⚡ AuthenticationProvider 使用 list 接收，方便用户自定义 Provider（配合自定义 grant_type）

2021-09-15 23:27:26 +08:00
parent 59bc4841ca
commit 69b5ea0a6f
2 changed files with 10 additions and 6 deletions
--- a/ballcat-auth/ballcat-auth-biz/src/main/java/com/hccake/ballcat/auth/authentication/TokenGrantBuilder.java
+++ b/ballcat-auth/ballcat-auth-biz/src/main/java/com/hccake/ballcat/auth/authentication/TokenGrantBuilder.java
@@ -37,7 +37,7 @@ public class TokenGrantBuilder {
 	 * @param endpoints AuthorizationServerEndpointsConfigurer
 	 * @return List<TokenGranter>
 	 */
-	private List<TokenGranter> defaultTokenGranters(AuthorizationServerEndpointsConfigurer endpoints) {
+	protected List<TokenGranter> defaultTokenGranters(AuthorizationServerEndpointsConfigurer endpoints) {
 		ClientDetailsService clientDetailsService = endpoints.getClientDetailsService();
 		AuthorizationServerTokenServices tokenServices = endpoints.getTokenServices();
 		AuthorizationCodeServices authorizationCodeServices = endpoints.getAuthorizationCodeServices();
--- a/ballcat-common/ballcat-common-security/src/main/java/com/hccake/ballcat/common/security/oauth2/server/resource/ResourceServerWebSecurityConfigurerAdapter.java
+++ b/ballcat-common/ballcat-common-security/src/main/java/com/hccake/ballcat/common/security/oauth2/server/resource/ResourceServerWebSecurityConfigurerAdapter.java
@@ -8,6 +8,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.BeanIds;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -15,10 +16,11 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.oauth2.server.resource.authentication.OpaqueTokenAuthenticationProvider;
 import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;
 import org.springframework.security.web.AuthenticationEntryPoint;

+import java.util.List;
+
 /**
 * 资源服务器的配置
 *
@@ -30,7 +32,7 @@ public class ResourceServerWebSecurityConfigurerAdapter extends WebSecurityConfi

 	private final OAuth2ResourceServerProperties oAuth2ResourceServerProperties;

-	private final OpaqueTokenAuthenticationProvider opaqueTokenAuthenticationProvider;
+	private final List<AuthenticationProvider> authenticationProviders;

 	private final AuthenticationEntryPoint authenticationEntryPoint;

@@ -61,6 +63,11 @@ public class ResourceServerWebSecurityConfigurerAdapter extends WebSecurityConfi
 			}
 		}

+		// 添加多种授权模式
+		for (AuthenticationProvider authenticationProvider : authenticationProviders) {
+			http.authenticationProvider(authenticationProvider);
+		}
+
 		// @formatter:off
        http
 			// 记住我
@@ -76,9 +83,6 @@ public class ResourceServerWebSecurityConfigurerAdapter extends WebSecurityConfi
 			// 关闭 csrf 跨站攻击防护
 			.and().csrf().disable()

-			// 添加不透明令牌的 provider
-			.authenticationProvider(opaqueTokenAuthenticationProvider)
-
 			// 开启 OAuth2 资源服务
 			.oauth2ResourceServer().authenticationEntryPoint(authenticationEntryPoint)
 			// bearToken 解析器