2 年之前 · 9b252d835a
--- a/docs/src/docs/asciidoc/examples/src/main/java/sample/gettingStarted/SecurityConfig.java
+++ b/docs/src/docs/asciidoc/examples/src/main/java/sample/gettingStarted/SecurityConfig.java
@@ -32,12 +32,14 @@ import org.springframework.context.annotation.Configuration;
 
				 import org.springframework.core.annotation.Order;
			
 
				 import org.springframework.security.config.Customizer;
			
 
				 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			
 
				+import org.springframework.security.config.annotation.web.configurers.oauth2.server.resource.OAuth2ResourceServerConfigurer;
			
 
				 import org.springframework.security.core.userdetails.User;
			
 
				 import org.springframework.security.core.userdetails.UserDetails;
			
 
				 import org.springframework.security.core.userdetails.UserDetailsService;
			
 
				 import org.springframework.security.oauth2.core.AuthorizationGrantType;
			
 
				 import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
			
 
				 import org.springframework.security.oauth2.core.oidc.OidcScopes;
			
 
				+import org.springframework.security.oauth2.jwt.JwtDecoder;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.InMemoryRegisteredClientRepository;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
			
 
				 import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
			
@@ -66,7 +68,9 @@ public class SecurityConfig {
 
				 			.exceptionHandling((exceptions) -> exceptions
			
 
				 				.authenticationEntryPoint(
			
 
				 					new LoginUrlAuthenticationEntryPoint("/login"))
			
 
				-			);
			
 
				+			)
			
 
				+			// Accept access tokens for User Info and/or Client Registration
			
 
				+			.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
			
 
				 		// @formatter:on
			
 
				 
			
 
				 		return http.build();
			
@@ -115,6 +119,7 @@ public class SecurityConfig {
 
				 				.redirectUri("http://127.0.0.1:8080/login/oauth2/code/messaging-client-oidc")
			
 
				 				.redirectUri("http://127.0.0.1:8080/authorized")
			
 
				 				.scope(OidcScopes.OPENID)
			
 
				+				.scope(OidcScopes.PROFILE)
			
 
				 				.scope("message.read")
			
 
				 				.scope("message.write")
			
 
				 				.clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build())
			
@@ -153,6 +158,11 @@ public class SecurityConfig {
 
				 	}
			
 
				 
			
 
				 	@Bean // <7>
			
 
				+	public JwtDecoder jwtDecoder(JWKSource<SecurityContext> jwkSource) {
			
 
				+		return OAuth2AuthorizationServerConfiguration.jwtDecoder(jwkSource);
			
 
				+	}
			
 
				+
			
 
				+	@Bean // <8>
			
 
				 	public AuthorizationServerSettings authorizationServerSettings() {
			
 
				 		return AuthorizationServerSettings.builder().build();
			
 
				 	}
			
--- a/docs/src/docs/asciidoc/getting-started.adoc
+++ b/docs/src/docs/asciidoc/getting-started.adoc
@@ -55,4 +55,5 @@ This is a minimal configuration for getting started quickly. To understand what
 
				 <4> An instance of xref:core-model-components.adoc#registered-client-repository[`RegisteredClientRepository`] for managing clients.
			
 
				 <5> An instance of `com.nimbusds.jose.jwk.source.JWKSource` for signing access tokens.
			
 
				 <6> An instance of `java.security.KeyPair` with keys generated on startup used to create the `JWKSource` above.
			
 
				-<7> An instance of xref:configuration-model#configuring-authorization-server-settings[`AuthorizationServerSettings`] to configure Spring Authorization Server.
			
 
				+<7> An instance of {spring-security-api-base-url}/org/springframework/security/oauth2/jwt/JwtDecoder.html[`JwtDecoder`] for decoding signed access tokens.
			
 
				+<8> An instance of xref:configuration-model#configuring-authorization-server-settings[`AuthorizationServerSettings`] to configure Spring Authorization Server.