Ouath2.0在SpringCloud下获取授权码,验证授权码,刷新授权码
本文不主要介绍SpringCloud的其他组件,只展示Ouath2.0的集成代码,并演示授权码的获取,检验,刷新,展示其他模块是因为在Ouath2.0里面怕有人问这数据从哪里来的,如果觉得环境太麻烦,就直接看Ouath2.0服务的CustomUserService类实现,写些死数据就不需要集成其他服务依赖了,只需要关注Ouath2.0服务即可。
1. 环境介绍
JAVA语言,JDK1.8,IDEA2018.2.4,SpringBoot,SpringCloud,PostMan接口测试,谷歌浏览器,
2. 项目工程图
- Eureka注册中心
- Ouath2.0服务
- 用户服务模块
用户服务模块内容不利于介绍Ouath2.0展示,用户服务模块的主要作用是提供Ouath2.0的用户查询与角色查询,并把查询的数据注入Ouath2.0里面去,这里展示主要代码接口。 Ouath2.0服务主要是Fegin调用这个接口获取用户数据。
//根据邮箱号码获取管理员具体信息
@PostMapping("/queryManagerUserInfo")
String queryManagerUserInfo(@RequestParam("email") String email);
//根据管理员ID获取相匹配的所有角色
@PostMapping("/queryManagerUserAndRole")
String queryManagerUserAndRole(@RequestParam("id") Long id);
展示一下我的接口请求的效果
上面的请求结果中演示的话其实并不需要这么多数据,第一个接口最主要的数据是email和password,第二个接口最主要的数据是codeName。
3. Ouath2.0服务模块介绍
项目图
POM文件
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.fenghua</groupId>
<artifactId>tm_springcloud_oauth2_service</artifactId>
<version>1.0-SNAPSHOT</version>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.0.1.RELEASE</version>
</parent>
<!-- 管理依赖 -->
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Finchley.M7</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<!-- SpringBoot整合Web组件 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<!-->spring-boot 整合security -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<!-- spring-cloud-starter-oauth2 -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<!-- springboot整合freemarker -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-freemarker</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>com.fenghua</groupId>
<artifactId>tm_springcloud_api_user</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.49</version>
</dependency>
</dependencies>
<!-- 注意: 这里必须要添加, 否者各种依赖有问题 -->
<repositories>
<repository>
<id>spring-milestones</id>
<name>Spring Milestones</name>
<url>https://repo.spring.io/libs-milestone</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
</project>
application.yml
server:
port: 8500
spring:
datasource:
hikari:
connection-test-query: SELECT 1
minimum-idle: 1
maximum-pool-size: 5
pool-name: dbcp1
driver-class-name: com.mysql.jdbc.Driver
url: jdbc:mysql://localhost:3306/tm_springcloud_oauth2?useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2b8
username: root
password: 123456
application:
name: tm-fenghua-oauth2
jackson:
time-zone: GMT+8
###注册中心
eureka:
client:
serviceUrl:
defaultZone: http://localhost:8100/eureka
AppOauth2Server类
package com.fenghua.oauth2;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.netflix.eureka.EnableEurekaClient;
import org.springframework.cloud.openfeign.EnableFeignClients;
@SpringBootApplication
@EnableFeignClients
@EnableEurekaClient
public class AppOauth2Server {
public static void main(String[] args) {
SpringApplication.run(AppOauth2Server.class, args);
}
}
IUserServiceFegin类
package com.fenghua.oauth2.fegin;
import com.fenghua.oauth2.fegin.fallback.UserFallBack;
import com.tm.user.api.IUserApi;
import org.springframework.cloud.openfeign.FeignClient;
/************************
* @作者 fenghua
* @创建日期 2019/5/13 14:44
* @功能 RPC远程调用
************************/
@FeignClient(value = "tm-fenghua-user",fallback = UserFallBack.class)
public interface IUserServiceFegin extends IUserApi {
}
UserFallBack类
package com.fenghua.oauth2.fegin.fallback;
import com.alibaba.fastjson.JSON;
import com.fenghua.oauth2.fegin.IUserServiceFegin;
import com.tm.common.Response;
import com.tm.common.ResponseCode;
import org.springframework.stereotype.Component;
/************************
* @作者 fenghua
* @创建日期 2019/5/13 14:44
* @功能 服务降级处理
************************/
@Component
public class UserFallBack implements IUserServiceFegin {
@Override
public String queryManagerUserInfo(String email) {
return JSON.toJSONString(new Response(ResponseCode.SERVER_DOWNGRADE, "服务降级"));
}
@Override
public String queryManagerUserAndRole(Long id) {
return JSON.toJSONString(new Response(ResponseCode.SERVER_DOWNGRADE, "服务降级"));
}
}
ResManagerUser类
package com.fenghua.oauth2.config.entity;
import java.io.Serializable;
public class ResManagerUser implements Serializable {
/**
* code : 10001
