springboot+Oauth2 implements custom AuthenticationManager and authentication path
- 2020-10-23 20:58:17
- OfStack
In my work, I need to build such a background framework, which is based on springboot and USES custom AuthenticationManager for authentication when logging in. Oauth2 is also supported to access the specified API interface. AuthenticationManager and login rules are different when authenticating. On the basis of studying the source code reference many articles, the current basic to solve.
@Configuration
public class OAuth2Configuration {
@SpringBootApplication
@RestController
@EnableResourceServer
@Configuration
@EnableAuthorizationServer
protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter implements EnvironmentAware {
private static final String ENV_OAUTH = "authentication.oauth.";
private static final String PROP_CLIENTID = "clientid";
private static final String PROP_SECRET = "secret";
private static final String PROP_TOKEN_VALIDITY_SECONDS = "tokenValidityInSeconds";
private RelaxedPropertyResolver propertyResolver;
@Autowired
private DataSource dataSource;
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
// @Autowired
// @Qualifier("authenticationManagerBean")
// private AuthenticationManager authenticationManager;
@Autowired
@Qualifier("daoAuhthenticationOauthProvider")
private AuthenticationProvider daoAuhthenticationOauthProvider;
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints)
throws Exception {
// @formatter:off
endpoints
.tokenStore(tokenStore())
.authenticationManager(new AuthenticationManager(){
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// TODO Auto-generated method stub
return daoAuhthenticationOauthProvider.authenticate(authentication);
}
});
// @formatter:on
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients
.inMemory()
.withClient(propertyResolver.getProperty(PROP_CLIENTID))
.scopes("read", "write")
.authorities(Authorities.ROLE_CHANNEL.name())
.authorizedGrantTypes("password", "refresh_token")
.secret(propertyResolver.getProperty(PROP_SECRET))
.accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS, Integer.class, 1800));
}
@Override
public void setEnvironment(Environment environment) {
this.propertyResolver = new RelaxedPropertyResolver(environment, ENV_OAUTH);
}
@Configuration
@EnableResourceServer
protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/api/dev/**")
.authorizeRequests()
.anyRequest()
.hasRole("DEVELEPOR")
.and()
.antMatcher("/api/channel/**")
.authorizeRequests()
.anyRequest()
.hasRole("CHANNEL");
}
}
}
}
The above is the main configuration of Oauth2, the configuration of SecurityConfiguration is not posted, you can go to github to find information, here is how to determine one daoAuhthenticationProvider.
@Bean(name="daoAuhthenticationProvider")
public AuthenticationProvider daoAuhthenticationProvider() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(userDetailsService);
daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
return daoAuthenticationProvider;
}
@Bean(name="daoAuhthenticationOauthProvider")
public AuthenticationProvider daoAuhthenticationOauthProvider() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(userDetailsOauthService);
daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);
return daoAuthenticationProvider;
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.authenticationProvider(daoAuhthenticationProvider());
// auth.authenticationProvider(daoAuhthenticationProvider1());
}
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}