修改数据库sql
This commit is contained in:
zhuyijun
parent
fda105c25b
commit
3ec6015300
@ -16,29 +16,75 @@
|
|||||||
|
|
||||||
SET NAMES utf8mb4;
|
SET NAMES utf8mb4;
|
||||||
SET FOREIGN_KEY_CHECKS = 0;
|
SET FOREIGN_KEY_CHECKS = 0;
|
||||||
|
--
|
||||||
|
-- Oauth sql -- MYSQL
|
||||||
|
--
|
||||||
|
|
||||||
-- ----------------------------
|
Drop table if exists oauth_client_details;
|
||||||
-- Table structure for oauth_client_details
|
create table oauth_client_details (
|
||||||
-- ----------------------------
|
client_id VARCHAR(255) PRIMARY KEY,
|
||||||
DROP TABLE IF EXISTS `oauth_client_details`;
|
resource_ids VARCHAR(255),
|
||||||
CREATE TABLE `oauth_client_details` (
|
client_secret VARCHAR(255),
|
||||||
`client_id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL COMMENT '客户端id',
|
scope VARCHAR(255),
|
||||||
`resource_ids` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '资源id集合',
|
authorized_grant_types VARCHAR(255),
|
||||||
`client_secret` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '客户端密钥',
|
web_server_redirect_uri VARCHAR(255),
|
||||||
`scope` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '客户端申请的权限范围,可选值包括read,\r\n write等',
|
authorities VARCHAR(255),
|
||||||
`authorized_grant_types` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '客户端支持的grant_type,\r\n 可选值包括authorization_code, password, refresh_token, implicit, client_credentials, 若支持多个grant_type用逗号, 分隔',
|
access_token_validity INTEGER,
|
||||||
`web_server_redirect_uri` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '客户端的重定向URI,\r\n 可为空, 当grant_type为authorization_code或implicit时, 在Oauth的流程中会使用并检查与注册时填写的redirect_uri是否一致.',
|
refresh_token_validity INTEGER,
|
||||||
`authorities` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT ' 指定客户端所拥有的Spring Security的权限值,\r\n 可选, 若有多个权限值, 用逗号, 分隔, 如: ROLE_UNITY, ROLE_USER',
|
additional_information TEXT,
|
||||||
`access_token_validity` int(11) NULL DEFAULT NULL COMMENT '设定客户端的access_token的有效时间值(单位:秒)',
|
create_time timestamp default now(),
|
||||||
`refresh_token_validity` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '设定客户端的refresh_token的有效时间值(单位:秒)',
|
archived tinyint(1) default '0',
|
||||||
`additional_information` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL COMMENT '其他信息, JSON格式',
|
trusted tinyint(1) default '0',
|
||||||
`autoapprove` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NULL DEFAULT NULL COMMENT '用户是否自动Approval操作,\r\n 默认值为 \'\' false \'\', 可选值 true, false',
|
autoapprove VARCHAR (255) default 'false'
|
||||||
PRIMARY KEY (`client_id`) USING BTREE
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||||
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_unicode_ci COMMENT = 'oauth2 client表' ROW_FORMAT = Dynamic;
|
|
||||||
|
|
||||||
-- ----------------------------
|
|
||||||
-- Records of oauth_client_details
|
Drop table if exists oauth_access_token;
|
||||||
-- ----------------------------
|
create table oauth_access_token (
|
||||||
|
create_time timestamp default now(),
|
||||||
|
token_id VARCHAR(255),
|
||||||
|
token BLOB,
|
||||||
|
authentication_id VARCHAR(255) UNIQUE,
|
||||||
|
user_name VARCHAR(255),
|
||||||
|
client_id VARCHAR(255),
|
||||||
|
authentication BLOB,
|
||||||
|
refresh_token VARCHAR(255)
|
||||||
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||||
|
|
||||||
|
|
||||||
|
Drop table if exists oauth_refresh_token;
|
||||||
|
create table oauth_refresh_token (
|
||||||
|
create_time timestamp default now(),
|
||||||
|
token_id VARCHAR(255),
|
||||||
|
token BLOB,
|
||||||
|
authentication BLOB
|
||||||
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||||
|
|
||||||
|
|
||||||
|
Drop table if exists oauth_code;
|
||||||
|
create table oauth_code (
|
||||||
|
create_time timestamp default now(),
|
||||||
|
code VARCHAR(255),
|
||||||
|
authentication BLOB
|
||||||
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
-- Add indexes
|
||||||
|
create index token_id_index on oauth_access_token (token_id);
|
