Spring OAuth2 ResourceServer 外部 AuthorizationServer [英] Spring OAuth2 ResourceServer external AuthorizationServer
问题描述
你如何只设置一个单独的 Spring OAuth2 ResourceServer,它使用 3rd 方 AuthorizationServer
How do you setup a separate Spring OAuth2 ResourceServer only, that uses and 3rd party AuthorizationServer
我看到的所有示例总是在同一个应用程序中实现 ResourceServer 和 AuthorizationServer.
All examples I see always implement the ResourceServer and AuthorizationServer in same application.
我不想实现 AuthorizationServer,因为其他人会提供它.
I don't want to implement the AuthorizationServer as someone else is going to provide this.
尝试过但没有运气
@Configuration
@EnableResourceServer
public class OAuth2ResourceServerConfig extends ResourceServerConfigurerAdapter
和 application.yml 包含
And application.yml includes
security:
oauth2:
resource:
userInfoUri: https://...../userinfo
<小时>
向我的问题添加一些进一步的细节::
据我所知 - 使用 OAuth 有 4 个玩家:
Adding to my question some further details::
In my understanding - with OAuth there are 4 players:
- 资源所有者:一个人
- 资源服务器:服务器公开受保护的 API(由身份验证服务器保护)
- 身份验证服务器:处理向客户端发出访问令牌的服务器
- 客户端:在资源所有者同意后访问资源服务器 API 的应用程序(比如网站)
我尝试了各种教程,但似乎都实现了自己的授权服务器
I have tried various tutorials, but all seem to implement their own Authorisation server
http://www.swisspush.org/security/2016/10/17/oauth2-in-depth-introduction-for-enterpriseshttps://gigsterous.github.io/engineering/2017/03/01/spring-boot-4.html
或者是实现客户端播放器的示例
or are examples of implementing the client player
- http://www.baeldung.com/spring-security-openid-connect
- https://spring.io/guides/tutorials/spring-boot-oauth2/
我的问题是:我如何通过 3rd 方身份验证服务器仅实现保护我的 REST API 的资源服务器,仅此而已.
My Question is: How do I implement just the Resource Server which secures my REST API, via a 3rd party authentication server, nothing more.
推荐答案
我已经解决了 - 你只需要:
I have work this out - all you need is:
@SpringBootApplication
@EnableResourceServer
public class ResourceServer {
public static void main(String[] args) {
SpringApplication.run(ResourceServer.class, args);
}
}
使用 application.yml 作为原始问题中发布的:
With the application.yml as posted in the original question of:
security:
oauth2:
resource:
userInfoUri: https://........userinfo
这篇关于Spring OAuth2 ResourceServer 外部 AuthorizationServer的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!