springboot+Oauth2实现自定义AuthenticationManager和认证path
本人在工作中需要构建这么一个后台框架,基于springboot,登录时认证使用自定义AuthenticationManager;同时支持Oauth2访问指定API接口,认证时的AuthenticationManager和登录规则不同。在研究了源码的基础上参考很多文章,目前基本得以解决。
@Configuration
publicclassOAuth2Configuration{
@SpringBootApplication
@RestController
@EnableResourceServer
@Configuration
@EnableAuthorizationServer
protectedstaticclassAuthorizationServerConfigurationextendsAuthorizationServerConfigurerAdapterimplementsEnvironmentAware{
privatestaticfinalStringENV_OAUTH="authentication.oauth.";
privatestaticfinalStringPROP_CLIENTID="clientid";
privatestaticfinalStringPROP_SECRET="secret";
privatestaticfinalStringPROP_TOKEN_VALIDITY_SECONDS="tokenValidityInSeconds";
privateRelaxedPropertyResolverpropertyResolver;
@Autowired
privateDataSourcedataSource;
@Bean
publicTokenStoretokenStore(){
returnnewJdbcTokenStore(dataSource);
}
//@Autowired
//@Qualifier("authenticationManagerBean")
//privateAuthenticationManagerauthenticationManager;
@Autowired
@Qualifier("daoAuhthenticationOauthProvider")
privateAuthenticationProviderdaoAuhthenticationOauthProvider;
@Override
publicvoidconfigure(AuthorizationServerEndpointsConfigurerendpoints)
throwsException{
//@formatter:off
endpoints
.tokenStore(tokenStore())
.authenticationManager(newAuthenticationManager(){
@Override
publicAuthenticationauthenticate(Authenticationauthentication)throwsAuthenticationException{
//TODOAuto-generatedmethodstub
returndaoAuhthenticationOauthProvider.authenticate(authentication);
}
});
//@formatter:on
}
@Override
publicvoidconfigure(ClientDetailsServiceConfigurerclients)throwsException{
clients
.inMemory()
.withClient(propertyResolver.getProperty(PROP_CLIENTID))
.scopes("read","write")
.authorities(Authorities.ROLE_CHANNEL.name())
.authorizedGrantTypes("password","refresh_token")
.secret(propertyResolver.getProperty(PROP_SECRET))
.accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS,Integer.class,1800));
}
@Override
publicvoidsetEnvironment(Environmentenvironment){
this.propertyResolver=newRelaxedPropertyResolver(environment,ENV_OAUTH);
}
@Configuration
@EnableResourceServer
protectedstaticclassResourceServerConfigurationextendsResourceServerConfigurerAdapter{
@Override
publicvoidconfigure(HttpSecurityhttp)throwsException{
http
.antMatcher("/api/dev/**")
.authorizeRequests()
.anyRequest()
.hasRole("DEVELEPOR")
.and()
.antMatcher("/api/channel/**")
.authorizeRequests()
.anyRequest()
.hasRole("CHANNEL");
}
}
}
}
以上是Oauth2的主要配置,SecurityConfiguration的配置就不贴了,大家可以去github上找资料,下面是如何自定一个daoAuhthenticationProvider。
@Bean(name="daoAuhthenticationProvider")
publicAuthenticationProviderdaoAuhthenticationProvider(){
DaoAuthenticationProviderdaoAuthenticationProvider=newDaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
returndaoAuthenticationProvider;
}
@Bean(name="daoAuhthenticationOauthProvider")
publicAuthenticationProviderdaoAuhthenticationOauthProvider(){
DaoAuthenticationProviderdaoAuthenticationProvider=newDaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(userDetailsOauthService);
daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
returndaoAuthenticationProvider;
}
@Override
publicvoidconfigure(AuthenticationManagerBuilderauth)throwsException{
auth.authenticationProvider(daoAuhthenticationProvider());
//auth.authenticationProvider(daoAuhthenticationProvider1());
}
@Bean
@Override
publicAuthenticationManagerauthenticationManagerBean()throwsException{
returnsuper.authenticationManagerBean();
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持毛票票。