||||||
|
create index authentication_id_index on oauth_access_token (authentication_id);
|
||||||
|
create index user_name_index on oauth_access_token (user_name);
|
||||||
|
create index client_id_index on oauth_access_token (client_id);
|
||||||
|
create index refresh_token_index on oauth_access_token (refresh_token);
|
||||||
|
|
||||||
|
create index token_id_index on oauth_refresh_token (token_id);
|
||||||
|
|
||||||
|
create index code_index on oauth_code (code);
|
||||||
|
|
||||||
|
|
||||||
|
INSERT INTO zyjblogs_rbac.oauth_client_details
|
||||||
|
(client_id, resource_ids, client_secret, `scope`, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove, trusted, archived)
|
||||||
|
VALUES('zyjblogs-rbac', 'zyjblogs-rbac', '$2a$10$Wk2w4OX5DpFgG3rBuhPnnulCSOIuU3TZhpWjaOq39LZnL.p0LJila', 'all', 'authorization_code,password,client_credentials,implicit,refresh_token', NULL, NULL, NULL, NULL, NULL, 'false', NULL, NULL);
|
||||||
|
|
||||||
-- zyjblogs_rbac.`user` definition
|
-- zyjblogs_rbac.`user` definition
|
||||||
DROP TABLE IF EXISTS `user`;
|
DROP TABLE IF EXISTS `user`;
|
||||||
|
|||||||
@ -6,6 +6,7 @@ import org.springframework.context.annotation.Configuration;
|
|||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurer;
|
||||||
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
|
||||||
@ -14,11 +15,19 @@ import org.springframework.security.oauth2.config.annotation.web.configurers.Aut
|
|||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
|
||||||
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
||||||
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
||||||
|
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
||||||
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
||||||
import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
|
import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.token.AccessTokenConverter;
|
||||||
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
|
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
|
||||||
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
|
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
|
||||||
|
import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||||
|
|
||||||
|
import javax.sql.DataSource;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author zhuyijun
|
* @author zhuyijun
|
||||||
@ -31,9 +40,10 @@ import org.springframework.security.oauth2.provider.token.TokenStore;
|
|||||||
@RequiredArgsConstructor
|
@RequiredArgsConstructor
|
||||||
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
|
public class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter {
|
||||||
private final TokenStore tokenStore;
|
private final TokenStore tokenStore;
|
||||||
private final ClientDetailsService clientDetailsService;
|
|
||||||
private final AuthenticationManager authenticationManager;
|
private final AuthenticationManager authenticationManager;
|
||||||
|
private final JwtAccessTokenConverter accessTokenConverter;
|
||||||
|
private final PasswordEncoder passwordEncoder;
|
||||||
|
private final DataSource dataSource;
|
||||||
/**
|
/**
|
||||||
* 令牌端点的安全约束
|
* 令牌端点的安全约束
|
||||||
*
|
*
|
||||||
@ -61,23 +71,7 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
|
|||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
|
||||||
clients
|
clients.withClientDetails(clientDetails(dataSource));
|
||||||
//存储方式
|
|
||||||
.inMemory()
|
|
||||||
//客户端id client_id
|
|
||||||
.withClient("zyjblogs-rbac")
|
|
||||||
//secret
|
|
||||||
.secret(new BCryptPasswordEncoder().encode("secret"))
|
|
||||||
//资源列表
|
|
||||||
.resourceIds("zyjblogs-rbac")
|
|
||||||
.authorizedGrantTypes("authorization_code",
|
|
||||||
"password", "client_credentials", "implicit", "refresh_token")
|
|
||||||
//允许授权封范围
|
|
||||||
.scopes("all")
|
|
||||||
//
|
|
||||||
.autoApprove(false)
|
|
||||||
//加上验证回调地址
|
|
||||||
.redirectUris("https://www.baidu.com");
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/***
|
/***
|
||||||
