Configuring resource server with RemoteTokenServices in Spring Security Oauth2

后端未结

关注

 4  2062

臣服心动 2021-01-03 06:58

I\'m trying to implement a authorization server and a resource server using spring security oauth2. So far i\'ve managed to setup the authorization server and since i dont w

4条回答

旧巷少年郎 (楼主)

2021-01-03 07:51

For some reason i couldn't get the xml configuration working to validate access tokens remotely. But I was able to setup oauth2 resource server using java config and it fixed the issue. Please find the code below.

@Configuration
@EnableWebSecurity
@EnableResourceServer
public class Oauth2ResesourceServerConfiguration  extends ResourceServerConfigurerAdapter{


    @Override
    public void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
                .antMatchers(HttpMethod.GET,"/api/**").access("#oauth2.hasScope('read')");
    }

    @Primary
    @Bean
    public RemoteTokenServices tokenService() {
        RemoteTokenServices tokenService = new RemoteTokenServices();
        tokenService.setCheckTokenEndpointUrl(
                "https://localhost:8443/auth-server/oauth/check_token");
        tokenService.setClientId("client-id");
        tokenService.setClientSecret("client-secret");
        return tokenService;
    }



}

0 讨论(0)

查看其它4个回答