* data : {"address":"贵阳学院","createtime":"2019-05-22T16:02:36","email":"[email protected]","id":2,"name":"恩华","password":"123456","sign":false,"tel":"1111111111"}
* msg : 成功
*/
private int code;
private DataBean data;
private String msg;
public int getCode() {
return code;
}
public void setCode(int code) {
this.code = code;
}
public DataBean getData() {
return data;
}
public void setData(DataBean data) {
this.data = data;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
public static class DataBean implements Serializable {
/**
* address : 贵阳学院
* createtime : 2019-05-22T16:02:36
* email : [email protected]
* id : 2
* name : 风华
* password : 123456
* sign : false
* tel : 1111111111
*/
private String address;
private String createtime;
private String email;
private int id;
private String name;
private String password;
private boolean sign;
private String tel;
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
public String getCreatetime() {
return createtime;
}
public void setCreatetime(String createtime) {
this.createtime = createtime;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public boolean isSign() {
return sign;
}
public void setSign(boolean sign) {
this.sign = sign;
}
public String getTel() {
return tel;
}
public void setTel(String tel) {
this.tel = tel;
}
}
}
ResRole类
package com.fenghua.oauth2.config.entity;
import java.io.Serializable;
import java.util.List;
public class ResRole implements Serializable {
/**
* code : 10001
* data : [{"codeName":"ROLE_USER","id":2,"name":"系统管理员","pid":1},{"codeName":"Admin","id":4,"name":"管理员","pid":1}]
* msg : 成功
*/
private int code;
private String msg;
private List<DataBean> data;
public int getCode() {
return code;
}
public void setCode(int code) {
this.code = code;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
public List<DataBean> getData() {
return data;
}
public void setData(List<DataBean> data) {
this.data = data;
}
public static class DataBean implements Serializable {
/**
* codeName : ROLE_USER
* id : 2
* name : 系统管理员
* pid : 1
*/
private String codeName;
private int id;
private String name;
private int pid;
public String getCodeName() {
return codeName;
}
public void setCodeName(String codeName) {
this.codeName = codeName;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public int getPid() {
return pid;
}
public void setPid(int pid) {
this.pid = pid;
}
}
}
好了,上面都是一些项目基本配置,开始我们Ouath2.0相关几个类了,重点哟
AuthorizationServerConfig类
package com.fenghua.oauth2.config;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;
import javax.sql.DataSource;
@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
@Autowired
@Qualifier("dataSource")
private DataSource dataSource;
@Bean
public TokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager())
.allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST)
.tokenStore(tokenStore())
.userDetailsService(userDetailsService());
}
@Bean
UserDetailsService userDetailsService() {
return new CustomUserService();
}
@Override
public void configure(AuthorizationServerSecurityConfigurer security) {
security.tokenKeyAccess("permitAll()")
.checkTokenAccess("permitAll()")
.allowFormAuthenticationForClients();
}
@Bean
AuthenticationManager authenticationManager() {
return authentication -> daoAuhthenticationProvider().authenticate(authentication);
}
@Bean
public AuthenticationProvider daoAuhthenticationProvider() {
DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();
daoAuthenticationProvider.setUserDetailsService(userDetailsService());
daoAuthenticationProvider.setHideUserNotFoundExceptions(false);
daoAuthenticationProvider.setPasswordEncoder(passwordEncoder());
return daoAuthenticationProvider;
}
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
WebSecurityConfig类
package com.fenghua.oauth2.config;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.stereotype.Component;
@Component
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
/**
* 拦截所有请求,并使用httpBasic方式登陆
*
* @param http
* @throws Exception
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/**")
.fullyAuthenticated()
.and().httpBasic();
}
}
SecurityUser类
