1. 技术文章
  2. 学习笔记:微服务13 spring boot2.x oauth2-client

学习笔记:微服务13 spring boot2.x oauth2-client

倾然丶 夕夏残阳落幕 提交于 2019-11-26 09:15:31

前面oauth2 server设置好了,登录oauth2 server正常,但另外建一个oauth2 client 总是不能登录认证,网上说是spring boot 2 中去除了@EnableOAuth2Sso注解,今天终于找到适合我的spring boot 2.11的oauth2 client,实现了客户端认证。

1.新建spring start project 项目,我命名为microservice-oauth2-client-8805

2.pom.xml,上全文吧

  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  3. 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
  4. 	<modelVersion>4.0.0</modelVersion>
  5. 	<parent>
  6. 		<groupId>org.springframework.boot</groupId>
  7. 		<artifactId>spring-boot-starter-parent</artifactId>
  8. 		<version>2.1.1.RELEASE</version>
  9. 		<relativePath/> <!-- lookup parent from repository -->
  10. 	</parent>
  11. 	<groupId>com.linbsoft</groupId>
  12. 	<artifactId>microservice-oauth2-client-8805</artifactId>
  13. 	<version>0.0.1-SNAPSHOT</version>
  14. 	<name>microservice-oauth2-client-8805</name>
  15. 	<description>Demo project for Spring Boot microservice-oauth2-client-8805</description>
  16.  
  17. 	<properties>
  18. 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  19. 		<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
  20. 		<java.version>1.8</java.version>
  21. 		<spring-cloud.version>Greenwich.M3</spring-cloud.version><!-- Finchley.M8 -->
  22. 	</properties>
  23. 	<dependencies>
  24. 		<dependency>
  25. 			<groupId>org.springframework.boot</groupId>
  26. 			<artifactId>spring-boot-starter-web</artifactId>
  27. 		</dependency>
  28.         <dependency>
  29.             <groupId>org.springframework.cloud</groupId>
  30.             <artifactId>spring-cloud-starter-netflix-eureka-client</artifactId>
  31.         </dependency>
  32.       <dependency> 
  33.         <groupId>org.springframework.cloud</groupId>
  34.         <artifactId>spring-cloud-starter-config</artifactId>
  35.        </dependency>
  36.        <dependency>
  37.             <groupId>org.springframework.boot</groupId>
  38.             <artifactId>spring-boot-starter-security</artifactId>
  39.         </dependency>     
  40.          <dependency>
  41.             <groupId>org.springframework.security</groupId>
  42.             <artifactId>spring-security-oauth2-client</artifactId>
  43.         </dependency>      
  44.        <dependency>
  45.             <groupId>org.springframework.security</groupId>
  46.             <artifactId>spring-security-oauth2-jose</artifactId>
  47.         </dependency>
  48.         <dependency>
  49.             <groupId>org.springframework.security.oauth</groupId>
  50.             <artifactId>spring-security-oauth2</artifactId>
  51.             <version>2.3.3.RELEASE</version>
  52.         </dependency>       
  53.        
  54.  
  55. 		<dependency>
  56. 			<groupId>org.springframework.boot</groupId>
  57. 			<artifactId>spring-boot-starter-test</artifactId>
  58. 			<scope>test</scope>
  59. 		</dependency>
  60. 	</dependencies>
  61. 	<dependencyManagement>
  62. 		<dependencies>
  63. 			<dependency>
  64. 				<groupId>org.springframework.cloud</groupId>
  65. 				<artifactId>spring-cloud-dependencies</artifactId>
  66. 				<version>${spring-cloud.version}</version>
  67. 				<type>pom</type>
  68. 				<scope>import</scope>
  69. 			</dependency>
  70. 		</dependencies>
  71. 	</dependencyManagement>
  72. 		<repositories>
  73. 		<repository>
  74. 			<id>spring-milestones</id>
  75. 			<name>Spring Milestones</name>
  76. 			<url>https://repo.spring.io/milestone</url>
  77. 			<snapshots>
  78. 				<enabled>false</enabled>
  79. 			</snapshots>
  80. 		</repository>
  81. 	</repositories>
  82.  
  83. 	<build>
  84. 		<plugins>
  85. 			<plugin>
  86. 				<groupId>org.springframework.boot</groupId>
  87. 				<artifactId>spring-boot-maven-plugin</artifactId>
  88. 			</plugin>
  89. 		</plugins>
  90. 	</build>
  91.  
  92. </project>

