Spring Cloud Alibaba微服务实战十八 - Oauth2.0 自定义授权模式

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
 
    @Autowired
    private AuthenticationManager authenticationManager;
 
    @Autowired
    private UserDetailsService userDetailsService;
 
    @Autowired
    private TokenStore tokenStore;
 
    @Autowired
    private MyOAuth2RequestFactory myOAuth2RequestFactory;
 
    @Autowired
    private JwtAccessTokenConverter jwtAccessTokenConverter;
 
    @Autowired
    private JwtTokenEnhancer jwtTokenEnhancer;
 
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory()
                .withClient("clientapp") // client_id
                .secret("123456") // client_secret
                .authorizedGrantTypes("custom") // 授权类型
                .scopes("app") // 权限范围
                .resourceIds("res1") // 资源id
                .accessTokenValiditySeconds(1800) // 访问令牌有效期（秒）
                .refreshTokenValiditySeconds(3600); // 刷新令牌有效期（秒）
    }
 
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
        endpoints
                .authenticationManager(authenticationManager)
                .userDetailsService(userDetailsService)
                .tokenStore(tokenStore)
                .accessTokenConverter(jwtAccessTokenConverter)
                .tokenEnhancer(jwtTokenEnhancer)
                .requestFactory(myOAuth2RequestFactory);
    }
 
    // ... 其他配置和组件
}

这个代码实例展示了如何配置一个AuthorizationServer，设置客户端详情、授权类型和使用JWT来转换访问令牌。同时，它使用自定义的MyOAuth2RequestFactory和JwtTokenEnhancer来扩展OAuth2的默认行为。