如果我需要从数据库读取相应的字段的参数 可如下配置:
package ljxwtl.security.config;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import javax.sql.DataSource;
@Configuration
@RequiredArgsConstructor
@EnableAuthorizationServer
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
private final DataSource dataSource;
private final PasswordEncoder passwordEncoder;
private final ClientDetailsService clientDetailsService;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// clients.inMemory()
// .withClient("admin")
// .secret(passwordEncoder.encode("123456"))
// .redirectUris("https://www.baidu.com")
// .scopes("all")
// .authorizedGrantTypes("authorization_code","password","client_credentials","implicit","refresh_token")
// .autoApprove(true);
clients.withClientDetails(clientDetails());
//第一步:获取授权码
//http://localhost:8082/oauth/authorize?response_type=code&client_id=admin&redirect_uri=https://www.baidu.com&scope=all
//第二步:获取access_token
//http://localhost:8082/oauth/token?client_id=admin&grant_type=authorization_code&code=Srs17d&redirect_uri=https://www.baidu.com
}
@Bean
public ClientDetailsService clientDetails(){
return new JdbcClientDetailsService(dataSource);
}
}
我们可以看到,他自己是有一个默认的字段的表的,里面有相应的查询的方法,所以我们需要建立一个这样的表,sql如下:
-- ---------------------------- -- Table structure for oauth_client_details 将请求的路径存在数据表 -- ---------------------------- DROP TABLE IF EXISTS `oauth_client_details`; CREATE TABLE `oauth_client_details` ( `client_id` varchar(48) NOT NULL, `resource_ids` varchar(256) DEFAULT NULL, `client_secret` varchar(256) DEFAULT NULL, `scope` varchar(256) DEFAULT NULL, `authorized_grant_types` varchar(256) DEFAULT NULL, `web_server_redirect_uri` varchar(256) DEFAULT NULL, `authorities` varchar(256) DEFAULT NULL, `access_token_validity` int(11) DEFAULT NULL, `refresh_token_validity` int(11) DEFAULT NULL, `additional_information` varchar(4096) DEFAULT NULL, `autoapprove` varchar(256) DEFAULT NULL, PRIMARY KEY (`client_id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
//第一步:获取授权码
http://localhost:8082/oauth/authorize?response_type=code&client_id=admin&redirect_uri=https://www.baidu.com&scope=all
//第二步:获取access_token
http://localhost:8082/oauth/token?client_id=admin&grant_type=authorization_code&code=Srs17d&redirect_uri=https://www.baidu.com
2、密码模式
package ljxwtl.security.config;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
import javax.sql.DataSource;
@Configuration
@RequiredArgsConstructor
@EnableAuthorizationServer
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {
private final DataSource dataSource;
private final PasswordEncoder passwordEncoder;
private final ClientDetailsService clientDetailsService;
private final UserDetailsService userDetailsService;
private final AuthenticationManager authenticationManager;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.userDetailsService(userDetailsService)
.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
// clients.inMemory()
// .withClient("admin")
// .secret(passwordEncoder.encode("123456"))
// .redirectUris("https://www.baidu.com")
// .scopes("all")
// .authorizedGrantTypes("authorization_code","password","client_credentials","implicit","refresh_token")
// .autoApprove(true);
clients.withClientDetails(clientDetails());
//第一步:获取授权码
//http://localhost:8082/oauth/authorize?response_type=code&client_id=admin&redirect_uri=https://www.baidu.com&scope=all
//第二步:获取access_token
//http://localhost:8082/oauth/token?client_id=admin&grant_type=authorization_code&code=Srs17d&redirect_uri=https://www.baidu.com
}
@Bean
public ClientDetailsService clientDetails(){
return new JdbcClientDetailsService(dataSource);
}
}
