springboot+Oauth2实现自定义AuthenticationManager和认证path
本人在工作中需要构建这么一个后台框架,基于springboot,登录时认证使用自定义AuthenticationManager;同时支持Oauth2访问指定API接口,认证时的AuthenticationManager和登录规则不同。在研究了源码的基础上参考很多文章,目前基本得以解决。
@Configuration publicclassOAuth2Configuration{ @SpringBootApplication @RestController @EnableResourceServer @Configuration @EnableAuthorizationServer protectedstaticclassAuthorizationServerConfigurationextendsAuthorizationServerConfigurerAdapterimplementsEnvironmentAware{ privatestaticfinalStringENV_OAUTH="authentication.oauth."; privatestaticfinalStringPROP_CLIENTID="clientid"; privatestaticfinalStringPROP_SECRET="secret"; privatestaticfinalStringPROP_TOKEN_VALIDITY_SECONDS="tokenValidityInSeconds"; privateRelaxedPropertyResolverpropertyResolver; @Autowired privateDataSourcedataSource; @Bean publicTokenStoretokenStore(){ returnnewJdbcTokenStore(dataSource); } //@Autowired //@Qualifier("authenticationManagerBean") //privateAuthenticationManagerauthenticationManager; @Autowired @Qualifier("daoAuhthenticationOauthProvider") privateAuthenticationProviderdaoAuhthenticationOauthProvider; @Override publicvoidconfigure(AuthorizationServerEndpointsConfigurerendpoints) throwsException{ //@formatter:off endpoints .tokenStore(tokenStore()) .authenticationManager(newAuthenticationManager(){ @Override publicAuthenticationauthenticate(Authenticationauthentication)throwsAuthenticationException{ //TODOAuto-generatedmethodstub returndaoAuhthenticationOauthProvider.authenticate(authentication); } }); //@formatter:on } @Override publicvoidconfigure(ClientDetailsServiceConfigurerclients)throwsException{ clients .inMemory() .withClient(propertyResolver.getProperty(PROP_CLIENTID)) .scopes("read","write") .authorities(Authorities.ROLE_CHANNEL.name()) .authorizedGrantTypes("password","refresh_token") .secret(propertyResolver.getProperty(PROP_SECRET)) .accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS,Integer.class,1800)); } @Override publicvoidsetEnvironment(Environmentenvironment){ this.propertyResolver=newRelaxedPropertyResolver(environment,ENV_OAUTH); } @Configuration @EnableResourceServer protectedstaticclassResourceServerConfigurationextendsResourceServerConfigurerAdapter{ @Override publicvoidconfigure(HttpSecurityhttp)throwsException{ http .antMatcher("/api/dev/**") .authorizeRequests() .anyRequest() .hasRole("DEVELEPOR") .and() .antMatcher("/api/channel/**") .authorizeRequests() .anyRequest() .hasRole("CHANNEL"); } } } }
以上是Oauth2的主要配置,SecurityConfiguration的配置就不贴了,大家可以去github上找资料,下面是如何自定一个daoAuhthenticationProvider。
@Bean(name="daoAuhthenticationProvider") publicAuthenticationProviderdaoAuhthenticationProvider(){ DaoAuthenticationProviderdaoAuthenticationProvider=newDaoAuthenticationProvider(); daoAuthenticationProvider.setUserDetailsService(userDetailsService); daoAuthenticationProvider.setHideUserNotFoundExceptions(false); daoAuthenticationProvider.setPasswordEncoder(passwordEncoder); returndaoAuthenticationProvider; } @Bean(name="daoAuhthenticationOauthProvider") publicAuthenticationProviderdaoAuhthenticationOauthProvider(){ DaoAuthenticationProviderdaoAuthenticationProvider=newDaoAuthenticationProvider(); daoAuthenticationProvider.setUserDetailsService(userDetailsOauthService); daoAuthenticationProvider.setHideUserNotFoundExceptions(false); daoAuthenticationProvider.setPasswordEncoder(passwordEncoder); returndaoAuthenticationProvider; } @Override publicvoidconfigure(AuthenticationManagerBuilderauth)throwsException{ auth.authenticationProvider(daoAuhthenticationProvider()); //auth.authenticationProvider(daoAuhthenticationProvider1()); } @Bean @Override publicAuthenticationManagerauthenticationManagerBean()throwsException{ returnsuper.authenticationManagerBean(); }
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。