\u8981\u5b9e\u73b0Spring Boot\u4e2d\u7684OAuth\u767b\u5f55\uff0c\u6211\u4eec\u53ef\u4ee5\u5229\u7528Spring Security OAuth\uff0c\u4f46\u662f\u7531\u4e8e\u6ca1\u6709\u592a\u591a\u6587\u6863\uff0c\u6240\u4ee5\u6211\u5c06\u8bb0\u4e0b\u5907\u5fd8\u5f55\u3002<\/p>\n
\u867d\u7136\u5982\u6b64\uff0c\u5927\u81f4\u4e0a\u5c31\u50cf\u4ee5\u4e0b\u7684\u9875\u9762\u6240\u5199\u7684\u90a3\u6837\u3002<\/p>\n
\u5728\u8fd9\u7bc7\u6587\u7ae0\u4e2d\uff0c\u9996\u5148\u6211\u4eec\u4f1a\u5b9e\u73b0\u4f7f\u7528OAuth\u8fdb\u884c\u767b\u5f55\uff0c\u7136\u540e\u521b\u5efa\u4e00\u4e2a\u4f9bAngularJS\u7b49\u5e94\u7528\u7a0b\u5e8f\u4f7f\u7528\u7684API\uff0c\u5e76\u8bb0\u5f55\u4e86\u5bf9\u8be5API\u65bd\u52a0\u7528\u6237\u6743\u9650\u8bbf\u95ee\u9650\u5236\u7684\u6b65\u9aa4\u3002<\/p>\n
\u6211\u5c06\u8bb0\u4e0b\u4e00\u79cd\u5728\u4ee5\u52a8\u6001\u9875\u9762\u8f6c\u6362\u4e3a\u4e2d\u5fc3\u6784\u5efa\u7684\u7c7b\u4f3cSPA\u7684\u5e94\u7528\u7a0b\u5e8f\u4e2d\u5b9e\u73b0\u767b\u5f55\u548c\u6388\u6743\u7684\u65b9\u6cd5\u3002<\/p>\n
\u5728\u521b\u5efaSpring Boot\u5e94\u7528\u7a0b\u5e8f\u65f6\uff0c\u6709\u51e0\u79cd\u9009\u62e9\uff0c\u4f46\u5728\u8fd9\u91cc\u6211\u4eec\u51b3\u5b9a\u4ece\u5934\u5f00\u59cb\u8fdb\u884c\u521b\u5efa\u3002
\n\u5b9e\u9645\u4e0a\uff0c\u60a8\u8fd8\u53ef\u4ee5\u901a\u8fc7\u7f51\u9875\u4e0a\u7684\u6a21\u677f\u9879\u76ee\u6765\u5feb\u901f\u521b\u5efa\u5e76\u4e0b\u8f7d\u3002<\/p>\n
\u9996\u5148\uff0c\u8fd9\u662f\u7528\u4e8e\u6784\u5efa\u548c\u6267\u884cBoot\u5e94\u7528\u7a0b\u5e8f\u7684\u6784\u5efa\u811a\u672c\u3002<\/p>\n
\u5728\u9879\u76ee\u7684\u6839\u76ee\u5f55\u4e0b\u51c6\u5907\u4e00\u4e2abuild.gradle\u6587\u4ef6\u3002<\/p>\n
buildscript<\/span> {<\/span>\r\n ext<\/span> {<\/span>\r\n springBootVersion<\/span> =<\/span> '1.3.2.RELEASE'<\/span> \/\/ Spring Boot\u306e\u30d0\u30fc\u30b8\u30e7\u30f3<\/span>\r\n }<\/span>\r\n repositories<\/span> {<\/span>\r\n mavenCentral<\/span>()<\/span> \/\/ Gradle Spring Boot\u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u53d6\u5f97\u3059\u308b\u30ea\u30dd\u30b8\u30c8\u30ea(\u3053\u3053\u3067\u306fMaven\u30bb\u30f3\u30c8\u30e9\u30eb\u30ea\u30dd\u30b8\u30c8\u30ea)<\/span>\r\n }<\/span>\r\n dependencies<\/span> {<\/span>\r\n \/\/ Gradle Spring Boot\u30d7\u30e9\u30b0\u30a4\u30f3<\/span>\r\n classpath<\/span> \"org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}\"<\/span>\r\n }<\/span>\r\n}<\/span>\r\n\r\n\/\/ \u30d3\u30eb\u30c9\u306b\u5fc5\u8981\u306a\u30e9\u30a4\u30d6\u30e9\u30ea\u306e\u8aad\u307f\u8fbc\u307f<\/span>\r\napply<\/span> plugin:<\/span> 'java'<\/span>\r\napply<\/span> plugin:<\/span> 'spring-boot'<\/span>\r\n\r\nsourceCompatibility<\/span> =<\/span> 1.8<\/span>\r\ntargetCompatibility<\/span> =<\/span> 1.8<\/span>\r\n\r\nrepositories<\/span> {<\/span>\r\n mavenCentral<\/span>()<\/span> \/\/ \u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u5b9f\u884c\u3059\u308b\u306e\u306b\u5fc5\u8981\u306a\u30e9\u30a4\u30d6\u30e9\u30ea\u306e\u53d6\u5f97\u5148\u30ea\u30dd\u30b8\u30c8\u30ea<\/span>\r\n}<\/span>\r\n\r\ndependencies<\/span> {<\/span>\r\n compile<\/span>(<\/span>'org.springframework.boot:spring-boot-starter-web'<\/span>)<\/span>\r\n compile<\/span>(<\/span>'org.springframework.boot:spring-boot-starter-security'<\/span>)<\/span>\r\n compile<\/span>(<\/span>'org.springframework.security.oauth:spring-security-oauth2'<\/span>)<\/span>\r\n compile<\/span>(<\/span>\"org.springframework.boot:spring-boot-devtools\"<\/span>)<\/span> \/\/\u30b3\u30fc\u30c9\u66f4\u65b0\u6642\u306b\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u3092\u30ea\u30ed\u30fc\u30c9\u3059\u308b<\/span>\r\n}<\/span>\r\n\r\nbootRun<\/span> {<\/span>\r\n jvmArgs<\/span> =<\/span> [<\/span>'-Dspring.output.ansi.enabled=always'<\/span>]<\/span> \/\/\u30b3\u30f3\u30bd\u30fc\u30eb\u306b\u8272\u3092\u4ed8\u3051\u308b<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n\u63a5\u4e0b\u6765\uff0c\u6211\u4eec\u5c06\u521b\u5efaBoot\u5e94\u7528\u7a0b\u5e8f\u7684\u4e3b\u7c7b\u3002<\/p>\n
package<\/span> com.example<\/span>;<\/span>\r\n\r\nimport<\/span> org.springframework.boot.SpringApplication<\/span>;<\/span>\r\nimport<\/span> org.springframework.boot.autoconfigure.SpringBootApplication<\/span>;<\/span>\r\n\r\n@SpringBootApplication<\/span>\r\npublic<\/span> class<\/span> SsoSampleApplication<\/span> {<\/span>\r\n public<\/span> static<\/span> void<\/span> main<\/span>(<\/span>String<\/span>[]<\/span> args<\/span>)<\/span> {<\/span>\r\n SpringApplication<\/span>.<\/span>run<\/span>(<\/span>SsoSampleApplication<\/span>.<\/span>class<\/span>,<\/span> args<\/span>);<\/span>\r\n }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n\u6700\u540e\uff0c\u6211\u4eec\u5c06\u51c6\u5907\u7528\u4e8e\u5c4f\u5e55\u663e\u793a\u7684HTML\u9875\u9762\u3002
