OAuth2RestTemplate实现远程调用

2023-08-21 10:54:45 +08:00 · 2023-08-21 10:54:45 +08:00 · a8369b32a2
commit a8369b32a2
parent c4256d46f9
9 changed files with 68 additions and 23 deletions
--- a/book-service/src/main/java/com/test/BookApplication.java
+++ b/book-service/src/main/java/com/test/BookApplication.java
@ -3,6 +3,7 @@ package com.test;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

 /**
 * ClassName: BookApplication
@ -11,7 +12,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth
 * @author yovinchen
 * @Create 2023/8/14 16:23
 */
-@EnableOAuth2Sso
+@EnableResourceServer
@SpringBootApplication
 public class BookApplication {
    public static void main(String[] args) {
--- a/book-service/src/main/java/com/test/config/ResourceConfiguration.java
+++ b/book-service/src/main/java/com/test/config/ResourceConfiguration.java
@ -0,0 +1,24 @@
+package com.test.config;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
+
+/**
+ * ClassName: con
+ * Package: com.test.config
+ *
+ * @author yovinchen
+ * @Create 2023/8/21 10:23
+ */
+@Configuration
+public class ResourceConfiguration extends ResourceServerConfigurerAdapter { //继承此类进行高度自定义
+
+    @Override
+    public void configure(HttpSecurity http) throws Exception {  //这里也有HttpSecurity对象，方便我们配置SpringSecurity
+        http
+                .authorizeRequests()
+                .anyRequest().access("#oauth2.hasScope('lbwnb')");  //添加自定义规则
+        //Token必须要有我们自定义scope授权才可以访问此资源
+    }
+}
--- a/book-service/src/main/resources/application.yml
+++ b/book-service/src/main/resources/application.yml
@ -9,13 +9,9 @@ spring:
 security:
  oauth2:
    client:
-      #不多说了
+      #基操
      client-id: web
      client-secret: 654321
-      #Token获取地址
-      access-token-uri: http://localhost:8500/sso/oauth/token
-      #验证页面地址
-      user-authorization-uri: http://localhost:8500/sso/oauth/authorize
    resource:
-      #Token信息获取和校验地址
+      #因为资源服务器得验证你的Token是否有访问此资源的权限以及用户信息，所以只需要一个验证地址
      token-info-uri: http://localhost:8500/sso/oauth/check_token
--- a/borrow-service/src/main/java/com/test/BorrowApplication.java
+++ b/borrow-service/src/main/java/com/test/BorrowApplication.java
@ -3,6 +3,7 @@ package com.test;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

 /**
 * ClassName: BorrowApplication
@ -11,7 +12,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth
 * @author yovinchen
 * @Create 2023/8/14 16:25
 */
-@EnableOAuth2Sso
+@EnableResourceServer
@SpringBootApplication
 public class BorrowApplication {
    public static void main(String[] args) {
--- a/borrow-service/src/main/java/com/test/config/WebConfiguration.java
+++ b/borrow-service/src/main/java/com/test/config/WebConfiguration.java
@ -0,0 +1,28 @@
+package com.test.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.oauth2.client.OAuth2ClientContext;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
+import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails;
+
+import javax.annotation.Resource;
+
+/**
+ * ClassName: ma
+ * Package: com.test.config
+ *
+ * @author yovinchen
+ * @Create 2023/8/21 10:52
+ */
+@Configuration
+public class WebConfiguration {
+
+    @Resource
+    OAuth2ClientContext context;
+
+    @Bean
+    public OAuth2RestTemplate restTemplate(){
+        return new OAuth2RestTemplate(new ClientCredentialsResourceDetails(), context);
+    }
+}
--- a/borrow-service/src/main/java/com/test/service/impl/BorrowServiceImpl.java
+++ b/borrow-service/src/main/java/com/test/service/impl/BorrowServiceImpl.java
@ -8,6 +8,7 @@ import com.test.entity.User;
 import com.test.entity.UserBorrowDetail;
 import com.test.mapper.BorrowMapper;
 import com.test.service.BorrowService;
+import org.springframework.security.oauth2.client.OAuth2RestTemplate;
 import org.springframework.stereotype.Service;
 import org.springframework.web.client.RestTemplate;

@ -28,11 +29,12 @@ public class BorrowServiceImpl implements BorrowService {
    @Resource
    BorrowMapper mapper;

+    @Resource
+    OAuth2RestTemplate template;
+
    @Override
    public UserBorrowDetail getUserBorrowDetailByUid(int uid) {
        List<Borrow> borrow = mapper.getBorrowsByUid(uid);
-        //RestTemplate支持多种方式的远程调用
-        RestTemplate template = new RestTemplate();
        //这里通过调用getForObject来请求其他服务，并将结果自动进行封装
        //获取User信息
        User user = template.getForObject("http://localhost:8101/user/" + uid, User.class);
--- a/borrow-service/src/main/resources/application.yml
+++ b/borrow-service/src/main/resources/application.yml
@ -9,13 +9,9 @@ spring:
 security:
  oauth2:
    client:
-      #不多说了
+      #基操
      client-id: web
      client-secret: 654321
-      #Token获取地址
-      access-token-uri: http://localhost:8500/sso/oauth/token
-      #验证页面地址
-      user-authorization-uri: http://localhost:8500/sso/oauth/authorize
    resource:
-      #Token信息获取和校验地址
+      #因为资源服务器得验证你的Token是否有访问此资源的权限以及用户信息，所以只需要一个验证地址
      token-info-uri: http://localhost:8500/sso/oauth/check_token
--- a/user-service/src/main/java/com/test/UserApplication.java
+++ b/user-service/src/main/java/com/test/UserApplication.java
@ -3,6 +3,7 @@ package com.test;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

 /**
 * ClassName: UserApplication
@ -11,7 +12,7 @@ import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth
 * @author yovinchen
 * @Create 2023/8/14 16:26
 */
-@EnableOAuth2Sso
+@EnableResourceServer
@SpringBootApplication
 public class UserApplication {
    public static void main(String[] args) {
--- a/user-service/src/main/resources/application.yml
+++ b/user-service/src/main/resources/application.yml
@ -9,13 +9,9 @@ spring:
 security:
  oauth2:
    client:
-      #不多说了
+      #基操
      client-id: web
      client-secret: 654321
-      #Token获取地址
-      access-token-uri: http://localhost:8500/sso/oauth/token
-      #验证页面地址
-      user-authorization-uri: http://localhost:8500/sso/oauth/authorize
    resource:
-      #Token信息获取和校验地址
+      #因为资源服务器得验证你的Token是否有访问此资源的权限以及用户信息，所以只需要一个验证地址
      token-info-uri: http://localhost:8500/sso/oauth/check_token