springboot+Oauth2实现自定义AuthenticationManager和认证path

springboot+Oauth2实现自定义AuthenticationManager和认证path

本人在工作中需要构建这么一个后台框架，基于sprhttp://ingboot，登录时认证使用自定义AuthenticationManager；同时支持Oauth2访问指定API接口，认证时的AuthenticationManager和登录规则不同。在研究了源码的基础上参考很多文章，目前基本得以解决。

@Configuration

public class OAuth2Configuration {

@SpringBootApplication

@RestController

@EnableResourceServer

@Configuration

@EnableAuthorizationServer

protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter implements EnvironmentAware {

private static final String ENV_OAUTH = "authentication.oauth.";

private static final String PROP_CLIENTID = "clientid";

private static final String PROP_SECRET = "secret";

private static final String PROP_TOKEN_VALIDITY_SECONDS = "tokenValidityInSeconds";

private RelaxedPropertyResolver propertyResolver;

@Autowired

private DataSource dataSource;

@Bean

public TokenStore tokenStore() {

return new JdbcTokenStore(dataSource);

}

// @Autowired

// @Qualifier("authenticationManagerBean")

// private AuthenticationManager authenticationManager;

@Autowired

@Qualifier("daoAuhthenticationOauthProvider")

private AuthenticationProvider daoAuhthenticationOauthProvider;

@Override

public void configure(AuthorizationServerEndpointsConfigurer endpoints)

throws Exception {

// @formatter:off

endpoints

.tokenStore(tokenStore())

.authenticationManager(new AuthenticationManager(){

@Override

public Authentication authenticate(Authentication authentication) throws AuthenticationException {

// TODO Auto-generated method stub

return daoAuhthenticationOauthProvider.authenticate(authentication);

}

});

// @formatter:on

}

@Override

public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

clients

.inMemory()

.withClient(propertyResolver.getProperty(PROP_CLIENTID))

.scopes("read", "write")

.authorities(Authorities.ROLE_CHANNEL.name())

.authorizedGrantTypes("password", "refresh_token")

.secret(propertyResolver.getProperty(PROP_SECRET))

.accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS, Integer.class, 1800));

}

@Override

public void setEnvironment(Environment environment) {

this.propertyResolver = new RelaxedPropertyResolver(environment, ENV_OAUTH);

}

@Configuration

@EnableResourceServer

protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

vNQyW @Override

public void configure(HttpSecurity http) throws Exception {

http

.antMatcher("/api/dev/**")

.authorizeRequests()

.anyRequest()

.hasRole("DEVELEPOR")

.and()

.antMatcher("/api/channel/**")

.authorizeRequests()

.anyRequest()

.hasRole("CHANNEL");

}

}

}

}

以上是Oauth2的主要配置，SecurityConfiguration的配置就不贴了，大家可以去github上找资料，下面是如何自定一个daoAuhthenticationProvider。

@Bean(name="daoAuhthenticationProvider")

public AuthenticationProvider daoAuhthenticationProvider() {

DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();

daoAuthenticationProvider.setUserDetailsService(userDetailsService);

daoAuthenticationProvider.setHideUserNotFoundExceptions(false);

daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);

return daoAuthenticationProvider;

}

@Bean(name="daoAuhthenticationOauthProvider")

public AuthenticationProvider daoAuhthenticationOauthProvider() {

DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();

daoAuthenticationProvider.setUserDetailsService(userDetailsOauthService);

daoAuthenticationProvider.setHideUserNotFoundExceptions(false);

daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);

return daoAuthenticationProvider;

}

@Override

public void configure(AuthenticationManagerBuilder auth) throws Exception {

auth.authenticationProvider(daoAuhthenticationProvider());

// auth.authenticationProvider(daoAuhthenticationProvider1());

}

@Bean

@Override

public AuthenticationManager authenticationManagerBean() throws Exception {

return super.authenticationManagerBean();

}

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。