\n\u867d\u7136\u5728Boot\u4e2d\u53ef\u4ee5\u8f7b\u677e\u5730\u4f7f\u7528JSP\u6216Thymeleaf\u7b49\u6a21\u677f\uff0c\u4f46\u7531\u4e8e\u4e0e\u672c\u6b21\u4e3b\u9898\u65e0\u5173\uff0c\u6211\u4eec\u51b3\u5b9a\u4ec5\u663e\u793a\u7b80\u6613\u7684HTML\u9875\u9762\u3002<\/p>\n
\u5728Spring Boot\u4e2d\uff0c\u53ef\u4ee5\u5c06static\u6216public\u76ee\u5f55\u4e0b\u7684\u6587\u4ef6\u6258\u7ba1\u5728\u7c7b\u8def\u5f84\u4e0a\uff0c\u56e0\u6b64\u53ef\u4ee5\u5c06index.html\u653e\u7f6e\u5728src\/main\/resources\/public\u76ee\u5f55\u4e0b\uff0c\u5e76\u8ba9index.html\u5728\u7c7b\u8def\u5f84\u4e0a\u88ab\u590d\u5236\u3002<\/p>\n
<!DOCTYPE html><\/span>\r\n<html><\/span>\r\n <head><\/span>\r\n <title><\/span>SSO Sample<\/title><\/span>\r\n <\/head><\/span>\r\n <body><\/span>\r\n <p><\/span>SSO Sample<\/p><\/span>\r\n <\/body><\/span>\r\n<\/html><\/span>\r\n<\/code><\/pre>\n\u521b\u5efa\u5b8c\u4e0a\u8ff0\u4e09\u4e2a\u6587\u4ef6\u540e\uff0c\u8bf7\u6267\u884c\u4ee5\u4e0b\u547d\u4ee4\u6765\u542f\u52a8\u5e94\u7528\u7a0b\u5e8f\u3002<\/p>\n
gradle bootRun\r\n<\/code><\/pre>\n\u5982\u679c\u60a8\u8fd8\u6ca1\u6709\u5b89\u88c5gradle\u547d\u4ee4\uff0c\u9700\u8981\u4eceGradle\u7684\u9875\u9762\u4e0a\u4e0b\u8f7d\u5e76\u5b89\u88c5\u3002<\/p>\n
\u6211\u5011\u5c07\u78ba\u8a8d\u5728 http:\/\/localhost:8080\/ \u4e0a\u986f\u793a\u756b\u9762\u3002<\/p>\n
SpringSecurity\u5185\u7f6e\u4e8eboot\u5e94\u7528\u7a0b\u5e8f\u7684\u7c7b\u8def\u5f84\u4e2d\uff0c\u56e0\u6b64\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u4f1a\u5bf9\u5e94\u7528\u7a0b\u5e8f\u8fdb\u884c\u57fa\u672c\u8eab\u4efd\u9a8c\u8bc1\u3002
\n\u56e0\u6b64\uff0c\u5f53\u8bbf\u95eehttp:\/\/localhost:8080\/\u65f6\uff0c\u4f1a\u663e\u793a\u7528\u6237\u8ba4\u8bc1\u5bf9\u8bdd\u6846\u3002<\/p>\n
\u9ed8\u8ba4\u7528\u6237\u540d\u662fuser\uff0c\u5bc6\u7801\u662f\u5728\u6267\u884cgradle\u547d\u4ee4\u7684\u63a7\u5236\u53f0\u4e0a\u663e\u793a\u7684\uff0c\u6240\u4ee5\u8bf7\u6309\u7167\u90a3\u6837\u8f93\u5165\u3002<\/p>\n
\u4ece\u4e0b\u4e00\u8282\u5f00\u59cb\uff0c\u6211\u4eec\u5c06\u628a\u8fd9\u4e2aBASIC\u8ba4\u8bc1\u65b9\u5f0f\u6539\u4e3a\u901a\u8fc7\u767b\u5f55\u94fe\u63a5\u8fdb\u884cOAuth2\u8ba4\u8bc1\u3002<\/p>\n
\u5728OAuth2\u4e2d\u8fdb\u884c\u767b\u5f55\u8bbe\u7f6e<\/h2>\n
\u9996\u5148\uff0c\u6211\u4eec\u5c06\u4f7f\u7528OAuth2\u5c06BASIC\u8ba4\u8bc1\u66f4\u6539\u4e3a\u767b\u5f55\u65b9\u5f0f\u3002\u5728\u8fd9\u6b21\u7684OAuth2\u63d0\u4f9b\u8005\u4e2d\uff0c\u6211\u4eec\u5c06\u4f7f\u7528Slack\u3002\u57fa\u672c\u4e0a\uff0c\u5728Facebook\u6216\u5176\u4ed6\u5e73\u53f0\u4e0a\u7684\u64cd\u4f5c\u65b9\u6cd5\u6ca1\u6709\u592a\u5927\u533a\u522b\u3002<\/p>\n
