1. 首頁
  2. 問答
  3. 如何將<oauth:authorization-server>轉換爲Java Config?

如何將<oauth:authorization-server>轉換爲Java Config?

2015-12-11 21 views
0

我相信所有這些都只是使用默認值,我們使用jdbc作爲我們的令牌存儲,客戶端詳細信息是默認值。看起來我們有一個自定義userApprovalHandler。如何將<oauth:authorization-server>轉換爲Java Config?

<oauth:authorization-server 
    client-details-service-ref="clientDetails" 
    token-services-ref="tokenServices" 
    user-approval-handler-ref="userApprovalHandler"> 
    <oauth:client-credentials /> 
    <oauth:password authentication-manager-ref="authenticationManager"/> 
</oauth:authorization-server>

我知道我們必須添加@EnableAuthorizationServer,但我不知道如果我真的需要實現因爲這些AuthorizationServerConfigurer或者都有註釋,如果春天可以計算出來(它有時)?我也不確定什麼正確的方法來設置其中的一些。例如我還沒有找到要設置client-credentialspassword的地點。我不太確定他們是如何翻譯的。

這是我想出迄今

@Configuration 
@EnableAuthorizationServer 
public class OAuth2Config implements AuthorizationServerConfigurer 
{ 
    @Autowired private ClientDetailsService clientDetails; 
    @Autowired private AuthorizationServerTokenServices tokenServices; 


    @Override 
    public void configure(final AuthorizationServerSecurityConfigurer security) throws Exception 
    { 

    } 

    @Override 
    public void configure(final ClientDetailsServiceConfigurer clients) throws Exception 
    { 
     clients.withClientDetails(clientDetails); 
    } 

    @Override 
    public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception 
    { 
     endpoints.tokenServices(tokenServices); 
    } 
}

因爲這似乎是一個小片段和Java的配置不應該更大,如果你能提供這些完整的配置類的例子選項會很棒。

來源

2015-12-11 xenoterracide

回答

0

請在下面找到一個示例代碼吧: -

@Configuration 
    @EnableAuthorizationServer 
    public class OAuth2CustomConfig extends 
      AuthorizationServerConfigurerAdapter { 

     @Autowired 
     private AuthenticationManager authenticationManager; 

     @Bean 
     public JwtAccessTokenConverter jwtAccessTokenConverter() { 
      JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); 
      KeyPair keyPair = new KeyStoreKeyFactory(new ClassPathResource(
        "keystore.jks"), "foo".toCharArray()).getKeyPair("bar"); 
      converter.setKeyPair(keyPair); 
      return converter; 
     } 

     @Override 
     public void configure(AuthorizationServerSecurityConfigurer oauthServer) 
       throws Exception { 
      oauthServer.tokenKeyAccess("permitAll()").checkTokenAccess(
        "isAuthenticated()"); 
     } 

     @Override 
     public void configure(ClientDetailsServiceConfigurer clients) 
       throws Exception { 
      clients.inMemory() 
        .withClient("xxxx") 
        .secret("xxxxsecret") 
        .authorizedGrantTypes("authorization_code", 
          "refresh_token", "password").scopes("openid"); 
     } 

     @Override 
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) 
       throws Exception { 
      endpoints.authenticationManager(authenticationManager) 
        .accessTokenConverter(jwtAccessTokenConverter()); 
     } 

    }

來源

2015-12-30 16:36:12 Avis

相關問題

 相關問題