如何在 OAuth2 spring 引导中使用 mytable 更改 jdbc 模式用户
How to Change jdbc schema users with mytable in OAuth2 spring boot
我必须使用我的table 名称更改默认架构用户的名称。
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private DataSource dataSource;
@Bean
TokenStore jdbcTokenStore() {
return new JdbcTokenStore(dataSource);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(jdbcTokenStore());
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
}
这是我的安全配置class
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
public UserDetailsService userDetailsService(DataSource dataSource) {
JdbcUserDetailsManager jdbcUserDetailsManager = new JdbcUserDetailsManager(dataSource);
jdbcUserDetailsManager.setUsersByUsernameQuery("select USER_LOGIN_ID,USER_PASSWORD "
+ "from MY_TABLE "
+ "where USER_LOGIN_ID = ?");
return jdbcUserDetailsManager;
}
@Bean
public PasswordEncoder getPasswordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
@Bean
GrantedAuthorityDefaults grantedAuthorityDefaults() {
return new GrantedAuthorityDefaults(""); // Remove the ROLE_ prefix
}
}
这是我的资源服务器
@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/secure").authenticated();
}
}
我在这里创建了客户table
这里是哪个
@Entity
@Table(name = "MY_TABLE")
public class MyTable {
@Column(name = "USER_LOGIN_ID", nullable = false, unique = true)
private String userLoginId;
@Column(name = "USER_PASSWORD", nullable = false)
private String userPassword;
}
这里 url 我用的
http://localhost:8081/oauth/token?grant_type=密码&用户名=用户&密码=用户
它正在抛出错误
{
“时间戳”:1621689938591,
“状态”:401,
“错误”:“未经授权”,
"message": "未经授权",
“路径”:“/oauth/token”
}
要使用您自己的 table,您必须使用 authenticationmanager 从 table 中读取用户,如下所示。它应该能够提供用户和权限的详细信息。
您可以创建自己的配置 class 扩展 WebSecurityConfigurerAdapter 并重写配置方法,如下所示。
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication()
.dataSource(dataSource)
.usersByUsernameQuery("select userid,password,enabled "
+ "from yourtable"
+ "where userid = ?")
.authoritiesByUsernameQuery("select userid,authority "
+ "from yourauthoritytable"
+ "where userid= ?");
}
除了@berzerk 的回答之外,您还可以使用更现代的方法来代替 AuthenticationManagerBuilder。
您可以为自定义查询提供自己的 UserDetailsService bean。
@Bean
public UserDetailsService userDetailsService(DataSource dataSource) {
JdbcUserDetailsManager jdbcUserDetailsManager = new JdbcUserDetailsManager(dataSource);
jdbcUserDetailsManager.setUsersByUsernameQuery("select username,password,enabled "
+ "from mytable "
+ "where username = ?");
return jdbcUserDetailsManager;
}
请注意,如果您更改了 authorities table 或 JdbcUserDetailsManager 默认使用的任何其他 table,您应该按照与之前相同的方式更改查询完成 setUsersByUsernameQuery
您还可以参考 Spring Security docs 了解有关 UserDetailsService 自定义实现的更多详细信息。
我必须使用我的table 名称更改默认架构用户的名称。
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private DataSource dataSource;
@Bean
TokenStore jdbcTokenStore() {
return new JdbcTokenStore(dataSource);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.tokenStore(jdbcTokenStore());
endpoints.authenticationManager(authenticationManager);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.tokenKeyAccess("permitAll()").checkTokenAccess("isAuthenticated()");
}
}
这是我的安全配置class
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Bean
public UserDetailsService userDetailsService(DataSource dataSource) {
JdbcUserDetailsManager jdbcUserDetailsManager = new JdbcUserDetailsManager(dataSource);
jdbcUserDetailsManager.setUsersByUsernameQuery("select USER_LOGIN_ID,USER_PASSWORD "
+ "from MY_TABLE "
+ "where USER_LOGIN_ID = ?");
return jdbcUserDetailsManager;
}
@Bean
public PasswordEncoder getPasswordEncoder() {
return NoOpPasswordEncoder.getInstance();
}
@Bean
GrantedAuthorityDefaults grantedAuthorityDefaults() {
return new GrantedAuthorityDefaults(""); // Remove the ROLE_ prefix
}
}
这是我的资源服务器
@Configuration
@EnableResourceServer
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {
@Override
public void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/").permitAll()
.antMatchers("/secure").authenticated();
}
}
我在这里创建了客户table
这里是哪个
@Entity
@Table(name = "MY_TABLE")
public class MyTable {
@Column(name = "USER_LOGIN_ID", nullable = false, unique = true)
private String userLoginId;
@Column(name = "USER_PASSWORD", nullable = false)
private String userPassword;
}
这里 url 我用的
http://localhost:8081/oauth/token?grant_type=密码&用户名=用户&密码=用户
它正在抛出错误
{ “时间戳”:1621689938591, “状态”:401, “错误”:“未经授权”, "message": "未经授权", “路径”:“/oauth/token” }
要使用您自己的 table,您必须使用 authenticationmanager 从 table 中读取用户,如下所示。它应该能够提供用户和权限的详细信息。 您可以创建自己的配置 class 扩展 WebSecurityConfigurerAdapter 并重写配置方法,如下所示。
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.jdbcAuthentication()
.dataSource(dataSource)
.usersByUsernameQuery("select userid,password,enabled "
+ "from yourtable"
+ "where userid = ?")
.authoritiesByUsernameQuery("select userid,authority "
+ "from yourauthoritytable"
+ "where userid= ?");
}
除了@berzerk 的回答之外,您还可以使用更现代的方法来代替 AuthenticationManagerBuilder。
您可以为自定义查询提供自己的 UserDetailsService bean。
@Bean
public UserDetailsService userDetailsService(DataSource dataSource) {
JdbcUserDetailsManager jdbcUserDetailsManager = new JdbcUserDetailsManager(dataSource);
jdbcUserDetailsManager.setUsersByUsernameQuery("select username,password,enabled "
+ "from mytable "
+ "where username = ?");
return jdbcUserDetailsManager;
}
请注意,如果您更改了 authorities table 或 JdbcUserDetailsManager 默认使用的任何其他 table,您应该按照与之前相同的方式更改查询完成 setUsersByUsernameQuery
您还可以参考 Spring Security docs 了解有关 UserDetailsService 自定义实现的更多详细信息。