package com.fenghua.oauth2.config.entity;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
@Data
public class SecurityUser implements Serializable, UserDetails {
//密码需要加密
public static final PasswordEncoder PASSWORD_ENCODER = new BCryptPasswordEncoder();
private static final long serialVersionUID = 1L;
/**
* 邮箱号码
*/
private String email;
/**
* 登录密码
*/
private String password;
/**
* 使用状态(0正常使用中)
*/
private Boolean sign;
/**
* 权限集合
*/
private List<ResRole.DataBean> resRoleList;
public void setPassword(String password) {
this.password = PASSWORD_ENCODER.encode(password);
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
//将用户角色作为权限
List<GrantedAuthority> auths = new ArrayList<GrantedAuthority>();
List<ResRole.DataBean> dataBeans = this.getResRoleList();
for (ResRole.DataBean dataBean : dataBeans) {
System.out.println(dataBean.getCodeName());
auths.add(new SimpleGrantedAuthority(dataBean.getCodeName()));
}
return auths;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return email;
}
//账户是否过期,过期无法验证
@Override
public boolean isAccountNonExpired() {
return true;
}
//指定用户是否被锁定或者解锁,锁定的用户无法进行身份验证
@Override
public boolean isAccountNonLocked() {
return true;
}
//指示是否已过期的用户的凭据(密码),过期的凭据防止认证
@Override
public boolean isCredentialsNonExpired() {
return true;
}
//是否被禁用,禁用的用户不能身份验证
@Override
public boolean isEnabled() {
return true;
}
}
CustomUserService类
继承UserDetailsService接口,实现loadUserByUsername方法,可以自己封装死数据,这样就不需要从其他服务调用
package com.fenghua.oauth2.config;
import com.alibaba.fastjson.JSON;
import com.fenghua.oauth2.config.entity.ResManagerUser;
import com.fenghua.oauth2.config.entity.ResRole;
import com.fenghua.oauth2.config.entity.SecurityUser;
import com.fenghua.oauth2.fegin.IUserServiceFegin;
import com.tm.common.ResponseCode;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.StringUtils;
public class CustomUserService implements UserDetailsService {
@Autowired
private IUserServiceFegin iUserServiceFegin;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
SecurityUser securityUser = null;
//查询用户
String stringUser = iUserServiceFegin.queryManagerUserInfo(s);
ResManagerUser resManagerUser = JSON.parseObject(stringUser, ResManagerUser.class);
if (resManagerUser != null && resManagerUser.getCode() == ResponseCode.SUCCESS.getCode()) {
//从返回接口里面获取用户数据
if (resManagerUser.getData() == null || StringUtils.isEmpty(resManagerUser.getData().getId()) || StringUtils.isEmpty(resManagerUser.getData().getEmail())) {
throw new UsernameNotFoundException("用户不存在");
} else {
//根据获取的用户ID获取该用户的角色列表
String stringRole = iUserServiceFegin.queryManagerUserAndRole((long) resManagerUser.getData().getId());
ResRole resRole = JSON.parseObject(stringRole, ResRole.class);
if (resRole != null && resRole.getCode() == ResponseCode.SUCCESS.getCode()) {
//从返回接口里面获取角色数据
if (resRole.getData() != null && resRole.getData().size() > 0) {
securityUser = new SecurityUser();
securityUser.setEmail(resManagerUser.getData().getEmail());
securityUser.setPassword(resManagerUser.getData().getPassword());
securityUser.setSign(resManagerUser.getData().isSign());
securityUser.setResRoleList(resRole.getData());
} else {
throw new UsernameNotFoundException("角色数据解析失败");
}
} else {
throw new UsernameNotFoundException("角色数据查询失败," + resRole.getMsg());
}
}
} else {
throw new UsernameNotFoundException("用户数据解析失败");
}
return securityUser;
}
}
Ouath2.0是通过数据库来进行管理授权码的
这个数据库的结构是根据官方,但在我的数据库有些字段类型不同,我进行了一定的修改。
官方链接:
/*
Navicat Premium Data Transfer
Source Server : localhost
Source Server Type : MariaDB
Source Server Version : 100212
Source Host : 127.0.0.1:3306
Source Schema : tm_springcloud_oauth2
Target Server Type : MariaDB
Target Server Version : 100212
File Encoding : 65001
Date: 28/05/2019 20:20:57
*/
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for clientdetails
-- ----------------------------
DROP TABLE IF EXISTS `clientdetails`;
CREATE TABLE `clientdetails` (
`appId` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL,
