2.4资源系统创建
说明
资源服务可以有很多个,这里只拿产品服务为例,记住,资源服务中只能通过公钥验证认证。不能签发token!创建产品服务并导入jar包根据实际业务导包即可,咱们就暂时和认证服务一样了。
接下来我们再创建一个资源服务
导入相关的依赖
<dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <artifactId>security-jwt-common</artifactId> <groupId>com.dpb</groupId> <version>1.0-SNAPSHOT</version> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.47</version> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.0</version> </dependency> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid</artifactId> <version>1.1.10</version> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-configuration-processor</artifactId> <optional>true</optional> </dependency> </dependencies>
编写产品服务配置文件
切记这里只能有公钥地址!
server: port: 9002 spring: datasource: driver-class-name: com.mysql.jdbc.Driver url: jdbc:mysql://localhost:3306/srm username: root password: 123456 type: com.alibaba.druid.pool.DruidDataSource mybatis: type-aliases-package: com.dpb.domain mapper-locations: classpath:mapper/*.xml logging: level: com.dpb: debug rsa: key: pubKeyFile: c:\tools\auth_key\id_key_rsa.pub
编写读取公钥的配置类
@Data @ConfigurationProperties(prefix = "rsa.key") public class RsaKeyProperties { private String pubKeyFile; private PublicKey publicKey; /** * 系统启动的时候触发 * @throws Exception */ @PostConstruct public void createRsaKey() throws Exception { publicKey = RsaUtils.getPublicKey(pubKeyFile); } }
编写启动类
@SpringBootApplication @MapperScan("com.dpb.mapper") @EnableConfigurationProperties(RsaKeyProperties.class) public class App { public static void main(String[] args) { SpringApplication.run(App.class,args); } }
复制认证服务中,用户对象,角色对象和校验认证的接口
复制认证服务中的相关内容即可
复制认证服务中SpringSecurity配置类做修改
@Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(securedEnabled=true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private UserService userService; @Autowired private RsaKeyProperties prop; @Bean public BCryptPasswordEncoder passwordEncoder(){ return new BCryptPasswordEncoder(); } //指定认证对象的来源 public void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userService).passwordEncoder(passwordEncoder()); } //SpringSecurity配置信息 public void configure(HttpSecurity http) throws Exception { http.csrf() .disable() .authorizeRequests() //.antMatchers("/user/query").hasAnyRole("USER") .anyRequest() .authenticated() .and() .addFilter(new TokenVerifyFilter(super.authenticationManager(), prop)) // 禁用掉session .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); } }
去掉“增加自定义认证过滤器”即可!
编写产品处理器
@RestController @RequestMapping("/user") public class UserController { @RequestMapping("/query") public String query(){ return "success"; } @RequestMapping("/update") public String update(){ return "update"; } }
测试
