springcolud demo(亲自搭建)
创建 一个简单的demo。整合几个基本的组件:
注册中心:Spring Cloud Netflix
配置中心:Spring Cloud Config
鉴权中心:Spring Cloud OAuth2
hystrix、feign、Zuul、Eureka等。
所有工程的都事项了负载。
写作不容易,盗版必究
总的依赖控制 pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"><modelVersion>4.0.0</modelVersion><groupId>com.wxd.springcloud</groupId><artifactId>spring-cloud-parent</artifactId><version>1.0-SNAPSHOT</version><modules><module>cloud-register</module><module>cloud-producer</module><module>cloud-consumer</module><module>cloud-gateway</module><module>cloud-config-server</module><module>cloud-config-client</module><module>cloud-OAuth2-server</module><module>cloud-OAuth2-client</module></modules><packaging>pom</packaging><parent><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-parent</artifactId><version>2.0.4.RELEASE</version></parent><properties><project.build.sourceencoding>UTF-8</project.build.sourceencoding><project.reporting.outputencoding>UTF-8</project.reporting.outputencoding><java.version>1.8</java.version><swagger.version>2.6.0</swagger.version></properties><dependencyManagement><dependencies><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-dependencies</artifactId><version>Finchley.RELEASE</version><type>pom</type><scope>import</scope></dependency><dependency><groupId>io.springfox</groupId><artifactId>springfox-swagger2</artifactId><version>${swagger.version}</version></dependency><dependency><groupId>io.springfox</groupId><artifactId>springfox-swagger-ui</artifactId><version>${swagger.version}</version></dependency></dependencies></dependencyManagement></project>
一 创建注册中心
- 访问注册中心的地址 http://localhost:8081/
如图:demo.jpg
- pom
<dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-server</artifactId></dependency>
- yml
server:port: 8081spring:application:name: eureka-servereureka:client:# 表示是否将自己注册到Eureka Server,默认为true。registerWithEureka: false# 表示是否从Eureka Server获取注册信息,默认为true。fetchRegistry: false# 设置与Eureka Server交互的地址,查询服务和注册服务都需要依赖这个地址。默认是http://localhost:8761/eureka ;多个地址可使用,分隔serviceUrl:defaultZone: http://localhost:${server.port}/eureka/
- 启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.netflix.eureka.server.EnableEurekaServer;@SpringBootApplication @EnableEurekaServer public class RegisterApp {public static void main(String[] args) {SpringApplication.run(RegisterApp.class, args);} }
- 集群搭建参考
https://blog.csdn.net/maoyeqiu/article/details/78554196主要配置如下
#server1spring.application.name=eureka-serverserver.port=8095eureka.instance.hostname=127.0.0.1:8095eureka.client.serviceUrl.defaultZone=http://127.0.0.1:8096/eureka/,http://127.0.0.1:8097/eureka/#server2spring.application.name=eureka-serverserver.port=8096eureka.instance.hostname=127.0.0.1:8096eureka.client.serviceUrl.defaultZone=http://127.0.0.1:8095/eureka/,http://127.0.0.1:8097/eureka/#server3spring.application.name=eureka-serverserver.port=8097eureka.instance.hostname=127.0.0.1:8097eureka.client.serviceUrl.defaultZone=http://127.0.0.1:8095/eureka/,http://127.0.0.1:8096/eureka/
二. 创建服务端
###服务端
- pom
<dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> </dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId> </dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope> </dependency>
- yml
server:port: 8082 spring:application:name: producer-server eureka:client:serviceUrl:defaultZone: http://localhost:8081/eureka/
- 启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.client.discovery.EnableDiscoveryClient;@EnableDiscoveryClient @SpringBootApplication public class ProducerApp {public static void main(String[] args) {SpringApplication.run(ProducerApp.class, args);} }
- 创建UserController
package com.wxd.controller;import org.springframework.beans.factory.annotation.Value; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController;@RestController public class UserController {@Value("${server.port}")private String port;@GetMapping("/get")public String getPort() {return "Producer Server port: " + port;}}
这里只是简单的写一个服务。集成数据库等自己完成。
访问接口如下图
三. 创建客户端
###消费端
pom
<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId> </dependency><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> </dependency><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-openfeign</artifactId> </dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope> </dependency><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-hystrix</artifactId><version>1.4.6.RELEASE</version> </dependency>
