代码拉取完成,页面将自动刷新
<dependencies>
<!-- OAuth 2.1 依赖 -->
<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-oauth2-authorization-server -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-authorization-server</artifactId>
<version>0.4.0-M1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/cn.com.xuxiaowei.boot/spring-boot-starter-wechat-miniprogram -->
<dependency>
<groupId>cn.com.xuxiaowei.boot</groupId>
<artifactId>spring-boot-starter-wechat-miniprogram</artifactId>
<version>0.0.2-alpha.1</version>
</dependency>
</dependencies>
package cloud.xuxiaowei.passport.configuration;
// import cloud.xuxiaowei.passport.handler.AccessTokenAuthenticationFailureHandlerImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2WeChatMiniProgramAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.config.annotation.web.configurers.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.oauth2.server.authorization.web.authentication.*;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.RequestMatcher;
import java.util.Arrays;
/**
* Spring Security 配置
* <p>
* 详细使用说明参见:
* <p>
* <a href=
* "https://gitee.com/xuxiaowei-cloud/xuxiaowei-cloud/blob/main/passport/src/main/java/cloud/xuxiaowei/passport/configuration/AuthorizationServerConfiguration.java">Gitee</a>
* <p>
* <a href=
* "https://github.com/xuxiaowei-cloud/xuxiaowei-cloud/blob/main/passport/src/main/java/cloud/xuxiaowei/passport/configuration/AuthorizationServerConfiguration.java">Github</a>
*
* @author xuxiaowei
* @since 0.0.1
*/
@Configuration
public class WebSecurityConfigurerAdapterConfiguration {
@Bean
@Order(-1)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
// 此段代码来自:OAuth2AuthorizationServerConfiguration#applyDefaultSecurity(HttpSecurity)
// @formatter:off
OAuth2AuthorizationServerConfigurer authorizationServerConfigurer =
new OAuth2AuthorizationServerConfigurer();
RequestMatcher endpointsMatcher = authorizationServerConfigurer
.getEndpointsMatcher();
http
.requestMatcher(endpointsMatcher)
.authorizeRequests(authorizeRequests ->
authorizeRequests.anyRequest().authenticated()
)
.csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher))
.apply(authorizationServerConfigurer);
// @formatter:on
// 自定义客户授权
authorizationServerConfigurer.tokenEndpoint(tokenEndpointCustomizer -> tokenEndpointCustomizer
.accessTokenRequestConverter(new DelegatingAuthenticationConverter(Arrays.asList(
// 新增:微信 OAuth2 用于验证授权授予的 {@link
// OAuth2WeChatMiniProgramAuthenticationToken}
new OAuth2WeChatMiniProgramAuthenticationConverter(),
// 默认值:OAuth2 授权码认证转换器
new OAuth2AuthorizationCodeAuthenticationConverter(),
// 默认值:OAuth2 刷新令牌认证转换器
new OAuth2RefreshTokenAuthenticationConverter(),
// 默认值:OAuth2 客户端凭据身份验证转换器
new OAuth2ClientCredentialsAuthenticationConverter())))
// 用于处理失败的身份验证尝试的策略。
// .errorResponseHandler(new AccessTokenAuthenticationFailureHandlerImpl())
);
// 微信小程序 OAuth2 身份验证提供程序
new OAuth2WeChatMiniProgramAuthenticationProvider(http);
return http.build();
}
}
# 微信小程序配置
wechat:
mini:
program:
# 默认微信小程序的权限
default-role: wechat_miniprogram
# 小程序账户列表
list:
- appid: ${wx_miniapp_appid:}
secret: ${wx_miniapp_secret:}
wechat_miniprogram
/oauth2/token?grant_type=wechat_miniprogram&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&code={CODE}
补全未找到小程序secret时抛出的异常信息
重命名基于内存的微信小程序账户服务接口appid 时,可以从请求头中的 Referer 中自动截取appid
/oauth2/token?grant_type=wechat_miniprogram&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&code={CODE}
