第十五篇 : Spring Boot Security 整合 OAuth2 设计安全API接口服务

gf-huanchupk · web-flow · commit 40b6d590dc4a · 2019-09-26T09:53:55.000+08:00
diff --git a/springboot-security-oauth2/src/main/java/com/gf/config/AuthorizationServerConfiguration.java b/springboot-security-oauth2/src/main/java/com/gf/config/AuthorizationServerConfiguration.java
@@ -63,26 +63,9 @@ public TokenStore tokenStore() {
 
     @Override
     public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
-        /**
-         * 配置oauth2服务跨域
-         */
-        CorsConfigurationSource source = new CorsConfigurationSource() {
-            @Override
-            public CorsConfiguration getCorsConfiguration(HttpServletRequest request) {
-                CorsConfiguration corsConfiguration = new CorsConfiguration();
-                corsConfiguration.addAllowedHeader("*");
-                corsConfiguration.addAllowedOrigin(request.getHeader( HttpHeaders.ORIGIN));
-                corsConfiguration.addAllowedMethod("*");
-                corsConfiguration.setAllowCredentials(true);
-                corsConfiguration.setMaxAge(3600L);
-                return corsConfiguration;
-            }
-        };
-
-        security.tokenKeyAccess("permitAll()")
+       security.tokenKeyAccess("permitAll()")
                 .checkTokenAccess("permitAll()")
-                .allowFormAuthenticationForClients()
-                .addTokenEndpointAuthenticationFilter(new CorsFilter(source));
+                .allowFormAuthenticationForClients();
     }
 
     @Override