@ -93,7 +87,7 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
|
|||||||
//密码模式
|
//密码模式
|
||||||
authenticationManager(authenticationManager)
|
authenticationManager(authenticationManager)
|
||||||
//授权码模式
|
//授权码模式
|
||||||
.authorizationCodeServices(authorizationCodeServices())
|
.authorizationCodeServices(authorizationCodeServices(dataSource))
|
||||||
.tokenServices(tokenServices())
|
.tokenServices(tokenServices())
|
||||||
//允许表单认证
|
//允许表单认证
|
||||||
.allowedTokenEndpointRequestMethods(HttpMethod.POST);
|
.allowedTokenEndpointRequestMethods(HttpMethod.POST);
|
||||||
@ -107,19 +101,32 @@ public class AuthorizationServerConfiguration extends AuthorizationServerConfigu
|
|||||||
public AuthorizationServerTokenServices tokenServices(){
|
public AuthorizationServerTokenServices tokenServices(){
|
||||||
DefaultTokenServices tokenServices = new DefaultTokenServices();
|
DefaultTokenServices tokenServices = new DefaultTokenServices();
|
||||||
//客户端信息服务
|
//客户端信息服务
|
||||||
tokenServices.setClientDetailsService(clientDetailsService);
|
tokenServices.setClientDetailsService(clientDetails(dataSource));
|
||||||
|
|
||||||
//是否产生刷新令牌
|
//是否产生刷新令牌
|
||||||
tokenServices.setSupportRefreshToken(true);
|
tokenServices.setSupportRefreshToken(true);
|
||||||
//令牌储存策略
|
//令牌储存策略
|
||||||
tokenServices.setTokenStore(tokenStore);
|
tokenServices.setTokenStore(tokenStore);
|
||||||
|
tokenServices.setTokenEnhancer(accessTokenConverter);
|
||||||
|
|
||||||
//令牌默认有效期
|
//令牌默认有效期
|
||||||
tokenServices.setAccessTokenValiditySeconds(7200);
|
tokenServices.setAccessTokenValiditySeconds(7200);
|
||||||
//刷新令牌默认有效期3天
|
//刷新令牌默认有效期3天
|
||||||
tokenServices.setRefreshTokenValiditySeconds(259200);
|
tokenServices.setRefreshTokenValiditySeconds(259200);
|
||||||
|
|
||||||
return tokenServices;
|
return tokenServices;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public AuthorizationCodeServices authorizationCodeServices(){
|
public ClientDetailsService clientDetails(DataSource dataSource){
|
||||||
return new InMemoryAuthorizationCodeServices();
|
JdbcClientDetailsService jdbcClientDetailsService = new JdbcClientDetailsService(dataSource);
|
||||||
|
jdbcClientDetailsService.setPasswordEncoder(passwordEncoder);
|
||||||
|
return jdbcClientDetailsService;
|
||||||
}
|
}
|
||||||
|
@Bean
|
||||||
|
public AuthorizationCodeServices authorizationCodeServices(DataSource dataSource){
|
||||||
|
//设置授权码模式的授权码如何存取
|
||||||
|
return new JdbcAuthorizationCodeServices(dataSource);
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -4,16 +4,29 @@ import org.springframework.context.annotation.Bean;
|
|||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.oauth2.provider.token.TokenStore;
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
|
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author zhuyijun
|
* @author zhuyijun
|
||||||
*/
|
*/
|
||||||
@Configuration
|
@Configuration
|
||||||
public class TokenConfig {
|
public class TokenConfig {
|
||||||
//令牌存储策略
|
private String SIGNING_KEY="zyjblogs123";
|
||||||
|
/**
|
||||||
|
* 令牌存储策略
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
@Bean
|
@Bean
|
||||||
public TokenStore tokenStore(){
|
public TokenStore tokenStore(){
|
||||||
//内存方式,生成普通令牌
|
//JWT令牌存储方案
|
||||||
return new InMemoryTokenStore();
|
return new JwtTokenStore(accessTokenConverter());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public JwtAccessTokenConverter accessTokenConverter(){
|
||||||
|
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||||
|
converter.setSigningKey(SIGNING_KEY);
|
||||||
|
return converter;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -10,6 +10,12 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
|
|||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
||||||
|
import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService;
|
||||||
|
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
|
||||||
|
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
|
||||||
|
|
||||||
|
