类 ShiroOAuthConfiguration

java.lang.Object
com.flyfish.oauth.shiro.ShiroOAuthConfiguration
@Import({ConflictOAuthConfiguration.class,OAuthRegistryConfig.class}) public class ShiroOAuthConfiguration extends Object
配置类,动态注入额外的鉴权bean,并同时侵入性修改shiro bean

  • 构造器详细资料

    • ShiroOAuthConfiguration

      public ShiroOAuthConfiguration()

  • 方法详细资料

    • shiroTokenFactory

      @ConditionalOnMissingBean(ShiroTokenFactory.class) @Bean public ShiroTokenFactory<Object> shiroTokenFactory()
      shiro的鉴权工厂
      返回:
      结果

    • tomcatContextCustomizer

      @ConditionalOnMissingBean(org.springframework.boot.web.embedded.tomcat.TomcatContextCustomizer.class) @ConditionalOnClass(name="org.apache.catalina.startup.Tomcat") @Bean public org.springframework.boot.web.embedded.tomcat.TomcatContextCustomizer tomcatContextCustomizer()
      tomcat自定义session
      返回:
      结果

    • oAuthRealm

      @Bean @ConditionalOnBean(OAuthAuthorizationExtractor.class) public <T> OAuthRealm oAuthRealm(OAuthAuthorizationExtractor<T> authorizationExtractor)
      使用授权信息抽取器分离授权信息的获取逻辑
      参数:
      authorizationExtractor - 授权抽取器
      返回:
      结果

    • modifier

      @Bean @ConditionalOnBean(OAuthRealm.class) public MonkeyShiroConfigModifier modifier(org.apache.shiro.web.mgt.WebSecurityManager manager, org.apache.shiro.web.servlet.AbstractShiroFilter filter, OAuthRealm oAuthRealm)
      动态添加,目标是干掉session对subject的加持,保证单机环境不冲突

    • authenticationListener

      @Bean public <T> org.apache.shiro.authc.AuthenticationListener authenticationListener()
      鉴权监听器
      返回:
      结果¬

    • shiroSessionConverter

      @Bean @ConditionalOnBean({ShiroTokenFactory.class,OAuthAuthorizationExtractor.class}) public <T> com.flyfish.oauth.configuration.SSOSessionConverter<T> shiroSessionConverter(org.apache.shiro.web.mgt.WebSecurityManager manager, ShiroTokenFactory<T> shiroTokenFactory, OAuthAuthorizationExtractor<T> extractor)
      注入shiro session转换器
      参数:
      shiroTokenFactory - 工厂
      返回:
      结果