OAuth\u5e94\u7528\u7a0b\u5e8f\u7684\u6ce8\u518c<\/h3>\n
\u65e0\u8bba\u9009\u62e9\u54ea\u4e2a\u4f9b\u5e94\u5546\uff0c\u9996\u5148\u9700\u8981\u6ce8\u518c\u4e00\u4e2a\u5ba2\u6237\u7aef\u5e94\u7528\u7a0b\u5e8f\u3002\u5bf9\u4e8eSlack\uff0c\u60a8\u53ef\u4ee5\u5728\u4e0b\u9762\u7684\u9875\u9762\u4e0a\u901a\u8fc7\u201c\u521b\u5efa\u65b0\u5e94\u7528\u7a0b\u5e8f\u201d\u9009\u9879\u6765\u6ce8\u518c\u5e94\u7528\u7a0b\u5e8f\u3002<\/p>\n
\u8bf7\u968f\u4fbf\u8f93\u5165\u4e00\u4e2a\u5408\u9002\u7684\u540d\u5b57\u4f5c\u4e3a AppName\uff0c\u7136\u540e\u5728 Redirect URI(s) \u4e2d\u6dfb\u52a0 http:\/\/localhost:8080\u3002<\/p>\n
\u6ce8\u518c\u540e\u4f1a\u5f97\u5230\u5206\u53d1\u7684\u201cClient ID\u201d\u548c\u201cClient Secret\u201d\uff0c\u7a0d\u540e\u4f1a\u7528\u5230\u3002<\/p>\n
\u5f15\u5bfc\u5e94\u7528\u7a0b\u5e8f\u7684\u8bbe\u7f6e<\/h3>\n
\u5728Boot\u5e94\u7528\u7a0b\u5e8f\u4e2d\uff0c\u4f7f\u7528Spring Security OAuth\u6765\u6dfb\u52a0OAuth Consumer 2\u7684\u914d\u7f6e\u3002\u9996\u5148\uff0c\u5728\u4e00\u4e2a\u7528\u4e8e\u914d\u7f6e\u7684Java\u7c7b\u4e2d\u4f7f\u7528@EnableOAuth2Sso\uff08JavaDoc\uff09\u8fdb\u884c\u6ce8\u91ca\u3002<\/p>\n
package<\/span> com.example<\/span>;<\/span>\r\n\r\nimport<\/span> org.springframework.boot.SpringApplication<\/span>;<\/span>\r\nimport<\/span> org.springframework.boot.autoconfigure.SpringBootApplication<\/span>;<\/span>\r\nimport<\/span> org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso<\/span>;<\/span>\r\n\r\n@SpringBootApplication<\/span>\r\n@EnableOAuth2Sso<\/span> \/\/ \u3053\u308c\u3092\u8ffd\u52a0\u3059\u308b<\/span>\r\npublic<\/span> class<\/span> SsoSampleApplication<\/span> {<\/span>\r\n public<\/span> static<\/span> void<\/span> main<\/span>(<\/span>String<\/span>[]<\/span> args<\/span>)<\/span> {<\/span>\r\n SpringApplication<\/span>.<\/span>run<\/span>(<\/span>SsoSampleApplication<\/span>.<\/span>class<\/span>,<\/span> args<\/span>);<\/span>\r\n }<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n\u901a\u8fc7\u6b64\u6ce8\u89e3\uff0c\u5c06OAuth2\u5ba2\u6237\u7aef\u7684\u914d\u7f6e(@EnableOAuth2Client(JavaDoc))\u4ee5\u53ca\u4f7f\u7528\u8be5\u5ba2\u6237\u7aef\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u7684\u5904\u7406(OAuth2SsoDefaultConfiguration(JavaDoc))\u96c6\u6210\u5230Boot\u5e94\u7528\u7a0b\u5e8f\u4e2d\u3002<\/p>\n
