Light

lookbackintherain / oauth-boot Goto Github PK

View Code? Open in Web Editor NEW

114.0 7.0 65.0 8.85 MB

spring-boot and spring oauth2

License: MIT License

Java 99.29% TSQL 0.71%

spring-boot spring-security spring-security-oauth2 rest-api oauth-boot spring-oauth2

oauth-boot's Introduction

OAUTH-BOOT

spring-security ，spring-security-oauth2 ，string boot 学习

Update

Current

授权码模式，密码模式，简化模式（未测试），客户端模式（未测试）
JWT
自定义登录页面和授权页面
自定义异常处理
认证服务与资源服务分离

配置

boot:
  oauth:
    # token 存储方式，可选配置
    token-store-type: jwt #默认为 memory
    # token签名秘钥，可选配置，默认：OAUTHBOOT@IUY09&098#UIOKNJJ-YUIT.CLUB
    token-signing-key: 123qwe 
    # 登录处理url 可选配置
    login-process-url: /auth/authorize

授权码模式

请求授权 http://ip:port/oauth/authorize?response_type=code&client_id=client&redirect_uri=http://localhost:9000&scope=select
如果没有登录会跳转到登录页面，登录后跳转到授权页面（是否会跳转到授权页面取决于是否将isAutoApprove字段的值）
授权后得到一个授权码，拿着授权码即可申请token

密码模式

没有配置允许客户端表单登录的，将客户端id和密码base64编码放入请求头中，根据oauth2协议规定的密码模式正确填写参数即可申请token

依赖

框架/类库/数据库	版本号
java	11（Mac）/ 8（Win10）
spring-boot	2.0.5.RELEASE
spring-security	5.0.8.RELEASE
spring-security-oauth2-autoconfigure	2.0.6.RELEASE
mybatis-plus	3.0.4
数据库连接池（druid）	1.1.11
swagger-ui	2.9.2
hibernate-validator	6.0.13.Final
MySQL	5.7.22 MySQL Community Server
Redis	4.0.10

项目效果

自定义登录和授权页面效果图

建表语句在src/doc/table.sql中

相关的测试数据也在这个sql文件中，加密的密码统一为123qwe

注

请使用上述依赖所规定的版本

oauth-boot's People

Contributors

Stargazers

Watchers

Forkers

wankehui2012 ljb445300387 julang2 geleonardo gbsun168 rainleo aping-fo ichaly fisher2017 oulexue xshcloudy hzredwall yueru-mylove zhanglei ttlpit zhangzhong1018 athoszn yuizr keep-zero javarelated liudongsir osullivan146 frankcjg renyansongno1 cfluo theosunny eexs wolf-huo moocstudent lorchr 775490841 neymar174 skiof007 cookiejqf mongohadoop lqxion joelzzhang leeaee cyp1314 alluserbegin pog2g gaojunqi ljia310 senwa xpwdm2020 alexguo88 sangbu wood-north wjh972420394 daydaynote lilixiaoyi 750384116 forkstarteam king188141 mikeyy88 huangjinyu liushujiang soxueren yilizidan iuriimattos2 feifeihuiyu hsj-xiaokang lcxw joke007 hcsj

oauth-boot's Issues

Error processing condition on club.yuit.oauth.boot.config.auth2.TokenStoreConfig.jwtAccessTokenConverter

Error processing condition on club.yuit.oauth.boot.config.auth2.TokenStoreConfig.jwtAccessTokenConverter

启动tokenStoreConfig报错

http://localhost:8000/auth/login报错

直接打开 http://localhost:8000/auth/login 提示500

请问如果clientId的客户端异常怎么自定义异常捕获呢？

请问如果clientId错误导致的的客户端异常怎么自定义异常捕获呢？

中文错别字

代码正在学习你的, 中文有几个错别字.
登录后悔XXXXXXXXXX--- > 登录后会XXXXXXXXXX
授权马XXXXXXXXXX----> 授权码XXXXXXXXXX-

报401错误

我直接通过/auth/login路径输入用户名密码和验证码登录成功后跳转就报这个错呢，为什么啊

Why scope do NOT be asked in access_confirm page?

Hi.
Why scope do not be asked in the access confirmation page from user, while client application authorization request URL have scope=select?
http://ip:port/oauth/authorize?response_type=code&client_id=client&client_secret=123qwe&redirect_uri=http://localhost:9000&scope=select

授权页面表单代码问题

你的代码是有问题的,如果以你这种方式的话默认,授权范围默认是false,直接导致授权失败,正确代码应该如下
<form method="post" th:action="@{/oauth/authorize}"> <input type="hidden" name="user_oauth_approval" value="true"> <input type="hidden" name="_csrf" th:value="${_csrf.getToken()}"/> <div class="form-check"> <input type="checkbox" class="form-check-input" checked="checked" id="exampleCheck1"> <label class="form-check-label" for="exampleCheck1">昵称,身份和头像</label> </div> <div th:each="item:${scopes}"> <input type="radio" th:name="'scope.'+${item}" value="true" hidden="hidden" checked="checked"> </div> <p class="card-text" style="color: #dc3545;font-size: 12px">授权后表表明您已同意Oauth2协议</p> <button type="submit" class="btn btn-outline-danger">同意授权</button> </form>

登录问题

您好请教个问题，按照loginProcessUrl="/auth/authorize"配置后，点击登录提示404，我也没找了/auth/authorize端点定义，请问这是个什么机制？
祝好！

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.