Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
github
/
spring-security
mirror of https://github.com/spring-projects/spring-security
2
0
Fork 0
Các tập tin Các vấn đề 0 Wiki
Browse Source

Resource Server Static Sample Uses @Value For Key

Issue: gh-6494
Josh Cummings 6 năm trước cách đây
mục cha
1c25fe26c9
commit
b252371de7
3 tập tin đã thay đổi với 18 bổ sung14 xóa
View chưa được định nghĩa Hiển thị tình trạng sai khác
  1. 5 14
      samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
  2. 6 0
      samples/boot/oauth2resourceserver-static/src/main/resources/application.yml
  3. 7 0
      samples/boot/oauth2resourceserver-static/src/main/resources/simple.pub

+ 5 - 14
samples/boot/oauth2resourceserver-static/src/main/java/sample/OAuth2ResourceServerSecurityConfiguration.java
Xem Tập Tin 

@@ -15,11 +15,9 @@
 
  */
 
  */
 
 package sample;
 
 package sample;
 
 
 
-import java.security.KeyFactory;
 
 import java.security.interfaces.RSAPublicKey;
 
 import java.security.interfaces.RSAPublicKey;
 
-import java.security.spec.X509EncodedKeySpec;
 
-import java.util.Base64;
 
 
 
+import org.springframework.beans.factory.annotation.Value;
 
 import org.springframework.context.annotation.Bean;
 
 import org.springframework.context.annotation.Bean;
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
@@ -33,6 +31,9 @@ import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
 
 @EnableWebSecurity
 
 @EnableWebSecurity
 
 public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
 public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfigurerAdapter {
 
 
 
+	@Value("${spring.security.oauth2.resourceserver.jwt.key-value}")
 
+	RSAPublicKey key;
 
+
 
 	@Override
 
 	@Override
 
 	protected void configure(HttpSecurity http) throws Exception {
 
 	protected void configure(HttpSecurity http) throws Exception {
 
 		// @formatter:off
 
 		// @formatter:off
 
@@ -49,16 +50,6 @@ public class OAuth2ResourceServerSecurityConfiguration extends WebSecurityConfig
 
 
 
 	@Bean
 
 	@Bean
 
 	JwtDecoder jwtDecoder() throws Exception {
 
 	JwtDecoder jwtDecoder() throws Exception {
 
-		return NimbusJwtDecoder.withPublicKey(key()).build();
 
-	}
 
-
 
-	private RSAPublicKey key() throws Exception {
 
-		String encoded = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdlatRjRjogo3WojgGHFHYLugd" +
 
-				"UWAY9iR3fy4arWNA1KoS8kVw33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQs" +
 
-				"HUfQrSDv+MuSUMAe8jzKE4qW+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5D" +
 
-				"o2kQ+X5xK9cipRgEKwIDAQAB";
 
-		byte[] bytes = Base64.getDecoder().decode(encoded.getBytes());
 
-		return (RSAPublicKey) KeyFactory.getInstance("RSA")
 
-				.generatePublic(new X509EncodedKeySpec(bytes));
 
+		return NimbusJwtDecoder.withPublicKey(this.key).build();
 
 	}
 
 	}
 
 }
 
 }

+ 6 - 0
samples/boot/oauth2resourceserver-static/src/main/resources/application.yml
Xem Tập Tin 

@@ -0,0 +1,6 @@
 
+spring:
 
+  security:
 
+    oauth2:
 
+      resourceserver:
 
+        jwt:
 
+          key-value: classpath:simple.pub

+ 7 - 0
samples/boot/oauth2resourceserver-static/src/main/resources/simple.pub
Xem Tập Tin 

@@ -0,0 +1,7 @@
 
+-----BEGIN PUBLIC KEY-----
 
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdlatRjRjogo3WojgGHFHYLugd
 
+UWAY9iR3fy4arWNA1KoS8kVw33cJibXr8bvwUAUparCwlvdbH6dvEOfou0/gCFQs
 
+HUfQrSDv+MuSUMAe8jzKE4qW+jK+xQU9a03GUnKHkkle+Q0pX/g6jXZ7r1/xAK5D
 
+o2kQ+X5xK9cipRgEKwIDAQAB
 
+-----END PUBLIC KEY-----
 
+