Related articles:
Spring Security OAuth2 Provider Minimum Implementation
Spring Security OAuth2 Provider Database Storage
Spring Security OAuth2 Provider Third-Party Login Simple Demonstration
Spring Security OAuth2 Provider Custom Development
Spring Security OAuth2 Provider
Integration
JWT Resource Server needs to add dependencies.
<dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-jwt</artifactId> <optional>true</optional> </dependency>
(2) Generate a signed certificate
to generate a certificate
quote
# keytool -genkeypair -alias jwt-test -keyalg RSA -dname "CN=jwt,OU=ren,O=ren,L=china,S=china,C=CN" -keypass my_pass -keystore jwt-test.jks -storepass my_pass
Put the .jks file in the Authorization Server's src/main/resources/jwt-test.jks
to export the public key
quote
# keytool -list -rfc --keystore jwt-test.jks | openssl x509 -inform pem -pubkey
Copy the PUBLIC KEY part to src/main/resources/public.txt of Resource Server
(3) Authentication server settings
@Bean protected JwtAccessTokenConverter jwtTokenEnhancer() { KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(new ClassPathResource("jwt-test.jks"), "my_pass".toCharArray()); JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt-test")); return converter; } @Bean public TokenStore tokenStore() { return new JwtTokenStore(accessTokenConverter()); }
(4) Resource server settings
@Bean public JwtAccessTokenConverter accessTokenConverter() { JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); Resource resource = new ClassPathResource("public.txt"); String publicKey = null; try { publicKey = IOUtils.toString(resource.getInputStream()); } catch (final IOException e) { throw new RuntimeException(e); } converter.setVerifierKey(publicKey); return converter; } @Bean public TokenStore tokenStore() { return new JwtTokenStore(accessTokenConverter()); }
(5) Confirmation test
to obtain Token:
![](http://dl2.iteye.com/upload/attachment/0126/2337/d424cf2c-c042-3f74-8027-5a454e1e4fd4.png)
Confirm Token through jwt.io:
![](http://dl2.iteye.com/upload/attachment/0126/2339/bc39afcd-2ea9-311c-b207-c5e97735e655.png)
Access resource API through access_token:
![](http://dl2.iteye.com/upload/attachment/0126/2341/ea6ee272-4b3b-35ff-a72a-06682c616236.png)
(6) Algorithm HS256
changes the configuration of Authorization Server and Resource Server to:
@Bean protected JwtAccessTokenConverter accessTokenConverter() { JwtAccessTokenConverter converter = new JwtAccessTokenConverter(); converter.setSigningKey("rensanning"); return converter; }
Get Token:
![](http://dl2.iteye.com/upload/attachment/0126/2343/28039be9-a2bc-36db-b5ad-3821d884acd4.png)
Confirm Token through jwt.io:
![](http://dl2.iteye.com/upload/attachment/0126/2345/f0d1156f-13ee-3ad8-8a3e-6af901dcde9b.png)
Access resource API through access_token:
![](http://dl2.iteye.com/upload/attachment/0126/2347/8e664893-73c0-33f7-9c19-3374a2927424.png)
Reference:
http://www.baeldung.com/spring-security-oauth-jwt
https://github.com/dynamind/spring-boot-security -oauth2-minimal