org.ballcat.springsecurity.oauth2.server.resource

类 OAuth2ResourceServerAutoConfiguration

java.lang.Object

org.ballcat.springsecurity.oauth2.server.resource.OAuth2ResourceServerAutoConfiguration

@Configuration(proxyBeanMethods=false)
 @EnableGlobalMethodSecurity(prePostEnabled=true)
 @EnableConfigurationProperties(value=OAuth2ResourceServerProperties.class)
public class OAuth2ResourceServerAutoConfiguration
extends Object

资源服务需要的一些 bean 配置

作者:

hccake

字段概要

字段

限定符和类型	字段和说明
static String	OAUTH2_RESOURCE_SERVER_SECURITY_FILTER_CHAIN_BEAN_NAME

构造器概要

构造器

构造器和说明
OAuth2ResourceServerAutoConfiguration()

方法概要

限定符和类型	方法和说明
org.springframework.security.web.AuthenticationEntryPoint	authenticationEntryPoint() 自定义异常处理
org.springframework.security.oauth2.server.resource.web.BearerTokenResolver	bearerTokenResolver() BearTokenResolve 允许使用 url 传参，方便 ws 连接 ps: 使用 url 传参不安全，待改进
CustomPermissionEvaluator	customPermissionEvaluator() 自定义的权限判断组件
org.springframework.security.web.SecurityFilterChain	oauth2ResourceServerSecurityFilterChain(Oauth2ResourceServerSecurityFilterChainBuilder builder, org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity) OAuth2 授权服务器的安全过滤器链，如果和资源服务器共存，需要将其放在资源服务器之前
Oauth2ResourceServerSecurityFilterChainBuilder	oauth2ResourceServerSecurityFilterChainBuilder(OAuth2ResourceServerProperties oAuth2ResourceServerProperties, org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint, org.springframework.security.oauth2.server.resource.web.BearerTokenResolver bearerTokenResolver, org.springframework.beans.factory.ObjectProvider<List<OAuth2ResourceServerConfigurerCustomizer>> configurerCustomizersProvider, org.springframework.beans.factory.ObjectProvider<List<OAuth2ResourceServerExtensionConfigurer<org.springframework.security.config.annotation.web.builders.HttpSecurity>>> extensionConfigurersProvider) 资源服务器的过滤器链构建器
org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider	opaqueTokenAuthenticationProvider(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector opaqueTokenIntrospector) spring-security 5.x 中开启资源服务器功能，需要的不透明令牌的支持
org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector	opaqueTokenIntrospector(OAuth2ResourceServerProperties oAuth2ResourceServerProperties) 当资源服务器和授权服务器的 token 存储无法共享时，通过远程调用的方式，向授权服务鉴定 token，并同时获取对应的授权信息

从类继承的方法 java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

字段详细资料

OAUTH2_RESOURCE_SERVER_SECURITY_FILTER_CHAIN_BEAN_NAME

public static final String OAUTH2_RESOURCE_SERVER_SECURITY_FILTER_CHAIN_BEAN_NAME

另请参阅:

常量字段值

构造器详细资料

OAuth2ResourceServerAutoConfiguration

public OAuth2ResourceServerAutoConfiguration()

方法详细资料

oauth2ResourceServerSecurityFilterChainBuilder

@Bean
 @ConditionalOnMissingBean(name="oauth2ResourceServerSecurityFilterChain",
                          value=Oauth2ResourceServerSecurityFilterChainBuilder.class)
public Oauth2ResourceServerSecurityFilterChainBuilder oauth2ResourceServerSecurityFilterChainBuilder(OAuth2ResourceServerProperties oAuth2ResourceServerProperties,
                                                                                                                                                                                                                                                                               org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint,
                                                                                                                                                                                                                                                                               org.springframework.security.oauth2.server.resource.web.BearerTokenResolver bearerTokenResolver,
                                                                                                                                                                                                                                                                               org.springframework.beans.factory.ObjectProvider<List<OAuth2ResourceServerConfigurerCustomizer>> configurerCustomizersProvider,
                                                                                                                                                                                                                                                                               org.springframework.beans.factory.ObjectProvider<List<OAuth2ResourceServerExtensionConfigurer<org.springframework.security.config.annotation.web.builders.HttpSecurity>>> extensionConfigurersProvider)

资源服务器的过滤器链构建器

oauth2ResourceServerSecurityFilterChain

@Bean(name="oauth2ResourceServerSecurityFilterChain")
 @Order(value=99)
 @ConditionalOnMissingBean(name="oauth2ResourceServerSecurityFilterChain")
public org.springframework.security.web.SecurityFilterChain oauth2ResourceServerSecurityFilterChain(Oauth2ResourceServerSecurityFilterChainBuilder builder,
                                                                                                                                                                                                                                                          org.springframework.security.config.annotation.web.builders.HttpSecurity httpSecurity)
                                                                                                                                                                                                                                                   throws Exception

OAuth2 授权服务器的安全过滤器链，如果和资源服务器共存，需要将其放在资源服务器之前

抛出:

Exception

customPermissionEvaluator

@Bean(name="per")
 @ConditionalOnMissingBean(value=com.hccake.ballcat.common.security.component.CustomPermissionEvaluator.class)
public CustomPermissionEvaluator customPermissionEvaluator()

自定义的权限判断组件

返回:

CustomPermissionEvaluator

opaqueTokenIntrospector

@Bean
 @ConditionalOnMissingBean
 @ConditionalOnProperty(prefix="ballcat.security.oauth2.resourceserver",
                       name="shared-stored-token",
                       havingValue="false")
public org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector opaqueTokenIntrospector(OAuth2ResourceServerProperties oAuth2ResourceServerProperties)

当资源服务器和授权服务器的 token 存储无法共享时，通过远程调用的方式，向授权服务鉴定 token，并同时获取对应的授权信息

返回:

NimbusOpaqueTokenIntrospector

opaqueTokenAuthenticationProvider

@Bean
 @ConditionalOnMissingBean
public org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider opaqueTokenAuthenticationProvider(org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector opaqueTokenIntrospector)

spring-security 5.x 中开启资源服务器功能，需要的不透明令牌的支持

返回:

OpaqueTokenAuthenticationProvider

authenticationEntryPoint

@Bean
 @ConditionalOnMissingBean
public org.springframework.security.web.AuthenticationEntryPoint authenticationEntryPoint()

自定义异常处理

返回:

AuthenticationEntryPoint

bearerTokenResolver

@Bean
 @ConditionalOnMissingBean
public org.springframework.security.oauth2.server.resource.web.BearerTokenResolver bearerTokenResolver()

BearTokenResolve 允许使用 url 传参，方便 ws 连接 ps: 使用 url 传参不安全，待改进

返回:

DefaultBearerTokenResolver