Kel*_*lyM 2 java spring oauth spring-security
我正在使用 Spring Boot 和 Spring Security 构建启用 OAuth2 的应用程序。最初,我使用了此处注明的架构。这样,我至少能够使应用程序正常运行。但是,我希望数据库对象的命名方式略有不同 - 特别是使用 PascalCase 而不是下划线。
例如,代替
CREATE TABLE [dbo].[oauth_client_details](
[client_id] [varchar](256) NOT NULL,
[resource_ids] [varchar](256) NULL,
[client_secret] [varchar](256) NULL,
[scope] [varchar](256) NULL,
[authorized_grant_types] [varchar](256) NULL,
[web_server_redirect_uri] [varchar](256) NULL,
[authorities] [varchar](256) NULL,
[access_token_validity] [int] NULL,
[refresh_token_validity] [int] NULL,
[additional_information] [varchar](4096) NULL,
[autoapprove] [varchar](256) NULL,
PRIMARY KEY CLUSTERED
(
[client_id] ASC
)
我想拥有:
CREATE TABLE [dbo].[OAuthClientDetails](
[ClientID] [nvarchar](256) NOT NULL,
[ResourceIDs] [nvarchar](256) NULL,
[ClientSecret] [nvarchar](256) NOT NULL,
[Scope] [nvarchar](256) NULL,
[AuthorizedGrantTypes] [nvarchar](256) NOT NULL,
[AccessTokenValidity] [int] NULL,
[RefreshTokenValidity] [int] NULL,
CONSTRAINT [PK_OAuthClientDetails] PRIMARY KEY CLUSTERED
(
[ClientID] ASC
)
我不确定如何(或是否可能)超越这些期望。例如,当我尝试使用 PascalCase 数据库时,它仍然期待原始命名样式。我在请求令牌时收到以下信息:
"message": "PreparedStatementCallback; bad SQL grammar [select client_id, client_secret, resource_ids, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove from oauth_client_details where client_id = ?]; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: Invalid object name 'oauth_client_details'.",
"path": "/oauth/token"
我的 AuthServerConfig:
@EnableAuthorizationServer
@Configuration
public class AuthServerConfig extends AuthorizationServerConfigurerAdapter{
@Autowired
private TokenStore tokenStore;
@Autowired
private AccessTokenConverter converter;
private final AppConfig appConfig;
private AuthenticationManager authenticationManager;
@Autowired
public AuthServerConfig(AuthenticationManager authenticationManager, AppConfig appConfig) {
this.authenticationManager = authenticationManager;
this.appConfig = appConfig;
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
security.checkTokenAccess("permitAll()");
security.tokenKeyAccess("permitAll()");
}
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
configurer.jdbc(appConfig.dataSource());
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
endpoints.tokenStore(tokenStore)
.accessTokenConverter(converter)
.authenticationManager(authenticationManager);
}
@Bean
@Primary //Making this primary to avoid any accidental duplication with another token service instance of the same name
public DefaultTokenServices tokenServices() {
DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
defaultTokenServices.setTokenStore(tokenStore);
defaultTokenServices.setSupportRefreshToken(true);
return defaultTokenServices;
}
我的 AppConfig 类:
@Configuration
public class AppConfig {
@Value("${spring.datasource.url}")
private String datasourceUrl;
@Value("${spring.datasource.driverClassName}")
private String dbDriverClassName;
@Value("${spring.datasource.username}")
private String dbUsername;
@Value("${spring.datasource.password}")
private String dbPassword;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public DataSource dataSource() {
final DriverManagerDataSource dataSource = new DriverManagerDataSource();
dataSource.setDriverClassName(dbDriverClassName);
dataSource.setUrl(datasourceUrl);
dataSource.setUsername(dbUsername);
dataSource.setPassword(dbPassword);
return dataSource;
}
// Reference: http://www.baeldung.com/spring-security-oauth-jwt
/* !!!!!!!!!!!!!!!!!!!!!!!!!!
** TODO
* Secure key file for deployment.
!!!!!!!!!!!!!!!!!!!! */
@Bean
public JwtAccessTokenConverter accessTokenConverter() {
JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
KeyStoreKeyFactory keyStoreKeyFactory =
new KeyStoreKeyFactory(new ClassPathResource("mytest.jks"), "mypass".toCharArray());
converter.setKeyPair(keyStoreKeyFactory.getKeyPair("mytest"));
return converter;
}
@Bean
public TokenStore tokenStore() {
return new JwtTokenStore(accessTokenConverter());
}
NOTE: the schema for the JDBC service is not packaged with the library (because there are too many variations you might like to use in practice), but there is an example you can start from in the test code in github.
但是,它似乎确实对结构做出了一些假设。例如,我从未明确“告诉”应用程序使用名为o_auth_client_details.
任何指导将不胜感激。谢谢。
您可以自定义JdbcClientDetailsService,请参阅
setDeleteClientDetailsSql setFindClientDetailsSql setInsertClientDetailsSql setSelectClientDetailsSql setUpdateClientDetailsSql setUpdateClientSecretSql 并将其添加到您的配置器中,请参阅ClientDetailsServiceConfigurer#withClientDetails:
与客户详细信息
Run Code Online (Sandbox Code Playgroud)public ClientDetailsServiceBuilder<?> withClientDetails(ClientDetailsService clientDetailsService) throws Exception
您修改后的代码:
@Override
public void configure(ClientDetailsServiceConfigurer configurer) throws Exception {
JdbcClientDetailsService clientDetailsService= new JdbcClientDetailsService(appConfig.dataSource());
clientDetailsService.setDeleteClientDetailsSql(myDeleteClientDetailsSql);
clientDetailsService.setFindClientDetailsSql(myFindClientDetailsSql);
clientDetailsService.setInsertClientDetailsSql(myInsertClientDetailsSql);
clientDetailsService.setInsertClientDetailsSql(myInsertClientDetailsSql);
clientDetailsService.setSelectClientDetailsSql(mySelectClientDetailsSql);
clientDetailsService.setUpdateClientDetailsSql(myUpdateClientDetailsSql);
clientDetailsService.setUpdateClientSecretSql(myUpdateClientSecretSql);
configurer.withClientDetails(clientDetailsService);
}
| 归档时间: |
|
| 查看次数: |
2783 次 |
| 最近记录: |