\u4ee5\u4e0b\u4ecb\u7ecd\u4e86\u4e00\u79cd\u901a\u8fc7\u81ea\u5df1\u5b9e\u73b0@EnableOAuth2Sso\u6765\u5b9a\u5236\u8ba4\u8bc1\u5904\u7406\u7684\u65b9\u6cd5\u3002<\/p>\n
@EnableOAuth2Sso\u901a\u8fc7\u8bfb\u53d6Spring\u5e94\u7528\u7a0b\u5e8f\u914d\u7f6e\u4e2d\u7684OAuth2\u914d\u7f6e\u6765\u4f7f\u7528\u3002
\n\u5728\u7c7b\u8def\u5f84\u4e0a\u521b\u5efaapplication.properties\u6216application.yml\uff0c\u5e76\u6dfb\u52a0\u4f7f\u7528OAuth\u63d0\u4f9b\u8005\uff08\u672c\u4f8b\u4e3aSlack\uff09\u7684\u914d\u7f6e\u3002<\/p>\n
\u6211\u8ba4\u4e3a\u4e0e\u5c5e\u6027\u6587\u4ef6\u76f8\u6bd4\uff0cYAML\u66f4\u5bb9\u6613\u9605\u8bfb\uff0c\u56e0\u6b64\u8fd9\u6b21\u6211\u4eec\u9009\u62e9\u4f7f\u7528application.yml\u3002<\/p>\n
security<\/span>:<\/span>\r\n oauth2<\/span>:<\/span>\r\n client<\/span>:<\/span>\r\n clientId<\/span>:<\/span> '<\/span>xxxx.xxxx'<\/span> # Slack\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u767b\u9332\u3067\u8868\u793a\u3055\u308c\u305f\u300cClient ID\u300d<\/span>\r\n clientSecret<\/span>:<\/span> '<\/span>xxxxx'<\/span> # Slack\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u767b\u9332\u3067\u8868\u793a\u3055\u308c\u305f\u300cClient Secret\u300d<\/span>\r\n accessTokenUri<\/span>:<\/span> '<\/span>https:\/\/slack.com\/api\/oauth.access'<\/span> # Slack\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u5024<\/span>\r\n userAuthorizationUri<\/span>:<\/span> '<\/span>https:\/\/slack.com\/oauth\/authorize'<\/span> # Slack\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u5024<\/span>\r\n authenticationScheme<\/span>:<\/span> '<\/span>query'<\/span> # Slack\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u5024<\/span>\r\n scope<\/span>:<\/span> '<\/span>identify'<\/span> # Slack\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u5024<\/span>\r\n tokenName<\/span>:<\/span> '<\/span>token'<\/span> # Slack\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u5024<\/span>\r\n resource<\/span>:<\/span>\r\n userInfoUri<\/span>:<\/span> '<\/span>https:\/\/slack.com\/api\/auth.test'<\/span> # Slack\u3092\u5229\u7528\u3059\u308b\u5834\u5408\u306e\u8a2d\u5b9a\u5024<\/span>\r\n<\/code><\/pre>\n\u91cd\u542fBoot\u5e94\u7528\u7a0b\u5e8f\u5e76\u8bbf\u95ee\u4e3b\u9875\uff08http:\/\/localhost:8080\/\uff09\uff0c\u5e94\u8be5\u4f1a\u8df3\u8f6c\u5230Slack\u9875\u9762\uff0c\u5e76\u53ef\u4ee5\u8fdb\u884cOAuth\u767b\u5f55\u3002<\/p>\n