yml
server:port: 8083 spring:application:name: consumer-server eureka:client:serviceUrl:#注册中心地址 多个用逗号隔开defaultZone: http://localhost:8081/eureka/ #开启断路器 feign:hystrix:enabled: true
启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.client.circuitbreaker.EnableCircuitBreaker; import org.springframework.cloud.client.discovery.EnableDiscoveryClient; import org.springframework.cloud.openfeign.EnableFeignClients;@EnableDiscoveryClient//注册中心 @EnableFeignClients//开启feign 声明式REST, 里面包括Hystrix 断路器 @SpringBootApplication @EnableCircuitBreaker//开启Hystrix 断路器 public class ConsumerApp {public static void main(String[] args) {SpringApplication.run(ConsumerApp.class, args);} }
创建RestTemplate
package com.wxd.config;import org.springframework.cloud.client.loadbalancer.LoadBalanced; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.client.RestTemplate;@Configuration public class MyConfiguration {@LoadBalanced//使用负载@BeanRestTemplate restTemplate() {return new RestTemplate();} }
创建UserHystrix
测试Hystrixpackage com.wxd.service;import com.netflix.hystrix.contrib.javanica.annotation.HystrixCommand; import org.springframework.stereotype.Component;/*** 测试Hystrix*/ @Component public class UserHystrix {@HystrixCommand(fallbackMethod = "defaultGetPort2")public String getPort2(){throw new RuntimeException("");}public String defaultGetPort2(){return "服务错误";} }
创建 UserService
测试调用服务 及 Hystrix回退package com.wxd.service;import org.springframework.cloud.openfeign.FeignClient; import org.springframework.stereotype.Component; import org.springframework.web.bind.annotation.GetMapping;@Component @FeignClient(value = "producer-server", fallback = UserServiceHystrix.class) public interface UserService {@GetMapping("/get")String getPort();@GetMapping("/get1") // @HystrixCommand(fallbackMethod = "defaultGetPort2") 和 @FeignClient不能一起使用String getPort2();default String defaultGetPort2(){return "服务错误";} }
创建 UserServiceHystrix
package com.wxd.service;import org.springframework.stereotype.Component;@Component public class UserServiceHystrix implements UserService {@Overridepublic String getPort() {return "Producer Server 的服务调用失败";}@Overridepublic String getPort2() {return "服务错误2";} }
创建UserController
package com.wxd.controller;import com.wxd.service.UserHystrix; import com.wxd.service.UserService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; import org.springframework.web.client.RestTemplate;@RestController public class UserController {@Autowiredprivate UserService userService;@Autowiredprivate RestTemplate restTemplate;@Autowiredprivate UserHystrix userHystrix;@GetMapping("/get")public String getPort() {return "consumer get Producer Server port: " + userService.getPort();}@GetMapping("/get3")public String getPort3() {return "consumer get Producer Server port: " + userService.getPort2();}@GetMapping("/get2")public String getPort2() {return "consumer get2 Producer Server port: " + restTemplate.getForObject("http://producer-server/get",String.class);} }
结果如下:
四. 创建 zuul
###网关zuulpom
<dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-zuul</artifactId><version>1.4.6.RELEASE</version> </dependency> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-zuul</artifactId> </dependency>
启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.netflix.zuul.EnableZuulProxy;@SpringBootApplication @EnableZuulProxy //启动网关路由 public class ZuulApp {public static void main(String[] args) {SpringApplication.run(ZuulApp.class,args);} }
yml
简单实现
注意:首先要有注册中心eureka-server和cloud-producer模块
spring:application:name: cloud-gateway-zuulserver:port: 8808eureka:client:serviceUrl:defaultZone: http://localhost:8081/eureka/
直接访问
http://localhost:8084/producer-server/get 或者
http://localhost:8084/zuul/producer-server/get
就可以直接路由到producer-server/get配置映射 Zuul指定path和serviceId
zuul:ignoredServices: '*'#忽略所有的服务routes:producer-server: # producer-server只是一个标识,保证唯一即可path: /pro/** # 映射的路径serviceId: producer-server # 服务id 必须注册服务url: http://localhost:8082/ #可以是url 和 serviceId 二选一
访问路径
http://localhost:8084/pro/get
五. 创建config-server
###config-serverpom
<dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-config</artifactId> </dependency><!--表示为web工程--> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId> </dependency><!--暴露各种指标 貌似是必须的 --> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-actuator</artifactId> </dependency><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-config-server</artifactId> </dependency> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> </dependency>
