package com.gk.firework.Config.Oauth2; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter; /** * 配置oauth2.0 * * @author zhangby * @date 2019/2/27 11:27 AM */ @Configuration @EnableAuthorizationServer public class OAuth2Config extends AuthorizationServerConfigurerAdapter { @Override public void configure(ClientDetailsServiceConfigurer clients) throws Exception { clients.inMemory() .withClient("uaa-service") .secret("123456") .scopes("service") .autoApprove(true) .authorizedGrantTypes("implicit", "refresh_token", "password", "authorization_code") //18小时过期 .refreshTokenValiditySeconds(18*60*60) .accessTokenValiditySeconds(18*60*60); } @Override public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception { endpoints.tokenStore(tokenStore) .tokenEnhancer(tokenConverter) .reuseRefreshTokens(false) .authenticationManager(authenticationManager) .userDetailsService(userServiceDetail); } @Autowired private LoginAuthenticationFilter loginAuthenticationFilter; @Override public void configure(AuthorizationServerSecurityConfigurer security) throws Exception { security.allowFormAuthenticationForClients() .tokenKeyAccess("isAuthenticated()") .checkTokenAccess("permitAll()") .addTokenEndpointAuthenticationFilter(loginAuthenticationFilter); } @Autowired private UserServiceDetail userServiceDetail; @Autowired @Qualifier("authenticationManagerBean") private AuthenticationManager authenticationManager; @Autowired TokenStore tokenStore; @Autowired JwtAccessTokenConverter tokenConverter; }