Auth2.0-Client客戶端數據庫配置
Client客戶端信息通常以HardCode方式放在inMemory裏面。本文我們將把ta放到數據庫裏面,以方便維護。
1.0 修改代碼如下
private final DataSource dataSource;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
@Bean
public JdbcTokenStore tokenStore() {
return new JdbcTokenStore(dataSource);
}
1.1 執行數據庫腳本
schema.sql
DROP TABLE IF EXISTS oauth_client_details;
CREATE TABLE oauth_client_details
(
client_id VARCHAR(255) PRIMARY KEY,
resource_ids VARCHAR(255),
client_secret VARCHAR(255),
scope VARCHAR(255),
authorized_grant_types VARCHAR(255),
web_server_redirect_uri VARCHAR(255),
authorities VARCHAR(255),
access_token_validity INTEGER,
refresh_token_validity INTEGER,
additional_information VARCHAR(4096),
autoapprove VARCHAR(255)
);
DROP TABLE IF EXISTS oauth_client_token;
CREATE TABLE oauth_client_token
(
token_id VARCHAR(255),
token LONG VARBINARY,
authentication_id VARCHAR(255) PRIMARY KEY,
user_name VARCHAR(255),
client_id VARCHAR(255)
);
DROP TABLE IF EXISTS oauth_access_token;
CREATE TABLE oauth_access_token
(
token_id VARCHAR(255),
token LONG VARBINARY,
authentication_id VARCHAR(255) PRIMARY KEY,
user_name VARCHAR(255),
client_id VARCHAR(255),
authentication LONG VARBINARY,
refresh_token VARCHAR(255)
);
DROP TABLE IF EXISTS oauth_refresh_token;
CREATE TABLE oauth_refresh_token
(
token_id VARCHAR(255),
token LONG VARBINARY,
authentication LONG VARBINARY
);
DROP TABLE IF EXISTS oauth_code;
CREATE TABLE oauth_code
(
code VARCHAR(255),
authentication LONG VARBINARY
);
DROP TABLE IF EXISTS oauth_approvals;
CREATE TABLE oauth_approvals
(
userid VARCHAR(255),
clientid VARCHAR(255),
scope VARCHAR(255),
status VARCHAR(10),
expiresat TIMESTAMP,
lastmodifiedat TIMESTAMP
);
data.sql
LOCK tables `oauth_client_details` WRITE;
/*!40000 ALTER TABLE `oauth_client_details` DISABLE KEYS */
;INSERT INTO `oauth_client_details` VALUES
(
'clientApp',
'resource_id',
'$2a$10$R.QchD5KA5mrVYdbx4WwGunbEzcE8NUSxFz0qWhBSlhHCgJr5qLwq',
'all',
'password,authorization_code,client_credentials,refresh_token,implicit',
'http://baidu.com',
'READ_ONLY_CLINT',
NULL,
NULL,
'{}',
''
);
/*!40000 ALTER TABLE `oauth_client_details` ENABLE KEYS */
;UNLOCK tables;