yml
server:port: 8085 spring:application:name: config-servercloud:config:server:git:uri: http://192.168.10.206/wxd/config.git#githttp地址search-paths: prducer/*#git下的文件夹,可以写多个和使用*username: wxdpassword: 12345678 eureka:client:serviceUrl:defaultZone: http://localhost:8081/eureka/#注册中心实现高可用
启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.config.server.EnableConfigServer;@SpringBootApplication @EnableConfigServer//开启config服务 public class ConfigServerApp {public static void main(String[] args) {SpringApplication.run(ConfigServerApp.class, args);} }
准备工作在自己的github创建一个项目
我这里在项目中新建一个prducer文件夹,在这个文件夹下新建文件config-client-dev.properties内容:dburl=http://loachost/1111111111111111
访问路径
http://localhost:8085/config-client/dev
http://localhost:8085/config-client-dev.properties
实现高可用需要部署多台服务器
六. 创建config-client
###config-client
- pom
<!--Spring Cloud Config 客户端依赖--> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-config</artifactId> </dependency> <!--Spring Boot Actuator,感应服务端变化--> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-actuator</artifactId> </dependency> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> </dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId> </dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope> </dependency>
- yml
server:port: 8086 spring:application:name: config-client#名字必须和配置文件名字相同config-client-dev.propertiescloud:config:profile: devlabel: master # uri: http://localhost:8085/ #单节点模式discovery:#负载模式 如果是负载模式,必须注册到注册中心enabled: trueservice-id: config-server eureka:client:serviceUrl:defaultZone: http://localhost:8081/eureka/ management:security:#SpringBoot 1.5.X 以上默认开通了安全认证,如果不关闭会要求权限enabled: falseendpoints:web:exposure:include: health, info, refresh #暴露接口,实现半自动化刷新
关键:这里是bootstrap.yml不是application.yml 因为bootstrap.yml优先级高
- 启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.cloud.client.discovery.EnableDiscoveryClient;@SpringBootApplication @EnableDiscoveryClient public class ConfigClientApp {public static void main(String[] args) {SpringApplication.run(ConfigClientApp.class, args);} }
- Controller
package com.wxd.controller;import org.springframework.beans.factory.annotation.Value; import org.springframework.cloud.context.config.annotation.RefreshScope; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController;@RestController @RefreshScope //开启更新功能 @RequestMapping("api") public class ConfigController {@Value("${dburl:asd}")private String fromValue;/*** 返回配置文件中的值*/@GetMapping("/from")@ResponseBodypublic String returnFormValue(){return fromValue;} }
- 测试
- 访问路径 http://localhost:8086/api/from 返回 http://loachost/1111111111111111
- 在git上修改文件,访问http://localhost:8086/actuator/refresh [post请求] 实现刷新配置
- 再次访问 http://localhost:8086/api/from 配置已经修改
不能实现动态刷新,需要手动刷新。需要优化
七. 创建OAth2-server
OAth2-server 认证与授权服务
- pom
<dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-security</artifactId> </dependency><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-oauth2</artifactId> </dependency> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-actuator</artifactId> </dependency> <!-- 开启负载使用时,需要注册到服务中心 --> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> </dependency>
- yml
server:port: 8087 spring:application:name: cloud-OAuth2-server eureka:client:serviceUrl:defaultZone: http://localhost:8081/eureka/
- 启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;@SpringBootApplication @EnableResourceServer//开启资源服务,因为程序需要对外暴露获取token的API接口 public class OAuth2ServerApp {public static void main(String[] args) {SpringApplication.run(OAuth2ServerApp.class, args);}}
- 创建AuthorizationServerConfig
开启授权服务的功能
