docs:授权服务配置注释完善

2024-12-23 05:00:25 +08:00 · 2020-09-19 23:44:15 +08:00 · 2020-09-19 23:44:15 +08:00 · e1d52acda7
commit e1d52acda7
parent 85bb9a2373
2 changed files with 16 additions and 32 deletions
--- a/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/config/AuthorizationServerConfig.java
@ -4,12 +4,11 @@ import com.youlai.auth.domain.User;
 import com.youlai.auth.service.JdbcClientDetailsServiceImpl;
 import com.youlai.auth.service.UserDetailsServiceImpl;
 import com.youlai.common.core.constant.AuthConstants;
+import lombok.AllArgsConstructor;
 import lombok.SneakyThrows;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.ClassPathResource;
-import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
@ -19,10 +18,8 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Aut
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
-import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
 import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
-import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

 import javax.sql.DataSource;
 import java.security.KeyPair;
@ -32,24 +29,17 @@ import java.util.List;
 import java.util.Map;

 /**
- * 认证服务器
+ * 授权服务配置
 */
@Configuration
@EnableAuthorizationServer
+@AllArgsConstructor
 public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

-
-    @Autowired
    private DataSource dataSource;
-
-    @Autowired
    private AuthenticationManager authenticationManager;
-    @Autowired
    private UserDetailsServiceImpl userDetailsService;

-    @Autowired
-    private RedisConnectionFactory redisConnectionFactory;
-
    /**
     * 配置客户端详情
     */
@ -63,7 +53,7 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
    }

    /**
-     * 配置令牌端点的安全约束
+     * 配置授权（authorization）以及令牌（token）的访问端点和令牌服务(token services)
     */
    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
@ -76,12 +66,13 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
        endpoints.authenticationManager(authenticationManager)
                .accessTokenConverter(jwtAccessTokenConverter())
                .tokenEnhancer(tokenEnhancerChain)
-                .tokenStore(tokenStore())
-                .userDetailsService(userDetailsService);
+                .userDetailsService(userDetailsService)
+                // refresh token有两种使用方式：重复使用(true)、非重复使用(false)，默认为true
+                //      1，重复使用：access token过期刷新时， refresh token过期时间未改变，仍以初次生成的时间为准
+                //      2，非重复使用：access token过期刷新时， refresh token过期时间延续，在refresh token有效期内刷新便永不失效达到无需再次登录的目的
+                .reuseRefreshTokens(false);
    }

-
-
    /**
     * 允许表单认证
     */
@ -106,19 +97,13 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
     */
    @Bean
    public KeyPair keyPair() {
-        KeyStoreKeyFactory factory = new KeyStoreKeyFactory(new ClassPathResource("youlai.jks"), "123456".toCharArray());
-        KeyPair keyPair = factory.getKeyPair("youlai", "123456".toCharArray());
+        KeyStoreKeyFactory factory = new KeyStoreKeyFactory(
+                new ClassPathResource("youlai.jks"), "123456".toCharArray());
+        KeyPair keyPair = factory.getKeyPair(
+                "youlai", "123456".toCharArray());
        return keyPair;
    }

-
-    @Bean
-    public TokenStore tokenStore() {
-        RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory);
-        tokenStore.setPrefix(AuthConstants.OAUTH2_TOKEN_PREFIX);
-        return tokenStore;
-    }
-
    /**
     * JWT内容增强
     */
@ -133,6 +118,4 @@ public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdap
            return accessToken;
        };
    }
-
-
 }
--- a/youlai-auth/src/main/java/com/youlai/auth/controller/PublicKeyController.java
+++ b/youlai-auth/src/main/java/com/youlai/auth/controller/PublicKeyController.java
@ -2,15 +2,16 @@ package com.youlai.auth.controller;
 import com.nimbusds.jose.jwk.JWKSet;
 import com.nimbusds.jose.jwk.RSAKey;
 import lombok.AllArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RestController;

 import java.security.KeyPair;
 import java.security.interfaces.RSAPublicKey;
 import java.util.Map;
+
+
 /**
- * 获取RSA公钥接口
+ * RSA公钥开放接口
 */
@RestController
@AllArgsConstructor