDetailsService jdbcClientDetailsService = new JdbcClientDetailsService(dataSource);


        jdbcClientDetailsService.setPasswordEncoder(passwordEncoder());


        return jdbcClientDetailsService;


    }


 


    @Bean


    public OAuth2RequestFactory oAuth2RequestFactory() {


        return new DefaultOAuth2RequestFactory(getClientDetailsService());


    }


    @Bean


    public TokenStore getJdbcTokenStore(){


        TokenStore tokenStore = new JdbcTokenStore(dataSource);


        return tokenStore;


    }


 


 


 


    public BCryptPasswordEncoder passwordEncoder(){


        return new BCryptPasswordEncoder();


    }


 


}