添加依賴
<!-- oauth -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-jwt</artifactId>
</dependency>
配置oauth
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class OAuth2ResourceServerConfig extends GlobalMethodSecurityConfiguration
{
@Override
protected MethodSecurityExpressionHandler createExpressionHandler()
{
OAuth2MethodSecurityExpressionHandler oAuth2MethodSecurityExpressionHandler = new OAuth2MethodSecurityExpressionHandler();
return oAuth2MethodSecurityExpressionHandler;
}
}
/**
* 當@EnableGlobalMethodSecurity(prePostEnabled=true)的時候,@PreAuthorize可以使用
* @PreAuthorize可以用來控制一個方法是否能夠被調用。
* @在controller層方法中添加權限配置(符合條件得才可以調用這個方法)
* @return
*/
@PreAuthorize(value = "#oauth2.hasAnyScope('A','B','C','D')")//添加機構編碼權限,判斷該機構是否有權限調用
@PreAuthorize(value="isAuthenticated()")//添加登錄權限判斷,登錄才可以調用
public String getInformation(){
return info;
}