日韩性视频-久久久蜜桃-www中文字幕-在线中文字幕av-亚洲欧美一区二区三区四区-撸久久-香蕉视频一区-久久无码精品丰满人妻-国产高潮av-激情福利社-日韩av网址大全-国产精品久久999-日本五十路在线-性欧美在线-久久99精品波多结衣一区-男女午夜免费视频-黑人极品ⅴideos精品欧美棵-人人妻人人澡人人爽精品欧美一区-日韩一区在线看-欧美a级在线免费观看

歡迎訪問 生活随笔!

生活随笔

當前位置: 首頁 > 编程资源 > 编程问答 >内容正文

编程问答

oauth样例项目【01】之 使用auth-code进行认证授权

發布時間:2023/12/10 编程问答 39 豆豆
生活随笔 收集整理的這篇文章主要介紹了 oauth样例项目【01】之 使用auth-code进行认证授权 小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

文章目錄

  • 源碼
    • pom.xml
    • 授權服務配置
    • 賬戶密碼的配置
    • 資源服務配置
    • UserController演示資源的訪問
  • 演示:
    • 獲取授權碼:auth-code
    • 獲取token
    • 使用token獲取用戶資源

源碼

https://github.com/gaoxinfu/oauth-sample/tree/main/oauth-sample-01

pom.xml

<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>1.5.10.RELEASE</version><relativePath /> <!-- lookup parent from repository --></parent><groupId>com.gaoxinfu.oauth.sample</groupId><artifactId>oauth-server</artifactId><version>0.0.1-SNAPSHOT</version><name>sample01-授權服務器</name><description>Demo project for Spring Boot</description><properties><java.version>1.8</java.version></properties><dependencies><!--springboot web 服務器--><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency><!-- for OAuth 2.0 --><dependency><groupId>org.springframework.security.oauth</groupId><artifactId>spring-security-oauth2</artifactId></dependency><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId></dependency></dependencies><build><plugins><plugin><groupId>org.springframework.boot</groupId><artifactId>spring-boot-maven-plugin</artifactId></plugin></plugins></build> </project>


授權服務配置

package com.gaoxinfu.oauth.sample.config;import org.springframework.context.annotation.Configuration; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;/*** 授權服務器配置*/ @Configuration @EnableAuthorizationServer public class AuthorizationServerConfig extendsAuthorizationServerConfigurerAdapter {@Overridepublic void configure(ClientDetailsServiceConfigurer clients)throws Exception {clients.inMemory()//客戶端id.withClient("clientapp")//密碼.secret("112233")//一般是發起的尋求獲取auth-code的客戶端的一個地址,我們在這里自己寫在了TokenController中用于顯示返回的code.redirectUris("http://localhost:9001/token/api/callback")// 授權碼模式.authorizedGrantTypes("authorization_code")//權限范圍設置.scopes("read_userinfo", "read_contacts");}}

賬戶密碼的配置

server.port=9001# Spring Security Setting security.user.name=gaoxinfu security.user.password=123456

這里演示開始獲取auth-code時候,需要賬戶密碼登錄之后,才可以繼續下一步

資源服務配置

package com.gaoxinfu.oauth.sample.config;import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;/*** 資源服務配置*/ @Configuration @EnableResourceServer public class ResourceServerConfig extends ResourceServerConfigurerAdapter {@Overridepublic void configure(HttpSecurity http) throws Exception {http.authorizeRequests().anyRequest().authenticated().and().requestMatchers().antMatchers("/api/**");}}

UserController演示資源的訪問

package com.gaoxinfu.oauth.sample.controller;import com.gaoxinfu.oauth.sample.entity.UserEntity; import org.springframework.http.ResponseEntity; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping;@Controller public class UserController {/**** @return*/@GetMapping("/api/getUser")public ResponseEntity<UserEntity> getUser() {User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();return ResponseEntity.ok(new UserEntity(user.getUsername(),user.getUsername() + "@aliyun.com"));} }

演示:

獲取授權碼:auth-code

這里我們通過瀏覽器去演示
獲取auth-code
http://localhost:9001/oauth/authorize?client_id=clientapp&redirect_uri=http://localhost:9001//token/api/callback&response_type=code&scope=read_userinfo

填寫賬戶名密碼

授權同意還是拒絕,這里我們選擇同意Approve

通過回調通知的方式給我們了auth-code

oauth code = bOhDxC

獲取token

這里我們通過postman去演示

http://localhost:9001/oauth/token?code=n4xh0t&grant_type=authorization_code&redirect_uri=http://localhost:9001/token/api/callback&scope=read_userinfo

Query Params配置

授權類型

內容類型設置

發送請求,獲取結果

附:這里注意下,如果一旦因為配置獲取參數輸入有誤,獲取失敗,需要重新獲取auth-code

使用token獲取用戶資源

總結

以上是生活随笔為你收集整理的oauth样例项目【01】之 使用auth-code进行认证授权的全部內容,希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯,歡迎將生活随笔推薦給好友。