Spring cloud Oauth2的密码模式数据库方式实现登录授权验证
2021/12/22 2:23:16
本文主要是介绍Spring cloud Oauth2的密码模式数据库方式实现登录授权验证,对大家解决编程问题具有一定的参考价值,需要的程序猿们随着小编来一起学习吧!
1.oauth2的密码模式基础使用可以查看Spring cloud Oauth2的密码模式内存方式实现登录授权验证
2.在项目中oauth2的密码模式实现授权都是直接读取数据库的用户信息进行验证的。
oauth2-server: 认证中心,提供token的生成,刷新,认证功能。
oauth2-client: 客户端服务,调用接口会去认证中心验证token一致性。
3.代码实现:
在Spring cloud Oauth2的密码模式内存方式实现登录授权验证的基础代码上进行更改。
3.1 oauth2-server修改部分:
yml添加数据库配置:
spring:
application:
name: oauth2-server
redis:
database: 2
host: localhost
password: 123456
jedis:
pool:
max-active: 8
max-idle: 8
min-idle: 0
timeout: 100ms
datasource:
url: jdbc:mysql://127.0.0.1:3306/spring_cloud?characterEncoding=UTF-8&useUnicode=true&useSSL=false&tinyInt1isBit=false&allowPublicKeyRetrieval=true&serverTimezone=Asia/Shanghai&autoReconnect=true&failOverReadOnly=false
username: root
password: 123456
hikari:
connection-timeout: 30000
idle-timeout: 600000
max-lifetime: 1800000
maximum-pool-size: 9
server:
port: 8001
management:
endpoint:
health:
enabled: true
mybatis:
typeAliasesPackage: com.cxh.oauth2service.entity
mapperLocations: classpath*:/mapper/*.xml
oauth2配置采用数据库方式
@Configuration
@EnableAuthorizationServer
public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
@Autowired
public PasswordEncoder passwordEncoder;
@Autowired
public UserDetailsService cxhUserDetailsService;
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private TokenStore redisTokenStore;
@Autowired
private DataSource dataSource;
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
/**
* redis token 方式
*/
endpoints.authenticationManager(authenticationManager)
.userDetailsService(cxhUserDetailsService)
.tokenStore(redisTokenStore);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
JdbcClientDetailsServiceBuilder jcsb = clients.jdbc(dataSource);
jcsb.passwordEncoder(passwordEncoder);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.allowFormAuthenticationForClients();
security.checkTokenAccess("isAuthenticated()");
security.tokenKeyAccess("isAuthenticated()");
}
}
登录时验证授权直接读取数据库数据
@Slf4j
@Component(value = "cxhUserDetailsService")
public class CxhUserDetailsService implements UserDetailsService {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private UserInfoService userInfoService;
@Autowired
private SysRoleService sysRoleService;
@Autowired
private PermissionService permissionService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserInfo userInfo = userInfoService.getByUsername(username);
if(userInfo == null){
throw new UsernameNotFoundException("不存在当前用户");
}
List<SysRole> sysRoleList = sysRoleService.listByUserId(userInfo.getId());
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
sysRoleList.forEach(e -> authorities.add(new SimpleGrantedAuthority(e.getCode())));
List<Permission> permissionList = permissionService.listByUserId(userInfo.getId());
permissionList.forEach(e -> authorities.add(new SimpleGrantedAuthority(e.getCode())));
//密码是加密的
//String password = passwordEncoder.encode("123456");
String password = userInfo.getPassword();
return new org.springframework.security.core.userdetails.User(username,password, authorities);
}
}
3.2 oauth2-client 可以不用修改,直接运行。
这里调整了控制器的一些请求:
@Slf4j
@RestController
public class TestController {
//返回true
@GetMapping(value = "get")
@PreAuthorize("hasRole('ROLE_TEST')")
public Object get(Authentication authentication){
return "权限测试1";
}
//返回false
@GetMapping(value = "get2")
@PreAuthorize("hasRole('role_test')")
public Object get2(Authentication authentication){
return "权限测试2";
}
//返回true
@GetMapping(value = "get3")
@PreAuthorize("hasRole('TEST')")
public Object get3(Authentication authentication){
return "权限测试3";
}
//返回false
@GetMapping(value = "get4")
@PreAuthorize("hasRole('test')")
public Object get4(Authentication authentication){
return "权限测试4";
}
//返回true
@GetMapping(value = "get5")
@PreAuthorize("hasAnyRole('ROLE_TEST')")
public Object get5(Authentication authentication){
return "权限测试5";
}
//返回false
@GetMapping(value = "get6")
@PreAuthorize("hasAnyRole('role_test')")
public Object get6(Authentication authentication){
return "权限测试6";
}
//返回true
@GetMapping(value = "get7")
@PreAuthorize("hasAnyRole('TEST')")
public Object get7(Authentication authentication){
return "权限测试7";
}
//返回false
@GetMapping(value = "get8")
@PreAuthorize("hasAnyRole('test')")
public Object get8(Authentication authentication){
return "权限测试8";
}
//返回true
@GetMapping(value = "get9")
@PreAuthorize("hasAnyAuthority('ROLE_TEST')")
public Object get9(Authentication authentication){
return "权限测试9";
}
//返回false
@GetMapping(value = "get10")
@PreAuthorize("hasAnyAuthority('role_test')")
public Object get10(Authentication authentication){
return "权限测试10";
}
//返回false
@GetMapping(value = "get11")
@PreAuthorize("hasAnyAuthority('TEST')")
public Object get11(Authentication authentication){
return "权限测试11";
}
//返回false
@GetMapping(value = "get12")
@PreAuthorize("hasAnyAuthority('test')")
public Object get12(Authentication authentication){
return "权限测试12";
}
}
4.数据库:
创建数据表数据:
user_info中的用户password是用passwordEncoder.encode("password");进行加密保存。
oauth_client_details表中的 client_secret 字段不能直接是 secret 的原始值,需要经过加密。因为是用的 BCryptPasswordEncoder,所以最终插入的值是经过 BCryptPasswordEncoder.encode()之后的值。
5.oauth2-service, oauth2-client项目运行后效果:
6.demo下载
这篇关于Spring cloud Oauth2的密码模式数据库方式实现登录授权验证的文章就介绍到这儿,希望我们推荐的文章对大家有所帮助,也希望大家多多支持为之网!
- 2024-06-19《2023版Java工程师》课程升级公告
- 2024-06-15matplotlib作图不显示3D图,怎么办?
- 2024-06-1503-Loki 日志监控
- 2024-06-1504-让LLM理解知识 -Prompt
- 2024-06-05做软件测试需要懂代码吗?
- 2024-06-0514-ShardingSphere的分布式主键实现
- 2024-06-03为什么以及如何要进行架构设计权衡?
- 2024-05-31全网首发第二弹!软考2024年5月《软件设计师》真题+解析+答案!(11-20题)
- 2024-05-31全网首发!软考2024年5月《软件设计师》真题+解析+答案!(21-30题)
- 2024-05-30【Java】百万数据excel导出功能如何实现
