之前我已经介绍了如何搭建授权认证服务器 ,接下来,我将对官方样例进行改造,实现以下问题
问题1:如何实现客户端三方认证
问题2:如何实现资源服务器
问题3:如何实现单点登录
问题4:如何实现自定义登录页面与授权页面,并且部署在前端服务器
问题5:如何实现,不同的客户端登录页面不同
问题5方案package sample.config;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
public class CustomerAuthenticationEntryPoint implements AuthenticationEntryPoint {
private final Map<String, AuthenticationEntryPoint> authenticationEntryPoints;
private final AuthenticationEntryPoint defaultEntryPoint = new LoginUrlAuthenticationEntryPoint("/login");
public CustomerAuthenticationEntryPoint(Map<String, String> loginUrls) {
Map<String, AuthenticationEntryPoint> map = new HashMap<>();
loginUrls.forEach((clientId, loginUrl) ->
map.put(clientId, new LoginUrlAuthenticationEntryPoint(loginUrl)));
this.authenticationEntryPoints = Collections.unmodifiableMap(map);
}
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException, ServletException, IOException {
AuthenticationEntryPoint delegate = this.defaultEntryPoint;
// Attempt to resolve a specific login url based on clientId
String clientId = request.getParameter("client_id");
if (clientId != null) {
delegate = this.authenticationEntryPoints.getOrDefault(clientId, this.defaultEntryPoint);
}
delegate.commence(request, response, authException);
}
}
.exceptionHandling(exceptions ->
exceptions
//.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/login/hello"))
.authenticationEntryPoint(fillLoginUrlAndClient())
)
private AuthenticationEntryPoint fillLoginUrlAndClient() {
Map<String, String> loginUrls=new HashMap<>();
loginUrls.put("messaging-client","http://127.0.0.1/login.html");
loginUrls.put("messaging-client2","/login/hello2");
CustomerAuthenticationEntryPoint customerAuthenticationEntryPoint =
new CustomerAuthenticationEntryPoint(loginUrls);
return customerAuthenticationEntryPoint;
}其他问题解决方案
git 地址:https://gitee.com/GZ-jelly/jelly-spring-authorization-server
