⒈添加pom依赖
1 <dependency> 2 <groupId>org.springframework.boot</groupId> 3 <artifactId>spring-boot-starter-security</artifactId> 4 </dependency> 5 <dependency> 6 <groupId>org.springframework.boot</groupId> 7 <artifactId>spring-boot-starter-web</artifactId> 8 </dependency> 9 <dependency> 10 <groupId>org.springframework.security.oauth</groupId> 11 <artifactId>spring-security-oauth2</artifactId> 12 <version>2.3.5.RELEASE</version> 13 </dependency> 14 <dependency> 15 <groupId>org.springframework.boot</groupId> 16 <artifactId>spring-boot-starter-test</artifactId> 17 <scope>test</scope> 18 </dependency> 19 <dependency> 20 <groupId>org.springframework.security</groupId> 21 <artifactId>spring-security-test</artifactId> 22 <scope>test</scope> 23 </dependency>
⒉配置SpringSecurity
1 package cn.coreqi.config; 2 3 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 4 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 5 6 @EnableWebSecurity 7 public class CoreqiWebSecurityConfig extends WebSecurityConfigurerAdapter { 8 }
⒊配置OAuth
1 package cn.coreqi.config; 2 3 import org.springframework.context.annotation.Configuration; 4 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; 5 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer; 6 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; 7 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; 8 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; 9 10 @Configuration 11 @EnableAuthorizationServer //开启认证服务器 12 public class CoreqiAuthorizationServerConfig implements AuthorizationServerConfigurer { 13 14 @Override 15 public void configure(AuthorizationServerSecurityConfigurer authorizationServerSecurityConfigurer) throws Exception { 16 17 } 18 19 @Override 20 public void configure(ClientDetailsServiceConfigurer clientDetailsServiceConfigurer) throws Exception { 21 clientDetailsServiceConfigurer.inMemory() 22 .withClient("coreqi") 23 .secret("coreqiSecret") 24 .redirectUris("https://www.baidu.com") 25 .scopes("ALL") 26 .authorities("COREQI_READ") 27 .authorizedGrantTypes("authorization_code"); 28 } 29 30 @Override 31 public void configure(AuthorizationServerEndpointsConfigurer authorizationServerEndpointsConfigurer) throws Exception { 32 33 } 34 }
⒋测试
1.访问http://localhost:8080/登录
为什么要登录?因为这个地址是我们提供给第三方应用,由第三方应用来引导用户进行授权的,作为服务提供商,我们需要知道,1.是那个应用在请求授权(通过client_id),2.第三方应用在请求我们哪个用户的授权(通过此时登录的用户名密码判断是我们系统中的哪个用户),3.需要我们给第三方应用该用户的哪些权限(通过scope参数,scope参数是由我们自己定义的)。
参数介绍:
response_type:必填,值必须为code
client_id:必填,客户端id
redirect_uri:可选,授权码模式下可用
scope:必须要有,要么在服务器端配置,要么在请求参数中配置。
state:推荐
原文:https://www.cnblogs.com/fanqisoft/p/10662837.html