Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
github
/
spring-security-samples
mirror of https://github.com/spring-projects/spring-security-samples
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Tree: c7675213ce
Branches Tags
spring-security...
/
servlet
/
spring-boot
/
java
/
oauth2
/
resource-server
/
static
/
README.adoc

README.adoc 2.4 KB
Lịch sử Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. = OAuth 2.0 Resource Server Sample
    2. 

  2. 

  3. This sample demonstrates integrating Resource Server with a pre-configured key.
    4. 

  4. 

  5. With it, you can run the integration tests or run the application as a stand-alone service to explore how you can
    6. 

  6. secure your own service with OAuth 2.0 Bearer Tokens using Spring Security.
    7. 

  7. 

  8. == 1. Running the tests
    9. 

  9. 

  10. To run the tests, do:
    11. 

  11. 

  12. ```bash
    13. 

  13. ./gradlew integrationTest
    14. 

  14. ```
    15. 

  15. 

  16. Or import the project into your IDE and run `OAuth2ResourceServerApplicationITests` from there.
    17. 

  17. 

  18. === What is it doing?
    19. 

  19. 

  20. By default, the application is configured with an RSA public key that is available in the sample.
    21. 

  21. 

  22. The tests are configured with a set of hard-coded tokens that are signed with the corresponding RSA private key.
    23. 

  23. Each test makes a query to the Resource Server with their corresponding token.
    24. 

  24. 

  25. The Resource Server subsequently verifies the token against the public key and authorizes the request, returning the phrase
    26. 

  26. 

  27. ```bash
    28. 

  28. Hello, subject!
    29. 

  29. ```
    30. 

  30. 

  31. where "subject" is the value of the `sub` field in the token.
    32. 

  32. 

  33. == 2. Running the app
    34. 

  34. 

  35. To run as a stand-alone application, do:
    36. 

  36. 

  37. ```bash
    38. 

  38. ./gradlew bootRun
    39. 

  39. ```
    40. 

  40. 

  41. Or import the project into your IDE and run `OAuth2ResourceServerApplication` from there.
    42. 

  42. 

  43. Once it is up, you can use the following token:
    44. 

  44. 

  45. ```bash
    46. 

  46. export TOKEN=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzdWJqZWN0IiwiaWF0IjoxNTE2MjM5MDIyfQ.eB2c9xtg5wcCZxZ-o-sH4Mx1JGkqAZwH4_WS0UcDbj_nen0NPBj6CqOEPhr_LZDagb4mM6HoAPJywWWG8b_Ylnn5r2gWDzib2mb0kxIuAjnvVBrpzusw4ItTVvP_srv2DrwcisKYiKqU5X_3ka7MSVvKtswdLY3RXeCJ_S2W9go
    47. 

  47. ```
    48. 

  48. 

  49. And then make this request:
    50. 

  50. 

  51. ```bash
    52. 

  52. curl -H "Authorization: Bearer $TOKEN" localhost:8080
    53. 

  53. ```
    54. 

  54. 

  55. Which will respond with the phrase:
    56. 

  56. 

  57. ```bash
    58. 

  58. Hello, subject!
    59. 

  59. ```
    60. 

  60. 

  61. where `subject` is the value of the `sub` field in the token.
    62. 

  62. 

  63. Or this:
    64. 

  64. 

  65. ```bash
    66. 

  66. export TOKEN=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJzdWJqZWN0IiwiaWF0IjoxNTE2MjM5MDIyLCJzY29wZSI6Im1lc3NhZ2U6cmVhZCJ9.bsRCpUEaiWnzX4OqNxTBqwUD4vxxtPp-CHKTw7XcrglrvZ2lvYXaiZZbCp-hcPhuzMEzEAFuH6s4GZZOWVIX-wT47GdTz9cfA-Z4QPjS2RxePKphFXgBI3jHEpQo94Qya2fJdV4LvgBmA1uM_RTnYY1UbmeYuHKnXrZoGyV8QQQ
    67. 

  67. 

  68. curl -H "Authorization: Bearer $TOKEN" localhost:8080/message
    69. 

  69. ```
    70. 

  70. 

  71. Will respond with:
    72. 

  72. 

  73. ```bash
    74. 

  74. secret message
    75. 

  75. ```
    76. 

  76. 

  77. == 3. Testing with Other Tokens
    78. 

  78. 

  79. You can create your own tokens. Simply edit the public key in `OAuth2ResourceServerSecurityConfiguration` to match the private key you use.
    80. 

  80. 

  81. To use the `/` endpoint, any valid token will do.
    82. 

  82. To use the `/message` endpoint, the token should have the `message:read` scope.
    83.