如何在 spring-boot 中生成客户端 ID 和客户端密钥并存储在数据库中?
[英]How to generate client-id & client-secret in spring-boot and store in database?
问题描述
I know questions similar to this already exist on stackoverflow.
我知道 stackoverflow 上已经存在类似的问题。 When I went through them, it didn't solved the problem I'm looking for.当我浏览它们时,它并没有解决我正在寻找的问题。
I've a spring-boot web service as Oaut2ClientManagement , in which I've creating an API which will basically register a new client.我有一个spring-boot web 服务作为Oaut2ClientManagement ,我在其中创建了一个 API 基本上将注册一个新客户端。 When new company is getting registered, the companyId (it is predefined in some company_details table, yes the company is added in list but not registered to access APIs) is sent so based on that I've to generate client-id & client-secret which I'll store in CLIENT_KEY_MANAGEMENT table.当新公司注册时, companyId (它是在一些company_details表中预定义的,是的,公司已添加到列表中但未注册以访问 API)被发送,因此我必须生成client-id和client-secret我将存储在CLIENT_KEY_MANAGEMENT表中。 Based on this I write a java code to generating accessToken .基于此,我编写了一个 java 代码来生成accessToken 。
So my question here is how can I generate client-id & client-secret based on companyId I've received in request?所以我的问题是如何根据我在请求中收到的companyId生成client-id和client-secret ? I've went through this answer .我已经完成了这个答案。 But is there any pre-defined way in spring-boot oauth which can do this job?但是spring-boot oauth中是否有任何预定义的方式可以完成这项工作? As next step is to generate access token based on it.下一步是基于它生成访问令牌。
I also went through oAuth tutorial .我还浏览了 oAuth教程。 But, in this the client-id & client-secret are stored in properties file not in Database/other source.但是,在此client-id和client-secret存储在属性文件中,而不是在数据库/其他源中。 Also seems like it's single pair.也好像是单对。
It will be great if someone can guide me to achieve above scenario using spring-boot .如果有人可以指导我使用spring-boot实现上述场景,那就太好了。
1 个解决方案
解决方案1
0 2019-10-22 09:41:03
There is a JdbcClientDetailsService for this specific purpose.有一个用于此特定目的的JdbcClientDetailsService 。
You need to define the following table in your database您需要在数据库中定义下表
create table oauth_client_details (
client_id VARCHAR(256) PRIMARY KEY,
resource_ids VARCHAR(256),
client_secret VARCHAR(256),
scope VARCHAR(256),
authorized_grant_types VARCHAR(256),
web_server_redirect_uri VARCHAR(256),
authorities VARCHAR(256),
access_token_validity INTEGER,
refresh_token_validity INTEGER,
additional_information VARCHAR(4096),
autoapprove VARCHAR(256)
);
and configure your Oauth2 authorization server as following并配置您的 Oauth2 授权服务器,如下所示
@Configuration
@EnableAuthorizationServer
public class OAuth2AuthorizationServerConfigurer extends AuthorizationServerConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Override
public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
clients.jdbc(dataSource);
}
}
And finally you can inject JdbcClientDetailsService bean in the location you are registering a companyId .最后,您可以在注册companyId的位置注入JdbcClientDetailsService bean。
@Autowired
JdbcClientDetailsService jdbcClientDetailsService;
...
BaseClientDetails clientDetails = new BaseClientDetails(companyId, resourceIds, scopes, grantTypes, authorities);
clientDetails.setClientSecret("generatedpassword");
jdbcClientDetailsService.addClientDetails(clientDetails);
Finally you can login using those client credentials.最后,您可以使用这些客户端凭据登录。
UPDATE更新
If you want your passwords to be hashed you can set a PasswordEncoder as below.如果您希望您的密码被散列,您可以如下设置 PasswordEncoder。
clients.jdbc(dataSource)
.passwordEncoder(new BCryptPasswordEncoder())
BaseClientDetails is available in package org.springframework.security.oauth2.provider.client . BaseClientDetails在 package org.springframework.security.oauth2.provider.client中可用。
The client secret will not be generated by the service.服务不会生成客户端密码。 You need to generate it and set it to BaseClientDetails .您需要生成它并将其设置为BaseClientDetails 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.