这是我使用Instagram登录OAuth2的配置
instagram:
client:
clientId: clientId
clientSecret: clientSeret
accessTokenUri: https://api.instagram.com/oauth/access_token
userAuthorizationUri: https://api.instagram.com/oauth/authorize
clientAuthenticationScheme: form
scope:
- basic
- public_content
resource:
userInfoUri: https://api.instagram.com/v1/users/self/
delimiter: +
这是Spring提出的要求:
如何将response_type更改为&response_type=token,我怎么能为Spring添加范围?
这是App类:
@SpringBootApplication
@EnableOAuth2Client
public class App extends WebSecurityConfigurerAdapter {
@Autowired
OAuth2ClientContext oauth2ClientContext;
public static void main(String[] args) throws Exception {
SpringApplication.run(App.class, args);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.antMatcher("/**")
.authorizeRequests()
.antMatchers("/", "/login**", "/webjars/**")
.permitAll()
.anyRequest()
.authenticated().and().exceptionHandling()
.authenticationEntryPoint(new LoginUrlAuthenticationEntryPoint("/"))
// logout
.and().logout().logoutSuccessUrl("/").permitAll()
// CSRF
.and().csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
// filters
.and().addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
}
private Filter ssoFilter() {
CompositeFilter filter = new CompositeFilter();
List<Filter> filters = new ArrayList<>();
// facebook ...
// google ...
// instagram
OAuth2ClientAuthenticationProcessingFilter instagramFilter =
new OAuth2ClientAuthenticationProcessingFilter("/login/instagram");
OAuth2RestTemplate instagramTemplate =
new OAuth2RestTemplate(instagram(), oauth2ClientContext);
instagramFilter.setRestTemplate(instagramTemplate);
instagramFilter.setTokenServices(
new UserInfoTokenServices(instagramResource().getUserInfoUri(), instagram().getClientId()));
filters.add(instagramFilter);
filter.setFilters(filters);
return filter;
}
@Bean
@ConfigurationProperties("instagram.client")
public AuthorizationCodeResourceDetails instagram() {
return new AuthorizationCodeResourceDetails();
}
@Bean
@ConfigurationProperties("instagram.resource")
public ResourceServerProperties instagramResource() {
return new ResourceServerProperties();
}
@Bean
public FilterRegistrationBean oauth2ClientFilterRegistration(
OAuth2ClientContextFilter filter) {
FilterRegistrationBean registration = new FilterRegistrationBean();
registration.setFilter(filter);
registration.setOrder(-100);
return registration;
}
}
答案 0 :(得分:0)
如何将response_type更改为&amp; response_type = token
在我阅读代码时,AuthorizationCodeAccessTokenProvider‘s response_type是硬代码。
private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource,
AccessTokenRequest request) {
// we don't have an authorization code yet. So first get that.
TreeMap<String, String> requestParameters = new TreeMap<String, String>();
requestParameters.put("response_type", "code"); // oauth2 spec, section 3
因此,如果您想更改response_code,可以扩展AuthorizationCodeAccessTokenProvider,或实现AccessTokenProvider,然后注入OAuth2RestTemplate accessTokenProvider(默认值为AccessTokenProviderChain,其中包含AuthorizationCodeAccessTokenProvider,ResourceOwnerPasswordAccessTokenProvider等,请使用您自己的提供程序而不是AuthorizationCodeAccessTokenProvider)。
或者您可以更改redirectStrategy中的OAuth2ClientContextFilter,并在重定向时更改请求参数,但我不建议这样做。
我怎么能为Spring添加范围?
AuthorizationCodeAccessTokenProvider将从AuthorizationCodeResourceDetails获取范围,并将其添加到UserRedirectRequiredException。我认为范围不能注入AuthorizationCodeResourceDetails,因为范围不在客户端下。也许你需要改变它。
instagram:
client:
clientId: clientId
clientSecret: clientSeret
accessTokenUri: https://api.instagram.com/oauth/access_token
userAuthorizationUri: https://api.instagram.com/oauth/authorize
clientAuthenticationScheme: form
scope:
- basic
- public_content
答案 1 :(得分:0)
您可以从var crmUpdate = new List<CrmPartPrice>访问查询参数。因此,在抛出异常并因此导致重定向发生的代码中,例如,在您的过滤器中,您可以执行以下操作:
UserRedirectRequiredException您只能以这种方式替换值。如果您需要在现有值旁边添加参数值,则需要使用&#39; +&#39;等分隔符。没有添加多个参数值的标准方法,这取决于API所有者接受的内容。某些API可能根本不接受分隔符。