package com.yihu.base.security.config; import com.fasterxml.jackson.databind.ObjectMapper; import com.yihu.base.security.rbas.ClientServiceProvider; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Primary; import org.springframework.data.redis.connection.RedisConnectionFactory; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.provider.ClientDetailsService; import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationManager; import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; import javax.annotation.Resource; import javax.sql.DataSource; /** * Created by chenweida on 2017/12/4. */ @Configuration @EnableAuthorizationServer //开启授权服务器 public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter { @Autowired private UserDetailsService userDetailsService; @Autowired private ClientServiceProvider clientDetailsService; @Autowired private RedisConnectionFactory redisConnectionFactory; @Autowired private PasswordEncoder passwordEncoder; @Autowired private DataSource dataSource; @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.authenticationManager(oAuth2AuthenticationManager()) .tokenStore(tokenStore()) .userDetailsService(userDetailsService) .tokenServices(defaultTokenServices()); //endpoints.setClientDetailsService(clientDetailsService); } @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.jdbc(dataSource) .passwordEncoder(passwordEncoder) .clients(clientDetailsService) ; } @Bean ObjectMapper objectMapper() { ObjectMapper objectMapper = new ObjectMapper(); return objectMapper; } @Bean @Primary OAuth2AuthenticationManager oAuth2AuthenticationManager() { OAuth2AuthenticationManager oAuth2AuthenticationManager = new OAuth2AuthenticationManager(); oAuth2AuthenticationManager.setClientDetailsService(clientDetailsService); oAuth2AuthenticationManager.setTokenServices(defaultTokenServices()); return oAuth2AuthenticationManager; } //==========================token相关配置================================= @Bean @Primary DefaultTokenServices defaultTokenServices() { DefaultTokenServices defaultTokenServices = new DefaultTokenServices(); defaultTokenServices.setTokenStore(tokenStore()); return defaultTokenServices; } @Bean @Primary TokenStore tokenStore() { RedisTokenStore redisTokenStore = new RedisTokenStore(redisConnectionFactory); redisTokenStore.setPrefix("spring:security:oauth2:"); return redisTokenStore; } }