3. application.peoperties

  1. server.port: 8805
  2. spring.application.name=MicroserviceOauth2Client8805
  3. spring.cloud.discovery.enabled=true
  4. eureka.client.serviceUrl.defaultZone=http://admin:123@centos7.linbsoft.com:8101/eureka/,http://admin:123@microservice1.linbsoft.com:8102/eureka/
  5. # logging.level.root= debug
  6.  
  7. spring.security.oauth2.client.registration.my-client-1.client-id=admin
  8. spring.security.oauth2.client.registration.my-client-1.client-secret=123456
  9. spring.security.oauth2.client.registration.my-client-1.client-name=admin
  10. spring.security.oauth2.client.registration.my-client-1.scope=read
  11. spring.security.oauth2.client.registration.my-client-1.redirect-uri=http://microservice1.linbsoft.com:8805/login/oauth2/code/callback
  12. spring.security.oauth2.client.registration.my-client-1.client-authentication-method=basic
  13. spring.security.oauth2.client.registration.my-client-1.authorization-grant-type=authorization_code
  14. spring.security.oauth2.client.registration.my-client-1.provider=my-oauth-provider
  15. spring.security.oauth2.client.provider.my-oauth-provider.authorization-uri=http://centos7.linbsoft.com:8301/oauth/authorize
  16. spring.security.oauth2.client.provider.my-oauth-provider.token-uri=http://centos7.linbsoft.com:8301/oauth/token
  17. spring.security.oauth2.client.provider.my-oauth-provider.user-info-uri=http://centos7.linbsoft.com:8301/user
  18. spring.security.oauth2.client.provider.my-oauth-provider.user-name-attribute=name

这里要注意的是redirect-uri 和 oauth2 server不要相同域名,这个后面会说到为什么

4. 创建测试资源 ExampleController类

@RestController
public class ExampleController {

    @RequestMapping("/")
    public String email(Principal principal) {
        return "Hello " + principal.getName();
    }
    @RequestMapping("/hello")
    public String emailaa(Principal principal) {
        return "Hello1 " + principal.getName();
    }
}

5.修改 oauth2 server 增加对这个网站的回地址注册

在这个public void configure(ClientDetailsServiceConfigurer clients) 里

       clients.inMemory()
                .withClient("admin")
                .scopes("read")
                .secret(new BCryptPasswordEncoder().encode("123456"))
                .redirectUris("http://centos7.linbsoft.com:8301","http://microservice1.linbsoft.com:8805/login/oauth2/code/callback")
                .authorizedGrantTypes("password", "authorization_code", "refresh_token")

加入了http://microservice1.linbsoft.com:8805/login/oauth2/code/callback

6. 测试

结果出错了,提示[authorization_request_not_found]

后来看到网友文章说是定位到session=null,有个说法是因为oauth2客户端和服务端以都在同一个服务器地址,都在同一个浏览器,网友的原话是【这些错误意味着没有找到授权请求。 authorization request存储在会话中,所以一些会话没有被存储。 默认情况下会话由cookie管理。所以我认为这可能是因为你正在本地主机上运行所有东西,所以第一个cookie由localhost:8080设置以存储授权请求会话数据,并且当你登录到localhost:8081时,它将为其会话设置另一个cookie。】

怎么解决呢,想到的是把oauth2客户端和服务端的域名区分开来,因此,虽然在同一个ip,但设置两个域名:

192.168.49.141    centos7.linbsoft.com
192.168.49.141    microservice1.linbsoft.com
然后,oauth2 server 按部署在centos7.linbsoft.com:8301使用,而oauth2 client 按部署在microservice1.linbsoft.com:8805上使用,果然正常了。

oauth2客户端顺利登录oauth2服务器认证后访问客户端保护资源

 

 

前面oauth2 server设置好了,登录oauth2 server正常,但另外建一个oauth2 client 总是不能登录认证,网上说是spring boot 2 中去除了@EnableOAuth2Sso注解,今天终于找到适合我的spring boot 2.11的oauth2 client,实现了客户端认证。

标签
oauth2
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!