package com.wxd.config;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;@Configuration @EnableAuthorizationServer //开启授权服务的功能 public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {@AutowiredAuthenticationManager authenticationManager;@Overridepublic void configure(ClientDetailsServiceConfigurer clients) throws Exception {String finalSecret = new BCryptPasswordEncoder().encode("123456");//ClientDetailsServiceConfigurer配置了客户端的一些基本信息clients.inMemory() // //将客户端的信息存储在内存中.withClient("client") // client_id /创建了一个client名为browser的客户端.secret(finalSecret) // client_secret.authorizedGrantTypes(/*"implicit",*/"password", "refresh_token") // 该client允许的授权类型.scopes("app"); // 允许的授权范围}/*** 设置管理器* @param endpoints* @throws Exception*/@Overridepublic void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {endpoints//.tokenStore(new MyRedisTokenStore(redisConnectionFactory))//Token的存储方式为内存.authenticationManager(authenticationManager)//WebSecurity配置好的 // .userDetailsService(userServiceDetail);//读取用户的验证信息 .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST);}@Overridepublic void configure(AuthorizationServerSecurityConfigurer security) throws Exception {// 允许表单认证security.allowFormAuthenticationForClients();}// @Override // public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception { // //配置获取Token的策略 // oauthServer // .tokenKeyAccess("permitAll()") //对获取Token的请求不再拦截 // .checkTokenAccess("isAuthenticated()"); //验证获取Token的验证信息 // // }}
- 创建ResourceServerConfig
由于 auth-service 需要对外暴露检查 Token 的API接口,所以 auth-service 也是一个资源服务,需要在工程中引入 Spring Security,并做相关配置,对 auth-service 资源进行保护。
package com.wxd.config;import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;@Configuration @EnableResourceServer public class ResourceServerConfig extends ResourceServerConfigurerAdapter {@Overridepublic void configure(HttpSecurity http) throws Exception {http.csrf().disable().authorizeRequests().anyRequest().authenticated().and().httpBasic();}@Overridepublic void configure(ResourceServerSecurityConfigurer resources) throws Exception {super.configure(resources);}}
- 创建WebSecurityConfig
package com.wxd.config;import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.provisioning.InMemoryUserDetailsManager;@Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { // @Autowired // private UserDetailsServiceImpl userDetailsService;@Beanpublic PasswordEncoder passwordEncoder() {return new BCryptPasswordEncoder();}/*** 创建两个简单的用户用户测试** 也可以自己实现* @return*/@Bean@Overrideprotected UserDetailsService userDetailsService() {BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();String finalPassword = bCryptPasswordEncoder.encode("123456");InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();manager.createUser(User.withUsername("user_1").password(finalPassword).authorities("USER").build());manager.createUser(User.withUsername("user_2").password(finalPassword).authorities("USER").build());return manager;}@Override@Beanpublic AuthenticationManager authenticationManagerBean() throws Exception {return super.authenticationManagerBean();}@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.userDetailsService(userDetailsService()).passwordEncoder(passwordEncoder());}@Overrideprotected void configure(HttpSecurity http) throws Exception {http.requestMatchers().anyRequest().and().authorizeRequests().antMatchers("/oauth/**").permitAll();}@Overridepublic void configure(WebSecurity web) throws Exception {web.ignoring().antMatchers("/favor.ioc");} }
获取token如图:
http://localhost:8087/oauth/token?username=user_1&password=123456&grant_type=password&scope=app&client_id=client&client_secret=123456
- 创建UserController
本例采用 RemoteTokenService 这种方式对 Token 进行验证。如果其他资源服务需要验证 Token,则需要远程调用授权服务暴露的验证 Token 的API接口。
package com.wxd.controller;import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController;import java.security.Principal;/*** <p>必须要有,做验证</p>* Created by Mr.Yangxiufeng on 2017/12/29.* Time:10:43* ProjectName:Mirco-Service-Skeleton*/ @RestController public class UserController {//暴露Remote Token Services接口//如果其它服务需要验证Token,则需要远程调用授权服务暴露的验证Token的API接口@RequestMapping("/user")public Principal user(Principal user) {return user;} }
这里只是简单的写一个服务。用户权限等需要自己实现。
八.创建需要鉴权的服务
###鉴权服务
- pom
<!-- 开启负载--> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-netflix-eureka-client</artifactId> </dependency> <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId> </dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope> </dependency> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-oauth2</artifactId> </dependency> <dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-security</artifactId> </dependency><dependency><groupId>org.springframework.cloud</groupId><artifactId>spring-cloud-starter-openfeign</artifactId> </dependency>
- yml
