springboot+Oauth2实现自定义AuthenticationManager和认证path

本人在工作中需要构建这么一个后台框架，基于 spring boot，登录时认证使用自定义AuthenticationManager；同时支持Oauth2访问指定API接口，认证时的AuthenticationManager和登录规则不同。在研究了源码的基础上参考很多文章，目前基本得以解决。

									@Configuration

									public class OAuth2Configuration {

									   @SpringBootApplication

									   @RestController

									   @EnableResourceServer

									   @Configuration

									   @EnableAuthorizationServer

									   protected static class AuthorizationServerConfiguration extends AuthorizationServerConfigurerAdapter implements EnvironmentAware {

									     private static final String ENV_OAUTH = "authentication.oauth.";

									     private static final String PROP_CLIENTID = "clientid";

									     private static final String PROP_SECRET = "secret";

									     private static final String PROP_TOKEN_VALIDITY_SECONDS = "tokenValidityInSeconds";

									     private RelaxedPropertyResolver propertyResolver;

									     @Autowired

									     private DataSource dataSource;

									     @Bean

									     public TokenStore tokenStore() {

									       return new JdbcTokenStore(dataSource);

									     }

									//     @Autowired

									//   @Qualifier("authenticationManagerBean")  

									//     private AuthenticationManager authenticationManager;

									     @Autowired

									   @Qualifier("daoAuhthenticationOauthProvider")  

									     private AuthenticationProvider daoAuhthenticationOauthProvider;

									  @Override

									  public void configure(AuthorizationServerEndpointsConfigurer endpoints)

									   throws Exception {

									  // @formatter:off

									  endpoints

									  .tokenStore(tokenStore())

									  .authenticationManager(new AuthenticationManager(){

									   @Override

									   public Authentication authenticate(Authentication authentication) throws AuthenticationException {

									   // TODO Auto-generated method stub

									   return daoAuhthenticationOauthProvider.authenticate(authentication);

									   }

									  });

									  // @formatter:on

									  }

									     @Override

									     public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

									       clients

									         .inMemory()

									         .withClient(propertyResolver.getProperty(PROP_CLIENTID))

									         .scopes("read", "write")

									         .authorities(Authorities.ROLE_CHANNEL.name())

									         .authorizedGrantTypes("password", "refresh_token")

									         .secret(propertyResolver.getProperty(PROP_SECRET))

									         .accessTokenValiditySeconds(propertyResolver.getProperty(PROP_TOKEN_VALIDITY_SECONDS, Integer.class, 1800));

									     }

									     @Override

									     public void setEnvironment(Environment environment) {

									       this.propertyResolver = new RelaxedPropertyResolver(environment, ENV_OAUTH);

									     }

									     @Configuration

									     @EnableResourceServer

									     protected static class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

									       @Override

									       public void configure(HttpSecurity http) throws Exception {

									         http

									         .antMatcher("/api/dev/**")

									         .authorizeRequests()

									         .anyRequest()

									         .hasRole("DEVELEPOR")

									       .and()

									         .antMatcher("/api/channel/**")

									         .authorizeRequests()

									         .anyRequest()

									         .hasRole("CHANNEL");

									       }

									     }

									   }

									}

以上是Oauth2的主要配置，SecurityConfiguration的配置就不贴了，大家可以去github上找资料，下面是如何自定一个daoAuhthenticationProvider。

									@Bean(name="daoAuhthenticationProvider")

									public AuthenticationProvider daoAuhthenticationProvider() {

									DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();

									daoAuthenticationProvider.setUserDetailsService(userDetailsService);

									daoAuthenticationProvider.setHideUserNotFoundExceptions(false);

									daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);

									return daoAuthenticationProvider;

									}

									@Bean(name="daoAuhthenticationOauthProvider")

									public AuthenticationProvider daoAuhthenticationOauthProvider() {

									DaoAuthenticationProvider daoAuthenticationProvider = new DaoAuthenticationProvider();

									daoAuthenticationProvider.setUserDetailsService(userDetailsOauthService);

									daoAuthenticationProvider.setHideUserNotFoundExceptions(false);

									daoAuthenticationProvider.setPasswordEncoder(passwordEncoder);

									return daoAuthenticationProvider;

									}

									@Override

									public void configure(AuthenticationManagerBuilder auth) throws Exception {

									auth.authenticationProvider(daoAuhthenticationProvider());

									// auth.authenticationProvider(daoAuhthenticationProvider1());

									}

									@Bean

									@Override

									public AuthenticationManager authenticationManagerBean() throws Exception {

									return super.authenticationManagerBean();

									}