1、集成Oauth2，pom增加依赖：

<dependency>

            <groupId>org.springframework.cloud</groupId>

            <artifactId>spring-cloud-starter-oauth2</artifactId>

        </dependency>

        <dependency>

            <groupId>org.springframework.cloud</groupId>

            <artifactId>spring-cloud-starter-openfeign</artifactId>

        </dependency>

1、增加会话控制处理接口及实现类：

public interface PermissionService {

/**

*

* @Title: hasPermission  

* @Description: 请求鉴权

* @param @param request

* @param @param authentication

* @param @return  

* @return boolean 

* @throws  

*/

boolean hasPermission(HttpServletRequest request, Authentication authentication);

}

@Service("permissionService")

public class PermissionServiceImpl implements PermissionService {

private static Logger log = LoggerFactory.getLogger(PermissionServiceImpl.class);

/**

* 判断请求是否有权限

*

* @param request        HttpServletRequest

* @param authentication 认证信息

* @return 是否有权限

*/

public boolean hasPermission(HttpServletRequest request, Authentication authentication) {

log.info("check request permission ==> " + request.getRequestURI());

/**

* 以下代码仅供本地开发联调时打开，生产打包注释掉这块代码

* 解决本地开发联调时跨域问题访问不到图片的问题，本地开发联调时，前端ajax访问静态文件流存在跨域OPTIONS请求，如果OPTIONS不被允许的话前端则不会发起真正的资源请求

* OPTIONS请求不带cookie，所以不能进行会话检查

*/

//     Enumeration<String> names = request.getHeaderNames();

//     log.info("===================================================================");

//       while(names.hasMoreElements()){

//         String name = (String) names.nextElement();

//         log.info(name + ":" + request.getHeader(name));

//       }

//     log.info("===================================================================");

//    

//     if("OPTIONS".equals(request.getMethod())) {

//     log.info("===================OPTIONS=====================================");

//     return true;

//     }

//校验会话

//获取请求Set-Cookie中的JSESSIONID的值

    Cookie[] cookies = request.getCookies();

    String sessionId = null;

    if(cookies != null) {

    for(Cookie cookie : cookies) {

    if("JSESSIONID".equals(cookie.getName())) {

    sessionId = cookie.getValue();

    break;

    }

    }

    }

    //从redis获取会话

    HttpSession session = new HttpSession();

    session.setSessionId(sessionId);

    if(!session.isAvailable()) {

    log.info("会话超时，请重新登录");

        return false;

    }

return true;

}

}

3、将会话控制处理类配置到Oauth2中，新建配置类继承ResourceServerConfigurerAdapter

@Configuration

@EnableResourceServer

public class ResourceConfigurerAdapter extends ResourceServerConfigurerAdapter {

@Autowired

    private OAuth2WebSecurityExpressionHandler expressionHandler;

@Override

    public void configure(HttpSecurity http) throws Exception {

        http.headers().frameOptions().disable();

        http

            .authorizeRequests()

            .antMatchers("/auth/oauth/token_key").denyAll()

            .antMatchers(

            //不做鉴权的URL

            "/code/image",

            "/admin/appInfo/query"

            ).permitAll()

            .anyRequest()

            .access("@permissionService.hasPermission(request, authentication)")

            .and()

            .csrf().disable();//允许跨域访问

    }

@Override

    public void configure(ResourceServerSecurityConfigurer resources) {

        resources.expressionHandler(expressionHandler);

    }

    /**

    * 异常问题

    * #oauth2.throwOnError(@permissionService.hasPermission(request, authentication))

    * #EL1057E: No bean resolver registered in the context to resolve access to bean 'permissionService'

    *

    * @param applicationContext ApplicationContext

    * @return OAuth2WebSecurityExpressionHandler

    */

    @Bean

    public OAuth2WebSecurityExpressionHandler oAuth2WebSecurityExpressionHandler(ApplicationContext applicationContext) {

        OAuth2WebSecurityExpressionHandler expressionHandler = new OAuth2WebSecurityExpressionHandler();

        expressionHandler.setApplicationContext(applicationContext);

        return expressionHandler;

    }

}