server:port: 8088 spring:application:name: cloud-OAuth2-client #单点测试 #security: # oauth2: # client: # accessTokenUri: http://localhost:8087/oauth/token # userAuthorizationUri: http://localhost:8087/oauth/authorize # clientId: client # clientSecret: 123456 # grantType: client_credentials,password # scope: app # resource: # userInfoUri: http://localhost:8087/user #负载 使用服务调用的方式。 security:oauth2:client:accessTokenUri: http://cloud-OAuth2-server/oauth/tokenuserAuthorizationUri: http://cloud-OAuth2-server/oauth/authorizeclientId: clientclientSecret: 123456grantType: client_credentials,passwordscope: appresource:userInfoUri: http://cloud-OAuth2-server/userloadBalanced: true eureka:client:serviceUrl:defaultZone: http://localhost:8081/eureka/
- 启动类
package com.wxd;import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;@SpringBootApplication public class OAuth2ClientApp {public static void main(String[] args) {SpringApplication.run(OAuth2ClientApp.class, args);}}
- 创建OAuth2ClientConfig
package com.wxd.config;import feign.RequestInterceptor; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.cloud.client.loadbalancer.LoadBalanced; import org.springframework.cloud.security.oauth2.client.feign.OAuth2FeignRequestInterceptor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.oauth2.client.DefaultOAuth2ClientContext; import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.token.grant.client.ClientCredentialsResourceDetails; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableOAuth2Client; import org.springframework.web.client.RestTemplate;@EnableOAuth2Client @EnableConfigurationProperties @Configuration public class OAuth2ClientConfig {@Bean@ConfigurationProperties(prefix = "security.oauth2.client")//获取Bean的配置属性public ClientCredentialsResourceDetails clientCredentialsResourceDetails() {//配置受保护资源的信息return new ClientCredentialsResourceDetails();}@Beanpublic RequestInterceptor oauth2FeignRequestInterceptor() {//配置一个过滤器,存储当前请求和上下文//在request域内创建 AccessTokenRequest 类型的Bean。return new OAuth2FeignRequestInterceptor(new DefaultOAuth2ClientContext(), clientCredentialsResourceDetails());}@Beanpublic OAuth2RestTemplate clientCredentialsRestTemplate() {//向认证中心服务请求的return new OAuth2RestTemplate(clientCredentialsResourceDetails());}}
- 创建ResourceServerConfiguration
package com.wxd.config;import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;@Configuration @EnableResourceServer @EnableGlobalMethodSecurity(prePostEnabled = true)//注解开启在方法上的保护功能 public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {@Overridepublic void configure(HttpSecurity http) throws Exception {http.authorizeRequests().antMatchers("/order/**").authenticated(); // 配置order访问控制,必须认证后才可以访问}}
- 创建OAuth2Controller
package com.wxd.controller;import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.core.Authentication; import org.springframework.security.oauth2.provider.OAuth2Authentication; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController;import java.security.Principal;@RestController public class OAuth2Controller {Logger logger = LoggerFactory.getLogger(OAuth2Controller.class);@GetMapping("/person")@PreAuthorize("hasAuthority('USER1')")//需要ROLE_ADMIN权限public @ResponseBodyObject personInfo() {return "{ad:asd}";}@GetMapping("/product/{id}")public String getProduct(@PathVariable String id) {return "product id : " + id;}@GetMapping("/order/{id}")//不需要任何权限,只要Header中的Token正确即可public String getOrder(@PathVariable String id) {return "order id : " + id;}//获取当前“Token”用户信息 token是入参@GetMapping("/getPrinciple")public OAuth2Authentication getPrinciple(OAuth2Authentication oAuth2Authentication, Principal principal, Authentication authentication) {logger.info(oAuth2Authentication.getUserAuthentication().getAuthorities().toString());logger.info(oAuth2Authentication.toString());logger.info("principal.toString() " + principal.toString());logger.info("principal.getName() " + principal.getName());logger.info("authentication: " + authentication.getAuthorities().toString());return oAuth2Authentication;} }
http://localhost:8088/getPrinciple?access_token=ff71fcb6-5963-4c2e-9438-8704ce93824c
http://localhost:8088/order/1?access_token=1cab1803-8b0d-4a3e-818a-52434d18a23e
这里只是简单的写一个服务。集成数据库等自己完成。
总的项目结构如图:
重点源码下载地址 https://download.csdn.net/download/qq_25451199/10992152
如果对你有帮助可以请作者喝一杯咖啡:
springcolud demo(亲自搭建)相关推荐
- webrtc的DEMO环境搭建
Webrtc 介绍与Demo环境搭建 一,webrtc的基本介绍 WebRTC是一个开源项目,提供简单的JavaScript接口以实现浏览器的实时通信(RTC).与普通的客户端与服务器之间的即时通信不 ...
