Spring Boot和OAuth2社交登录,无法获得refreshToken

时间:2016-01-18 13:03:02

标签: spring-security spring-boot spring-security-oauth2 spring-social spring-oauth2

有一个指南如何使用Spring和Spring Boot实现OAuth2 https://spring.io/guides/tutorials/spring-boot-oauth2/

我需要在我的数据库中存储像accessToken,refreshToken这样的OAuth2信息以备将来使用。现在我只能获得accessToken。我无法根据本指南弄清楚如何获取refreshToken。

使用本指南中描述的方法获取refreshToken的正确方法是什么?

已更新

我可以使用refreshToken方法访问OAuth2ClientAuthenticationProcessingFilter.attemptAuthentication,但accessToken方法仅限ResourceServerTokenServices.loadAuthentication方法。

目前,我不了解如何在Facebook成功授权后根据此方法获取OAuth2信息,并将其重新用于Facebook API调用。请指教。

已更新

我已将JdbcClientTokenServices添加到我的SSO过滤器中,但它无法正常工作

private Filter ssoFilter(ClientResources client, String path) {
        OAuth2ClientAuthenticationProcessingFilter clientFilter = new OAuth2ClientAuthenticationProcessingFilter(path);
        OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(client.getClient(), oauth2ClientContext);

        //
        AccessTokenProviderChain tokenProviderChain = new AccessTokenProviderChain(new ArrayList<>(Arrays.asList(new AuthorizationCodeAccessTokenProvider())));
        tokenProviderChain.setClientTokenServices(new JdbcClientTokenServices(dataSource));
        oAuth2RestTemplate.setAccessTokenProvider(tokenProviderChain);
        //

        clientFilter.setRestTemplate(oAuth2RestTemplate);
        clientFilter.setTokenServices(new OkUserInfoTokenServices(okService, client.getClient().getClientId(), apiUrl, eventService));
        clientFilter.setAuthenticationSuccessHandler(new UrlParameterAuthenticationHandler());
        return clientFilter;
    }

1 个答案:

答案 0 :(得分:2)

首先:使用OAuth2时,必须充分了解协议的工作原理。这并不困难,但你需要掌握它才能使用它。在我看来,最好的参考点是规范本身:https://tools.ietf.org/html/rfc6749

响应下面的对话和现有的拉取请求https://github.com/spring-projects/spring-security-oauth/pull/499我会(只要拉取请求没有被释放)子类OAuth2ClientAuthenticationProcessingFilter并根据拉取请求包含更改,然后在ssoFilter方法。

因此:

package com.example;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticationProcessingFilter;
import org.springframework.security.oauth2.client.token.ClientTokenServices;

public class OAuth2ClientAuthenticationProcessingAndSavingFilter extends OAuth2ClientAuthenticationProcessingFilter {

    private ClientTokenServices clientTokenServices;

    public OAuth2ClientAuthenticationProcessingAndSavingFilter(String defaultFilterProcessesUrl, ClientTokenServices clientTokenServices) {
        super(defaultFilterProcessesUrl);
        this.clientTokenServices = clientTokenServices;
    }

    @Override
    protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response,
            FilterChain chain, Authentication authResult) throws IOException, ServletException {
        super.successfulAuthentication(request, response, chain, authResult);
        if (clientTokenServices != null) {
            clientTokenServices.saveAccessToken(restTemplate.getResource(), SecurityContextHolder.getContext()
                    .getAuthentication(), restTemplate.getAccessToken());
        }
    }

}


private Filter ssoFilter(ClientResources client, String path) {
        OAuth2ClientAuthenticationProcessingAndSavingFilter clientFilter = new OAuth2ClientAuthenticationProcessingAndSavingFilter(path, clientTokenService);
       ...

并为您的clientTokenService

添加一个bean
相关问题
最新问题