我正在尝试在我的Spring MVC应用程序中进行Google登录,但在用户登录后,我找不到获取其电子邮件地址的方法。我能够从UserInfo获得他的名字和id,但这就是我能得到的。
这是我的配置文件:
@Bean
// TODO retrieve from https://accounts.google.com/.well-known/openid-configuration ?
public OAuth2ProtectedResourceDetails googleOAuth2Details() {
AuthorizationCodeResourceDetails googleOAuth2Details = new AuthorizationCodeResourceDetails();
googleOAuth2Details.setAuthenticationScheme(form);
googleOAuth2Details.setClientAuthenticationScheme(form);
googleOAuth2Details.setClientId(clientId);
googleOAuth2Details.setClientSecret(clientSecret);
googleOAuth2Details.setUserAuthorizationUri("https://accounts.google.com/o/oauth2/auth");
googleOAuth2Details.setAccessTokenUri("https://www.googleapis.com/oauth2/v3/token");
googleOAuth2Details.setScope(asList("openid"));
return googleOAuth2Details;
}
@SuppressWarnings("SpringJavaAutowiringInspection") // Provided by Spring Boot
@Resource
private OAuth2ClientContext oAuth2ClientContext;
@Bean
@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
public OAuth2RestOperations googleOAuth2RestTemplate() {
return new OAuth2RestTemplate(googleOAuth2Details(), oAuth2ClientContext);
}
这是我的身份验证过滤器:
public class OpenIDConnectAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
@Resource
private OAuth2RestOperations restTemplate;
protected OpenIDConnectAuthenticationFilter(String defaultFilterProcessesUrl) {
super(defaultFilterProcessesUrl);
setAuthenticationManager(authentication -> authentication); // AbstractAuthenticationProcessingFilter requires an authentication manager.
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException, IOException, ServletException {
final ResponseEntity<UserInfo> userInfoResponseEntity = restTemplate.getForEntity("https://www.googleapis.com/oauth2/v2/userinfo", UserInfo.class);
return new PreAuthenticatedAuthenticationToken(userInfoResponseEntity.getBody(), empty(), NO_AUTHORITIES);
}
}
这是控制器:
@Controller
public class SampleSecuredController {
@Autowired UserService userService;
@RequestMapping("/test")
public String test(HttpServletRequest request) {
UserInfo userInfo = (UserInfo) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
System.out.println(userInfo.getId());
System.out.println(userInfo.getName());
System.out.println(userInfo.getLink());
}
}
UserInfo类:
public class UserInfo {
private final String id;
private final String name;
private final String givenName;
private final String familyName;
private final String gender;
private final String picture;
private final String link;
@JsonCreator
public UserInfo(@JsonProperty("id") String id,
@JsonProperty("name") String name,
@JsonProperty("given_name") String givenName,
@JsonProperty("family_name") String familyName,
@JsonProperty("gender") String gender,
@JsonProperty("picture") String picture,
@JsonProperty("link") String link) {
this.id = id;
this.name = name;
this.givenName = givenName;
this.familyName = familyName;
this.gender = gender;
this.picture = picture;
this.link = link;
}
//getters and setters here
}