<dependencies>
<!-- OAuth 2.1 依赖 -->
<!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-oauth2-authorization-server -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-oauth2-authorization-server</artifactId>
<version>0.3.1</version>
</dependency>
<!-- https://mvnrepository.com/artifact/cn.com.xuxiaowei.boot/spring-boot-starter-wechat-miniprogram -->
<dependency>
<groupId>cn.com.xuxiaowei.boot</groupId>
<artifactId>spring-boot-starter-wechat-miniprogram</artifactId>
<version>0.0.1-alpha.1</version>
</dependency>
</dependencies>
package cloud.xuxiaowei.passport.configuration;
import cloud.xuxiaowei.passport.handler.AccessTokenAuthenticationFailureHandlerImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.oauth2.server.authorization.OAuth2AuthorizationServerConfigurer;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2WeChatMiniProgramAuthenticationProvider;
import org.springframework.security.oauth2.server.authorization.web.authentication.*;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.util.matcher.RequestMatcher;
import java.util.Arrays;
/**
* Spring Security 配置
* <p>
* 详细使用说明参见:
* <p>
* <a href="https://gitee.com/xuxiaowei-cloud/xuxiaowei-cloud/blob/main/passport/src/main/java/cloud/xuxiaowei/passport/configuration/AuthorizationServerConfiguration.java">Gitee</a>
* <p>
* <a href="https://github.com/xuxiaowei-cloud/xuxiaowei-cloud/blob/main/passport/src/main/java/cloud/xuxiaowei/passport/configuration/AuthorizationServerConfiguration.java">Github</a>
*
* @author xuxiaowei
* @since 0.0.1
*/
@Configuration
public class WebSecurityConfigurerAdapterConfiguration {
@Bean
@Order(-1)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity http) throws Exception {
// 此段代码来自:OAuth2AuthorizationServerConfiguration#applyDefaultSecurity(HttpSecurity)
// @formatter:off
OAuth2AuthorizationServerConfigurer<HttpSecurity> authorizationServerConfigurer =
new OAuth2AuthorizationServerConfigurer<>();
RequestMatcher endpointsMatcher = authorizationServerConfigurer
.getEndpointsMatcher();
http
.requestMatcher(endpointsMatcher)
.authorizeRequests(authorizeRequests ->
authorizeRequests.anyRequest().authenticated()
)
.csrf(csrf -> csrf.ignoringRequestMatchers(endpointsMatcher))
.apply(authorizationServerConfigurer);
// @formatter:on
// 自定义客户授权
authorizationServerConfigurer.tokenEndpoint(tokenEndpointCustomizer -> tokenEndpointCustomizer
.accessTokenRequestConverter(new DelegatingAuthenticationConverter(Arrays.asList(
// 新增:微信 OAuth2 用于验证授权授予的 {@link
// OAuth2WeChatMiniProgramAuthenticationToken}
new OAuth2WeChatMiniProgramAuthenticationConverter(),
// 默认值:OAuth2 授权码认证转换器
new OAuth2AuthorizationCodeAuthenticationConverter(),
// 默认值:OAuth2 刷新令牌认证转换器
new OAuth2RefreshTokenAuthenticationConverter(),
// 默认值:OAuth2 客户端凭据身份验证转换器
new OAuth2ClientCredentialsAuthenticationConverter())))
// 用于处理失败的身份验证尝试的策略。
.errorResponseHandler(new AccessTokenAuthenticationFailureHandlerImpl()));
// 微信小程序 OAuth2 身份验证提供程序
new OAuth2WeChatMiniProgramAuthenticationProvider(http);
return http.build();
}
}
# 微信小程序配置
wechat:
mini:
program:
# 默认微信小程序的权限
default-role: wechat_miniprogram
# 小程序账户列表
list:
- appid: ${wx_miniapp_appid:}
secret: ${wx_miniapp_secret:}
wechat_miniprogram
/oauth2/token?grant_type=wechat_miniprogram&client_id={CLIENT_ID}&client_secret={CLIENT_SECRET}&appid={APPID}&code={CODE}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
