com.alibaba.cloud
spring-cloud-starter-alibaba-nacos-discovery
org.springframework.cloud
spring-cloud-starter-oauth2
2.增加一个配置文件
spring:
application:
name: authorization-server
cloud:
nacos:
discovery:
server-addr: nacos-server:8848
server:
port: 9999
3.创建启动类
@SpringBootApplication
public class AuthorizationApplication {
public static void main(String[] args) {
SpringApplication.run(AuthorizationApplication.class, args);
}
}
4.增加配置类
4.1 授权服务器的配置
package com.bjsxt.config;
@EnableAuthorizationServer//开启授权服务功能
@Configuration
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private UserDetailsService userDetailsService;
@Override
//输入config会自动弹出来configure的方法,这里注意要选择的是参数是client的
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("coin-api")//第三方客户端的名称
.secret(passwordEncoder.encode("coin-secret"))//第三方客户端的密钥
.scopes("all")//第三方客户端的授权范围
.accessTokenValiditySeconds(3600)//token的有效期
.refreshTokenValiditySeconds(7*3600);//redresh_token的有效期
super.configure(clients);
}
@Override
//同样这里的configure方法也要注意选择的是endpoint
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService);
super.configure(endpoints);
}
}
4.2 web安全的配置
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable(); // 关闭scrf
http.authorizeRequests().anyRequest().authenticated();
//注意这里删除了super类,防止服务启动的时候冲突报错,
}
@Bean
public UserDetailsService userDetailsService() {
//InMemoryUserDetailsManager是Spring Security Config提供的一个安全配置器
//安全构建器提供的是一个基于内存存储用户账号详情的用户账号详情管理对象
//主要应用于开发调试环境,其设计目的主要是测试和功能演示,一般不在生产环境中使用。
InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
//注意这里导入的user的包是org.springframework.security.core.userdetails.User;
User user = new User("admin", "123456", Arrays.asList(new SimpleGrantedAuthority("ROLE_ADMIN"))) ;
inMemoryUserDetailsManager.createUser(user);
return inMemoryUserDetailsManager;
}
@Bean
public PasswordEncoder passwordEncoder() {
//注意这个不加密的方法已经废弃掉了,我们这里仅仅用来测试
return NoOpPasswordEncoder.getInstance();
}
}
5.利用postman工具进行测试
5.1 postman下载安装
若本机已经安装postman,则此步骤忽略
下载地址postman
傻瓜式安装