- 【GZAdmin】开源BS demo快速搭建
下载搭建项目:链接:https://pan.baidu.com/s/1jHZ3Kkm 密码:5k4q 项目源码: GZAdmin_API:https://github.com/GarsonZhang/ ...
- 【VMCloud云平台】Demo应用搭建(二)
今天将介绍VMCloud云平台所使用的应用环境,SharePoint2013搭建过程.如下图(紫色为实施完毕,红色为进行中): 1. 点击SharePoint安装,输入序列号: 2. 接受协议: 3. ...
- 开源demo | 快速搭建在线自习室场景
在疫情成为常态的现状下,在线自习室这一能提供安静.整洁的学习环境的新"共享"模式越来越受欢迎.为迎合市场需求,anyRTC也正式推出了在线自习室demo!并开源了代码,希望能够帮助 ...
- 腾讯云centos7搭建javaweb服务器(本人亲自经历,详细)
首先声明,这是本人亲自搭建成功的经历,亲测有效,****(此处和谐)网上好多在云服务器上搭建javaweb的教程,好多都是各种抄的或者若干年之前的,真的是被坑惨了!废话不多说,下面直接上干货!步骤很详 ...
- JRtplib开发笔记(四):JRtplib的VS开发环境搭建以及Demo
原博主博客地址:https://blog.csdn.net/qq21497936 本文章博客地址:https://blog.csdn.net/qq21497936/article/details/84 ...
- 搭建新浪RPC框架motan Demo
motan是新浪微博开源的RPC框架,github官网是:https://github.com/weibocom/motan 今天就先搭建一个Hello world demo,本demo基于motan ...
- 基于Idea从零搭建一个最简单的vue项目
一.需要了解的基本知识 node.js Node.js是一个Javascript运行环境(runtime),发布于2009年5月,由Ryan Dahl开发,实质是对Chrome V8引擎进行了封装.N ...
- 因买不到RTX 3090,小哥自己搭建了一个专业级机器学习工作站
点击上方"AI遇见机器学习",选择"星标"公众号 重磅干货,第一时间送达 来自|知乎 作者|Emil Wallner 来源 AI科技评论 编辑丨极市平台 极 ...
最新文章
- Android旋转视频工具类,Android开发实现的IntentUtil跳转多功能工具类【包含视频、音频、图片、摄像头等操作功能】...
- Pytorch搭建yolo3目标检测平台
- 计算机房防火要求,信息机房如何进行防火设计
- 用matlab找出所有真因子,在matlab中找出与fmincon匹配两条曲线的缩放因子
- 功成身退:AMD Mantle不再优化了
- 请概述可视化卷积神经网络的中间输出的基本思想。_万字长文:特征可视化技术(CAM)...
- fps200多正常不_AMD处理器扬眉吐气,腾讯游戏不再A黑!LOL最高FPS459平均200多
- 核心银行系统 之一 历史与发展
- sfm点云代码_SfM实现过程分析
- 北斗卫星导航有哪些频段
- [机缘参悟-74]:沟通技巧-无论在职场还是在家,尽量少用反问句
- R语言 创建空的数据框
- 移动端APP测试总结(二)
- 转载一些关于QQ空间的文章
- 上班最强摸鱼游戏-多人联机小游戏 (一)
- Gitlab调优-备份及恢复
- R语言使用dplyr包的full_join函数基于多个字段(数据列)全连接两个dataframe、按照多列对数据进行全连接
- Proximal Policy Optimization (PPO) 算法理解:从策略梯度开始
- Python的数据分析可视化十种技能总结
- 防百度地图上下拖动View
热门文章
- 最简单的代码Java实现DM5,SHA-256,SHA-512,SHA1,haval160,4加密
- GUI猜数字游戏,简单的一百多行Python代码实现
- 三菱凌云三3 id验证 id清除 换版验证,送使用视频
- 2021起重机作业 (Q)模拟考试题库
- 专业程序员必知的技巧:敲打代码
- 完全删除远程桌面连接(mstsc)历史记录
- 打开.py文件的方法
- 数字造车看差距与对策-数字化架构设计(6)
- 2011级-csdn-java-张侃—自定义JSP标签(二)
- 腾讯云im介绍和如何接入使用