Java最新Spring Cloud入门-Oauth2授权之基于JWT完成单点登录(Hoxton版本),springmvc基础教程
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private TokenStore tokenStore;
@Autowired
private JwtAccessTokenConverter jwtAccessTokenConverter;
@Autowired
private JwtTokenEnhancer jwtTokenEnhancer;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.inMemory()
.withClient("clientapp")
.secret("123456")
.authorizedGrantTypes("password", "refresh_token")
.scopes("read", "write")
.resourceIds("res1")
.accessTokenValiditySeconds(1800)
.refreshTokenValiditySeconds(3600);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints
.authenticationManager(authenticationManager)
.userDetailsService(userDetailsService)
.tokenStore(tokenStore)
.accessTokenConverter(jwtAccessTokenConverter)
.tokenEnhancer(jwtTokenEnhancer);
}
}
这个代码实例展示了如何配置一个OAuth2授权服务器,使用JWT来进行访问令牌的签名和验证。代码中定义了客户端的配置和授权服务器端点的配置。其中TokenStore
和JwtAccessTokenConverter
是用于存储和转换JWT令牌的关键组件。JwtTokenEnhancer
是一个自定义的令牌增强器,可以用于在JWT中添加额外的信息。
评论已关闭