import javax.sql.DataSource;
|
||||||
|
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@ -25,7 +31,6 @@ public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
|
|||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 认证管理器
|
* 认证管理器
|
||||||
* @param
|
* @param
|
||||||
|
|||||||
@ -19,6 +19,9 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|||||||
@SpringBootApplication
|
@SpringBootApplication
|
||||||
public class RbacApplication {
|
public class RbacApplication {
|
||||||
public static void main(String[] args) {
|
public static void main(String[] args) {
|
||||||
|
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
|
||||||
|
|
||||||
|
System.out.println(bCryptPasswordEncoder.encode("secret"));
|
||||||
SpringApplication.run(RbacApplication.class, args);
|
SpringApplication.run(RbacApplication.class, args);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,6 @@
|
|||||||
package cn.zyjblogs.rbac.config.resource;
|
package cn.zyjblogs.rbac.config.resource;
|
||||||
|
|
||||||
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
@ -9,6 +10,7 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.R
|
|||||||
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
|
||||||
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
|
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
|
||||||
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
|
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;
|
||||||
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 资源服务
|
* 资源服务
|
||||||
@ -16,17 +18,16 @@ import org.springframework.security.oauth2.provider.token.ResourceServerTokenSer
|
|||||||
*/
|
*/
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableResourceServer
|
@EnableResourceServer
|
||||||
|
@RequiredArgsConstructor
|
||||||
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
||||||
private static final String RESOURCE_ID="zyjblogs-rbac";
|
private static final String RESOURCE_ID="zyjblogs-rbac";
|
||||||
public ResourceServerConfig() {
|
private final TokenStore tokenStore;
|
||||||
super();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
|
public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
|
||||||
resources.resourceId(RESOURCE_ID)
|
resources.resourceId(RESOURCE_ID)
|
||||||
// 验证令牌的服务
|
// 验证令牌的服务
|
||||||
.tokenServices(tokenServices())
|
.tokenStore(tokenStore)
|
||||||
.stateless(true);
|
.stateless(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -40,14 +41,5 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
|
|||||||
.sessionManagement()
|
.sessionManagement()
|
||||||
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean
|
|
||||||
public ResourceServerTokenServices tokenServices(){
|
|
||||||
RemoteTokenServices services = new RemoteTokenServices() ;
|
|
||||||
services.setCheckTokenEndpointUrl("http://127.0.0.1:9029/oauth/check_token");
|
|
||||||
services.setClientId(RESOURCE_ID);
|
|
||||||
services.setClientSecret("secret");
|
|
||||||
return services;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -0,0 +1,31 @@
|
|||||||
|
package cn.zyjblogs.rbac.config.security;
|
||||||
|
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.security.oauth2.provider.token.TokenStore;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
|
||||||
|
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author zhuyijun
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
public class TokenConfig {
|
||||||
|
private String SIGNING_KEY="zyjblogs123";
|
||||||
|
/**
|
||||||
|
* 令牌存储策略
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
@Bean
|
||||||
|
public TokenStore tokenStore(){
|
||||||
|
//JWT令牌存储方案
|
||||||
|
return new JwtTokenStore(accessTokenConverter());
|
||||||
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
|
public JwtAccessTokenConverter accessTokenConverter(){
|
||||||
|
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
|
||||||
|
converter.setSigningKey(SIGNING_KEY);
|
||||||
|
return converter;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user