From c5f9146bac3cbcd44160e21f96228dce82574000 Mon Sep 17 00:00:00 2001
From: YoVinchen <gzh298255@gmail.com>
Date: Mon, 21 Aug 2023 09:51:30 +0800
Subject: [PATCH] =?UTF-8?q?5=E7=A7=8D=E6=8E=88=E6=9D=83=E6=A8=A1=E5=BC=8F?=
 =?UTF-8?q?=EF=BC=8C=E5=9F=BA=E7=A1=80=E6=8E=88=E6=9D=83?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../main/java/com/test/config/OAuth2Configuration.java | 10 ++++++++--
 .../java/com/test/config/SecurityConfiguration.java    |  7 +++++++
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/auth-service/src/main/java/com/test/config/OAuth2Configuration.java b/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
index 1181f5c..1cb3888 100644
--- a/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
+++ b/auth-service/src/main/java/com/test/config/OAuth2Configuration.java
@@ -2,6 +2,7 @@ package com.test.config;
 
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
@@ -38,6 +39,7 @@ public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {
                 .withClient("web")   //客户端名称，随便起就行
                 .secret(encoder.encode("654321"))      //只与客户端分享的secret，随便写，但是注意要加密
                 .autoApprove(false)    //自动审批，这里关闭，要的就是一会体验那种感觉
+                .redirectUris("http://localhost:8201/login")   //可以写多个，当有多个时需要在验证请求中指定使用哪个地址进行回调
                 .scopes("book", "user", "borrow")     //授权范围，这里我们使用全部all
                 .authorizedGrantTypes("client_credentials", "password", "implicit", "authorization_code", "refresh_token");
         //授权模式，一共支持5种，除了之前我们介绍的四种之外，还有一个刷新Token的模式
@@ -52,9 +54,13 @@ public class OAuth2Configuration extends AuthorizationServerConfigurerAdapter {
                 .checkTokenAccess("permitAll()");     //允许所有的Token查询请求
     }
 
+    @Resource
+    UserDetailsService service;
+
     @Override
     public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
-        endpoints.authenticationManager(manager);
-        //由于SpringSecurity新版本的一些底层改动，这里需要配置一下authenticationManager，才能正常使用password模式
+        endpoints
+                .userDetailsService(service)
+                .authenticationManager(manager);
     }
 }
diff --git a/auth-service/src/main/java/com/test/config/SecurityConfiguration.java b/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
index b246bea..73e6b52 100644
--- a/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
+++ b/auth-service/src/main/java/com/test/config/SecurityConfiguration.java
@@ -6,6 +6,7 @@ import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 /**
@@ -37,4 +38,10 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
     public AuthenticationManager authenticationManagerBean() throws Exception {
         return super.authenticationManagerBean();
     }
+
+    @Bean
+    @Override
+    protected UserDetailsService userDetailsService() {
+        return super.userDetailsService();
+    }
 }