Reference document: docs.spring. IO /spring-secu…
Complete code: gitee.com/mayanze123/…
Series of articles:
SpringBoot integration with OAuth2 Series 1 (simplest configuration)
SpringBoot integrated OAuth2 series 2
SpringBoot integrated oAuth2, Series 3 (UserDetailsService)
SpringBoot integrates oAuth2, Series 4 (Cross-domain issues of using oAuth2 in Front and back End Separation web pages)
preface
This article is the springBoot integration oAuth2 user password authorization basics, most web still use the user password login page, especially the front and back end separation can be reference below
The effect is as follows:
1. Access the API directly
Curl, the location, request GET 'http://127.0.0.1:8080/whoami? name=mayanze'Copy the code
2. Obtain the token.
curl --location --request POST 'http://first-client:noonewilleverguess@localhost:8080/oauth/token? scope=resource:read&grant_type=password&username=myz&password=myz'Copy the code
It’s hard to understand. Look at this.
curl --location --request POST 'http://localhost:8080/oauth/token? scope=resource:read&grant_type=password&username=myz&password=myz' \ --header 'Authorization: Basic Zmlyc3QtY2xpZW50Om5vb25ld2lsbGV2ZXJndWVzcw=='Copy the code
3. Use the token to access the API
Curl, the location, request GET 'http://127.0.0.1:8080/whoami? name=mayanze' \ --header 'Authorization: Bearer dfVidwI31Nyzy-3dOXH8M82Xr6k'Copy the code
Code implementation
You can refer to the full code: gitee.com/mayanze123/…
1. Add WebSecurityConfig to the previous base
package com.example.demo; import org.springframework.context.annotation.Bean; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import java.util.ArrayList; @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Bean public AuthenticationManager authenticationManager() throws Exception { return super.authenticationManager(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.inMemoryAuthentication() .withUser("myz") .password(passwordEncoder().encode("myz")) .authorities(new ArrayList<>(0)); } @override protected void configure(HttpSecurity HTTP) throws Exception {// All requests must be authenticated http.authorizeRequests().anyRequest().authenticated(); }}Copy the code
2. On the one based upon AuthorizationServerConfig
package com.example.demo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; @Configuration public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { @Autowired private AuthenticationManager authenticationManager; @autowired public PasswordEncoder PasswordEncoder; public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients .inMemory() .withClient("first-client") .secret(passwordEncoder.encode("noonewilleverguess")) .scopes("resource:read") .authorizedGrantTypes("password","authorization_code"); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints.authenticationManager(authenticationManager); }}Copy the code