@Import(value={OAuth2AuthorizationServerConfigurerCustomizerConfiguration.class,OAuth2AuthorizationServerExtensionConfigurerConfiguration.class})
@Configuration(proxyBeanMethods=false)
@EnableConfigurationProperties(value=OAuth2AuthorizationServerProperties.class)
public class OAuth2AuthorizationServerAutoConfiguration
extends Object
| 限定符和类型 | 字段和说明 |
|---|---|
static String |
OAUTH2_AUTHORIZATION_SERVER_SECURITY_FILTER_CHAIN_BEAN_NAME |
| 构造器和说明 |
|---|
OAuth2AuthorizationServerAutoConfiguration() |
| 限定符和类型 | 方法和说明 |
|---|---|
org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService |
authorizationConsentService(org.springframework.jdbc.core.JdbcTemplate jdbcTemplate,
org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository)
OAuth2AuthorizationConsentService
|
org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings |
authorizationServerSettings()
授权服务器基本端点地址配置
|
org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService |
authorizationService(org.springframework.jdbc.core.JdbcTemplate jdbcTemplate,
org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository,
org.springframework.beans.factory.ObjectProvider<OAuth2AuthorizationObjectMapperCustomizer> objectMapperCustomizerObjectProvider)
OAuth2 授权管理Service
|
org.springframework.security.web.SecurityFilterChain |
oauth2AuthorizationServerSecurityFilterChain(OAuth2AuthorizationServerSecurityFilterChainBuilder builder,
org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity)
OAuth2 授权服务器的安全过滤器链,如果和资源服务器共存,需要将其放在资源服务器之前
|
OAuth2AuthorizationServerSecurityFilterChainBuilder |
oAuth2AuthorizationServerSecurityFilterChainBuilder(List<OAuth2AuthorizationServerConfigurerCustomizer> oAuth2AuthorizationServerConfigurerCustomizers,
List<OAuth2AuthorizationServerExtensionConfigurer<?,org.springframework.security.config.annotation.web.builders.HttpSecurity>> oAuth2AuthorizationServerExtensionConfigurers)
OAuth2AuthorizationServerConfigurer 的适配器
|
org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.OAuth2TokenClaimsContext> |
oAuth2TokenCustomizer()
对于使用不透明令牌的 client,需要存储对应的用户信息,以便在后续的请求中获取用户信息
|
OAuth2TokenRevocationResponseHandler |
oAuth2TokenRevocationResponseHandler(org.springframework.context.ApplicationEventPublisher publisher)
OAuth2 Token 撤销响应处理器
|
org.springframework.security.crypto.password.PasswordEncoder |
passwordEncoder()
密码管理器
|
org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository |
registeredClientRepository(org.springframework.jdbc.core.JdbcTemplate jdbcTemplate)
OAuth2 授权服务器中注册的 client 仓库
|
public OAuth2AuthorizationServerAutoConfiguration()
@Bean
@ConditionalOnMissingBean(name="oauth2AuthorizationServerSecurityFilterChain",
value=OAuth2AuthorizationServerSecurityFilterChainBuilder.class)
public OAuth2AuthorizationServerSecurityFilterChainBuilder oAuth2AuthorizationServerSecurityFilterChainBuilder(List<OAuth2AuthorizationServerConfigurerCustomizer> oAuth2AuthorizationServerConfigurerCustomizers,
List<OAuth2AuthorizationServerExtensionConfigurer<?,org.springframework.security.config.annotation.web.builders.HttpSecurity>> oAuth2AuthorizationServerExtensionConfigurers)
oAuth2AuthorizationServerConfigurerCustomizers - OAuth2AuthorizationServerConfigurer 的定制器列表oAuth2AuthorizationServerExtensionConfigurers - oAuth2AuthorizationServerExtensionConfigurer 的配置扩展器列表@Bean(name="oauth2AuthorizationServerSecurityFilterChain") @Order(value=1) @ConditionalOnMissingBean(name="oauth2AuthorizationServerSecurityFilterChain") public org.springframework.security.web.SecurityFilterChain oauth2AuthorizationServerSecurityFilterChain(OAuth2AuthorizationServerSecurityFilterChainBuilder builder, org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) throws Exception
Exception@Bean @ConditionalOnMissingBean public org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository(org.springframework.jdbc.core.JdbcTemplate jdbcTemplate)
@Bean
@ConditionalOnMissingBean
public org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService authorizationService(org.springframework.jdbc.core.JdbcTemplate jdbcTemplate,
org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository,
org.springframework.beans.factory.ObjectProvider<OAuth2AuthorizationObjectMapperCustomizer> objectMapperCustomizerObjectProvider)
@Bean
@ConditionalOnMissingBean
public org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationConsentService authorizationConsentService(org.springframework.jdbc.core.JdbcTemplate jdbcTemplate,
org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository registeredClientRepository)
@Bean @ConditionalOnMissingBean public org.springframework.security.oauth2.server.authorization.settings.AuthorizationServerSettings authorizationServerSettings()
@Bean @ConditionalOnMissingBean public OAuth2TokenRevocationResponseHandler oAuth2TokenRevocationResponseHandler(org.springframework.context.ApplicationEventPublisher publisher)
publisher - 事件发布器@Bean @ConditionalOnMissingBean public org.springframework.security.crypto.password.PasswordEncoder passwordEncoder()
@Bean @ConditionalOnMissingBean(value=org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer.class) public org.springframework.security.oauth2.server.authorization.token.OAuth2TokenCustomizer<org.springframework.security.oauth2.server.authorization.token.OAuth2TokenClaimsContext> oAuth2TokenCustomizer()
Copyright © 2023. All rights reserved.