\u521b\u5efa\u767b\u5f55\u94fe\u63a5<\/h2>\n
\u5982\u679c\u5f53\u524d\u72b6\u6001\u4e0b\uff0c\u4e00\u65e6\u663e\u793a\u4e3b\u9875\uff0c\u5c31\u4f1a\u8981\u6c42\u767b\u5f55\uff0c\u4f46\u6211\u4f1a\u8bd5\u7740\u4fee\u6539\u5b83\uff0c\u901a\u8fc7\u6309\u4e0b\u767b\u5f55\u6309\u94ae\u6765\u8bf7\u6c42\u767b\u5f55\u3002<\/p>\n
\u9996\u5148\uff0c\u5728HTML\u4e0a\u521b\u5efa\u4e00\u4e2a\u767b\u5f55\u94fe\u63a5\u3002<\/p>\n
<!DOCTYPE html><\/span>\r\n<html><\/span>\r\n <head><\/span>\r\n <title><\/span>SSO Sample<\/title><\/span>\r\n <\/head><\/span>\r\n <body><\/span>\r\n <p><\/span>SSO Sample <a<\/span> href=<\/span>\"\/login\"<\/span>><\/span>\u30ed\u30b0\u30a4\u30f3<\/a><\/p><\/span>\r\n <\/body><\/span>\r\n<\/html><\/span>\r\n<\/code><\/pre>\n\/login\u662f\u7531Spring Boot\u63d0\u4f9b\u7684\u7279\u6b8a\u8def\u5f84\uff0c\u53ea\u9700\u8bbf\u95ee\u6b64\u5904\u5373\u53ef\u5f00\u59cb\u767b\u5f55\u5904\u7406\u3002<\/p>\n
\u4e0d\u9700\u8981\u521b\u5efa\u4e0e\/login\u5bf9\u5e94\u7684\u9875\u9762\u3002
\n\u5f53\u8f6c\u5230\/login\u65f6\uff0c\u5c06\u88ab\u91cd\u5b9a\u5411\u5230OAuth\u63d0\u4f9b\u8005\u7684\u767b\u5f55\u9875\u9762\uff0c\u767b\u5f55\u540e\u5c06\u6839\u636e\u5728Slack\u4e0a\u8bbe\u7f6e\u7684\u91cd\u5b9a\u5411URI(s)\u91cd\u5b9a\u5411\u5230\/login\u4e4b\u524d\u7684\u9875\u9762\u3002<\/p>\n
\u4e0d\u8fc7\uff0c\u73b0\u5728\u7684\u60c5\u51b5\u662f\uff0c\u5982\u679c\u7ee7\u7eed\u6309\u7167\u8fd9\u6837\u7684\u64cd\u4f5c\uff0c\u5728\u70b9\u51fb\/login\u94fe\u63a5\u4e4b\u524d\u53ea\u4f1a\u88ab\u8981\u6c42\u767b\u5f55\uff0c\u5e76\u4e14\u4e3a\u4e86\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff0c\u6211\u4f1a\u4fee\u6539Spring Security\u7684\u8bbe\u7f6e\uff0c\u8ba9\u53ef\u4ee5\u5728\u6ca1\u6709\u767b\u5f55\u7684\u60c5\u51b5\u4e0b\u8bbf\u95ee\u9996\u9875\u3002<\/p>\n
package<\/span> com.example<\/span>;<\/span>\r\n\r\nimport<\/span> org.springframework.boot.SpringApplication<\/span>;<\/span>\r\nimport<\/span> org.springframework.boot.autoconfigure.SpringBootApplication<\/span>;<\/span>\r\nimport<\/span> org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso<\/span>;<\/span>\r\nimport<\/span> org.springframework.security.config.annotation.web.builders.HttpSecurity<\/span>;<\/span>\r\nimport<\/span> org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter<\/span>