单点登录【demo】

前言

2023-07-29 15:44:56

公开发布于
2024-5-22 00:04:56

单点登录【demo】

以下是 Java 实现单点登录的示例代码：

单点登录（Single Sign-On，SSO）是一种身份认证和授权机制，可以使用户在多个应用程序或系统之间使用相同的身份进行登录。以下是一个简单的单点登录实现的示例代码：

认证服务器：

import java.util.HashMap;
import java.util.Map;import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;@SpringBootApplication
@RestController
public class AuthServer {private Map<String, String> users = new HashMap<>();    // 保存用户信息public static void main(String[] args) {SpringApplication.run(AuthServer.class, args);}@PostMapping("/authenticate")public ResponseEntity<String> authenticate(@RequestBody User user) {if (users.containsKey(user.getUsername()) && users.get(user.getUsername()).equals(user.getPassword())) {String token = generateToken(); // 生成令牌TokenStore.addToken(token, user.getUsername()); // 将令牌保存到TokenStorereturn ResponseEntity.ok(token);} else {return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();}}private String generateToken() {// 生成令牌的代码return "token123";}static class User {private String username;private String password;public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}}
}

Token 存储：

import java.util.HashMap;
import java.util.Map;public class TokenStore {private static Map<String, String> tokens = new HashMap<>(); // 保存Token和对应的用户名public static void addToken(String token, String username) { // 将Token和对应的用户名保存到Map中tokens.put(token, username);}public static boolean isValidToken(String token) { // 判断Token是否有效return tokens.containsKey(token);}public static String getUsername(String token) { // 根据Token获取对应的用户名return tokens.get(token);}public static void removeToken(String token) { // 删除Tokentokens.remove(token);}
}

客户端：

import java.util.Scanner;import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.RestTemplate;public class Client {private static String authServerUrl = "http://localhost:8080/authenticate"; // 认证服务器URLpublic static void main(String[] args) {Scanner scanner = new Scanner(System.in);System.out.print("Username: ");String username = scanner.nextLine();System.out.print("Password: ");String password = scanner.nextLine();scanner.close();// 发送认证请求RestTemplate restTemplate = new RestTemplate();HttpHeaders headers = new HttpHeaders();headers.set("Content-Type", "application/json");HttpEntity<?> requestEntity = new HttpEntity<>(new AuthServer.User(username, password), headers);ResponseEntity<String> responseEntity = restTemplate.exchange(authServerUrl, HttpMethod.POST, requestEntity, String.class);if (responseEntity.getStatusCode() == HttpStatus.OK) { // 如果认证成功String token = responseEntity.getBody(); // 获取令牌System.out.println("Token: " + token);// 访问受保护资源String resourceUrl = "http://localhost:8081/resource";headers.set("Authorization", "Bearer " + token);requestEntity = new HttpEntity<>(null, headers);responseEntity = restTemplate.exchange(resourceUrl, HttpMethod.GET, requestEntity, String.class);System.out.println(responseEntity.getBody()); // 输出受保护资源的内容// 注销String logoutUrl = "http://localhost:8080/logout";headers.set("Content-Type", "application/x-www-form-urlencoded");requestEntity = new HttpEntity<>("token=" + token, headers);responseEntity = restTemplate.exchange(logoutUrl, HttpMethod.POST, requestEntity, String.class);System.out.println(responseEntity.getBody()); // 输出注销消息} else { // 如果认证失败System.out.println("Invalid username or password");}}
}