- 1.环境准备
- 1.1 系统需求分析
- 2.搭建流程
- 2.1 父工程搭建
- 2.2 注册中心搭建
- 3.1 网关服务搭建
- 源码链接
| 工具 | 版本 |
|---|---|
| spring boot | 2.0.2.RELEASE |
| spring cloud | 2.1以上版本 |
| jdk | 1.8 |
| mybatis-plus | 3.2.0 |
注意:springboot和springCloud版本需对应,springboot版本不能比springcloud版本高,否则启动会失败且会报错。
1.1 系统需求分析 2.搭建流程 2.1 父工程搭建
pom文件
2.2 注册中心搭建4.0.0 com.immortal.oauth springCloudOauth21.0-SNAPSHOT distributed_security_uaa distributed_security_order distributed_security_discovery distributed_security_gateway pom org.springframework.boot spring-boot-starter-parent2.0.2.RELEASE 1.8 4.0.1 2.3.28 1.2.47 3.2.0 3.2.0 1.7 4.1.6 2.9.2 1.5.21 2.9.2 org.springframework.cloud spring-cloud-dependenciesFinchley.RELEASE pom import javax.servlet javax.servlet-api${servlet.version} provided javax.interceptor javax.interceptor-api1.2 com.alibaba fastjson1.2.47 org.projectlombok lombok1.18.0 mysql mysql-connector-javaruntime org.springframework.security spring-security-jwt1.0.10.RELEASE org.springframework.security.oauth.boot spring-security-oauth2-autoconfigure2.1.3.RELEASE ${project.name} src/main/resources true ***.xml org.springframework.boot spring-boot-maven-pluginorg.projectlombok lombokorg.apache.maven.plugins maven-compiler-plugin3.8.1 org.apache.maven.plugins maven-resources-plugin3.2.0 utf‐8 true
注册中心是注册、发现以及管理服务的,只需一个配置文件和启动类。
模块包结构:
pom文件:
springCloudOauth2 com.immortal.oauth 1.0-SNAPSHOT 4.0.0 distributed‐security‐discoveryorg.springframework.cloud spring-cloud-starter-netflix-eureka-server2.1.2.RELEASE org.springframework.boot spring-boot-starter-actuator2.2.1.RELEASE
配置文件application.yml:
spring:
application:
name: distributed-discovery
server:
port: 53000
eureka:
server:
enable-self-preservation: false
eviction‐interval‐timer‐in‐ms: 10000
shouldUseReadOnlyResponseCache: true
client:
register-with-eureka: false
fetch-registry: false
instance-info-replication-interval-seconds: 10
service-url:
defaultZone: http://localhost:${server.port}/eureka/
启动类:
@SpringBootApplication
@EnableEurekaServer
public class DiscoveryServer {
public static void main(String[] args) {
SpringApplication.run(DiscoveryServer.class, args);
}
}
3.1 网关服务搭建
模块包结构:
pom文件:
springCloudOauth2 com.immortal.oauth 1.0-SNAPSHOT 4.0.0 distributed‐security‐gatewayUTF-8 1.8 4.0.1 2.3.28 1.2.47 3.2.0 3.2.0 1.7 4.1.6 2.9.2 1.5.21 2.9.2 org.springframework.cloud spring-cloud-starter-netflix-eureka-client2.1.2.RELEASE org.springframework.cloud spring-cloud-starter-netflix-ribbon2.0.1.RELEASE org.springframework.cloud spring-cloud-starter-netflix-hystrix2.0.0.RELEASE org.springframework.cloud spring-cloud-starter-openfeign2.0.2.RELEASE org.springframework.cloud spring-cloud-starter-netflix-zuul2.1.2.RELEASE javax.servlet javax.servlet-api${servlet.version} provided javax.servlet jstlorg.freemarker freemarker${freemarker.version} com.netflix.hystrix hystrix-javanica1.4.7 org.springframework.retry spring-retry1.2.4.RELEASE org.springframework.boot spring-boot-starter-actuator2.1.3.RELEASE org.springframework.boot spring-boot-starter-web2.0.2.RELEASE org.springframework.boot spring-boot-starter-freemarker2.0.3.RELEASE org.springframework.data spring-data-commons2.1.1.RELEASE org.springframework.cloud spring-cloud-starter-security2.0.0.RELEASE org.springframework.cloud spring-cloud-starter-oauth22.1.2.RELEASE org.springframework.security spring-security-jwt1.0.10.RELEASE javax.interceptor javax.interceptor-api1.2 com.alibaba fastjsonorg.projectlombok lombokio.springfox springfox-swagger2${springfox-swagger2.version} io.swagger swagger-annotationsio.swagger swagger-annotations${swagger-annotations.version} io.springfox springfox-swagger-ui${springfox-swagger-ui.version}
配置文件application.properties:
spring.application.name=gateway-server
server.port=53010
spring.main.allow-bean-definition-overriding = true
logging.level.root = info
logging.level.org.springframework = info
zuul.retryable = true
zuul.ignoredServices = *
zuul.add-host-header = true
zuul.sensitiveHeaders = *
zuul.routes.uaa‐service.stripPrefix = false
zuul.routes.uaa‐service.path = /uaa/**
zuul.routes.uaa‐service.service-id=uaa‐service
zuul.routes.order-service.stripPrefix = false
zuul.routes.order‐service.path = /order/**
zuul.routes.order‐service.service-id=order‐service
eureka.client.serviceUrl.defaultZone = http://localhost:53000/eureka/
eureka.instance.preferIpAddress = true
eureka.instance.instance-id = ${spring.application.name}:${spring.cloud.client.ip-address}:${spring.application.instance_id:${server.port}}
management.endpoints.web.exposure.include = refresh,health,info,env
feign.hystrix.enabled = true
feign.compression.request.enabled = true
feign.compression.request.mime-types[0] = text/xml
feign.compression.request.mime-types[1] = application/xml
feign.compression.request.mime-types[2] = application/json
feign.compression.request.min-request-size = 2048
feign.compression.response.enabled = true
资源服务配置ResouceServerConfig
package com.immortal.oauth.gateway.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
@Configuration
public class ResouceServerConfig {
public static final String RESOURCE_ID = "res1";
@Configuration
@EnableResourceServer
public class UAAServerConfig extends ResourceServerConfigurerAdapter {
@Autowired
private TokenStore tokenStore;
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources.tokenStore(tokenStore)
.resourceId(RESOURCE_ID)
.stateless(true);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/uaa/**").permitAll();
}
}
@Configuration
@EnableResourceServer
public class OrderServerConfig extends ResourceServerConfigurerAdapter{
@Autowired
private TokenStore tokenStore;
@Override
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
resources.tokenStore(tokenStore)
.resourceId(RESOURCE_ID)
.stateless(true);
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/order/**").access("#oauth2.hasScope('ROLE_API')");
}
}
}
源码链接
后续源码可移驾至以下链接获取
gitee链接地址:https://gitee.com/immortal90/spring-colud-oauth2.git
