BearerTokenExtractor,从其可以看出,token的获取顺序,Header,parameters(get/post).TokenServices分为两类,一个是用在AuthenticationServer端,AuthorizationServerTokenServices,ResourceServer端有自己的tokenServices接口,.TokenGranter,AuthorizationCodeTokenGranter,ClientCredentialsTokenGranter,RefreshTokenGranter,ImplicitTokenGranter,ResourceOwnerPasswordTokenGranter.ClientCredentialsTokenEndpointFilter,AS设置了allowFormAuthenticationForClients才会有,详情看这里面的AuthorizationServerSecurit圜onfigurer#configure(HttpSecurity http)逻辑,这点非常重要,ClientCredentialsTokenEndpointFilter是用来验证clientid和client_secret的,使用clientid和client_secret换取下一步的东西;. client_credentials模式下spring boot不会帮助spring Security构建ClientCredentialsResourceDetails 对象,需要开发者自己创建.封装顺序是这样的:spring security及其各个模块=》spring cloud security=》spring boot autoconfigure的security部分,比如autoconfigure模块有个spring security的sso,是对spring security在oath2下的封装,.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |