docs(ResourceServerConfig.java): 添加公钥获取方式说明注释

2024-12-22 20:54:26 +08:00 · 2021-06-19 14:03:43 +08:00 · 2021-06-19 14:03:43 +08:00 · a5e697cbc5
commit a5e697cbc5
parent b5da681343
2 changed files with 3 additions and 6 deletions
--- a/youlai-auth/src/main/java/com/youlai/auth/controller/OAuthController.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/controller/OAuthController.java
@ -21,7 +21,6 @@ import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint;
 import org.springframework.web.HttpRequestMethodNotSupportedException;
 import org.springframework.web.bind.annotation.*;
 import springfox.documentation.annotations.ApiIgnore;
-
 import java.security.KeyPair;
 import java.security.Principal;
 import java.security.interfaces.RSAPublicKey;
@ -104,5 +103,4 @@ public class OAuthController {
        RSAKey key = new RSAKey.Builder(publicKey).build();
        return new JWKSet(key).toJSONObject();
    }
-
 }
--- a/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerConfig.java
+++ b/youlai-gateway/src/main/java/com/youlai/gateway/security/ResourceServerConfig.java
@ -26,7 +26,6 @@ import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.ServerAuthenticationEntryPoint;
 import org.springframework.security.web.server.authorization.ServerAccessDeniedHandler;
 import reactor.core.publisher.Mono;
-
 import java.io.InputStream;
 import java.security.KeyFactory;
 import java.security.interfaces.RSAPublicKey;
@ -53,8 +52,8 @@ public class ResourceServerConfig {
    @Bean
    public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
        http.oauth2ResourceServer().jwt().jwtAuthenticationConverter(jwtAuthenticationConverter())
-                .publicKey(rsaPublicKey())
-                // .jwkSetUri()  //
+                .publicKey(rsaPublicKey()) // 本地获取公钥
+                //.jwkSetUri() // 远程获取公钥
        ;
        http.oauth2ResourceServer().authenticationEntryPoint(authenticationEntryPoint());
        http.authorizeExchange()
@ -123,7 +122,7 @@ public class ResourceServerConfig {
        Resource resource = new ClassPathResource("public.key");
        InputStream is = resource.getInputStream();
        String publicKeyData = IoUtil.read(is).toString();
-        X509EncodedKeySpec keySpec = new X509EncodedKeySpec(( Base64.decode(publicKeyData)));
+        X509EncodedKeySpec keySpec = new X509EncodedKeySpec((Base64.decode(publicKeyData)));

        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        RSAPublicKey rsaPublicKey = (RSAPublicKey)keyFactory.generatePublic(keySpec);