`resourceIds` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`appSecret` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`scope` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`grantTypes` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`redirectUrl` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`authorities` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`access_token_validity` int(11) NULL DEFAULT NULL,
`refresh_token_validity` int(11) NULL DEFAULT NULL,
`additionalInformation` varchar(4096) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`autoApproveScopes` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`appId`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for oauth_access_token
-- ----------------------------
DROP TABLE IF EXISTS `oauth_access_token`;
CREATE TABLE `oauth_access_token` (
`token_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`token` blob NULL DEFAULT NULL,
`authentication_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL,
`user_name` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`client_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`authentication` blob NULL DEFAULT NULL,
`refresh_token` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`authentication_id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for oauth_approvals
-- ----------------------------
DROP TABLE IF EXISTS `oauth_approvals`;
CREATE TABLE `oauth_approvals` (
`userId` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`clientId` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`scope` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`status` varchar(10) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`expiresAt` timestamp(0) NOT NULL DEFAULT current_timestamp ON UPDATE CURRENT_TIMESTAMP,
`lastModifiedAt` timestamp(0) NOT NULL DEFAULT '0000-00-00 00:00:00'
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for oauth_client_details
-- ----------------------------
DROP TABLE IF EXISTS `oauth_client_details`;
CREATE TABLE `oauth_client_details` (
`client_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL,
`resource_ids` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`client_secret` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`scope` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`authorized_grant_types` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`web_server_redirect_uri` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`authorities` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`access_token_validity` int(11) NULL DEFAULT NULL,
`refresh_token_validity` int(11) NULL DEFAULT NULL,
`additional_information` varchar(4096) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`autoapprove` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`client_id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for oauth_client_token
-- ----------------------------
DROP TABLE IF EXISTS `oauth_client_token`;
CREATE TABLE `oauth_client_token` (
`token_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`token` blob NULL DEFAULT NULL,
`authentication_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL,
`user_name` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`client_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
PRIMARY KEY (`authentication_id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for oauth_code
-- ----------------------------
DROP TABLE IF EXISTS `oauth_code`;
CREATE TABLE `oauth_code` (
`code` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`authentication` blob NULL DEFAULT NULL
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Table structure for oauth_refresh_token
-- ----------------------------
DROP TABLE IF EXISTS `oauth_refresh_token`;
CREATE TABLE `oauth_refresh_token` (
`token_id` varchar(256) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL,
`token` blob NULL DEFAULT NULL,
`authentication` blob NULL DEFAULT NULL
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci ROW_FORMAT = Dynamic;
SET FOREIGN_KEY_CHECKS = 1;
获取 授权码前用户需要去注册获取AppID与AppKey,在Ouath2.0里面对应字段是client_id,client_secret,所以需要提前向数据库插入数据
我们数据准备好后就启动项目与对应的依赖服务项目
4.获取授权码演示
- 通过授权获取到授权码
点击登录后
Approve 允许,Deny 拒绝,选择Approve,点击按钮
通过code获取授权码
- 通过密码模式获取验证码
- 验证Token是否有效
http://localhost:8500/oauth/check_token?token=246f9d30-0585-4865-8f3b-7333a6565390
- 刷新Token