如何通过ClientId和ClientSecret加载客户端详细信息 - OAuth 2.0

时间:2016-12-29 22:22:24

标签: java spring-boot oauth-2.0 spring-security-oauth2 oauth2

我正在使用我自己的ClientDetailsServiceConfigurer实现,所以我这样做:

  

OAuthConfig.java 

@Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.withClientDetails(this.customClientDetailsManager);     
    }
  

CustomClientDetailsManager.java 

@Service
public class CustomClientDetailsManager implements ClientDetailsService {

    final static Logger log = LoggerFactory.getLogger(CustomClientDetailsManager.class);

    private final CustomerService customerService;

    @Inject
    public CustomClientDetailsManager(final CustomerService customerService) {
        this.customerService = customerService;
    }

    @Override
    public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {

        final Customer customer = customerService.getCustomerByClientId(clientId);  
        log.debug("****** Customer is: " + customer.getClientId());
        log.debug("****** Customer Secret is: " + customer.getClientSecret());


        log.debug("****** Client ID Coming from Request is: " + clientId);

        final BaseClientDetails details = new BaseClientDetails();
        details.setClientId(clientId);
        log.debug("*** Client id: " + clientId );
        details.setAuthorizedGrantTypes(Arrays.asList(customer.getAuthorizedGrantTypes()));
        log.debug("*** AuthorizedGrantTypes: " + Arrays.asList(customer.getAuthorizedGrantTypes()));
        details.setScope(Arrays.asList(customer.getScope()));
        log.debug("*** Scope: " +  Arrays.asList(customer.getScope()));
        details.setResourceIds(Arrays.asList(customer.getResourceIds()));
        log.debug("*** ResourceIds: " + Arrays.asList(customer.getResourceIds()));
        final Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        authorities.add(new SimpleGrantedAuthority(customer.getAuthorities()));
        details.setAuthorities(authorities);    


        authorities.forEach(authority -> {
            log.debug("*** Authority: " + authority);
        });

        log.debug("Returning details..."); 



        return details;
    }

所以基本上我正在通过ClientId抓取我的loadClientByClientId(String clientId),但我想要一种允许我获取客户端ID和客户端密钥的方法。

任何线索?感谢

1 个答案:

答案 0 :(得分:0)

最后我得到了一个解决方案。

您需要创建一个&#39; CustomClientDetails&#39;实现&#39; ClientDetails&#39;并将其归还。

例如:

public class CustomClientDetails implements ClientDetails {

    final static Logger log = LoggerFactory.getLogger(CustomClientDetailsManager.class);

    private static final long serialVersionUID = 6725149038554040628L;

    private Customer customer;

    public CustomClientDetails(final Customer customer) {
        this.customer = customer;       
    }       

    @Override
    public Integer getAccessTokenValiditySeconds() {
        return customer.getAccessTokenValidity();
    }

    @Override
    public Map<String, Object> getAdditionalInformation() { 
        final Set<String> additionalInformation = new HashSet<String>();
        additionalInformation.add(customer.getAdditionalInformation());
        return null;
    }

    @Override
    public Collection<GrantedAuthority> getAuthorities() {
        final Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>();
        authorities.add(new SimpleGrantedAuthority(customer.getAuthorities()));
        return authorities;
    }

    @Override
    public Set<String> getAuthorizedGrantTypes() {  
        final Set<String> authorizedGrantTypes = new HashSet<String>();
        authorizedGrantTypes.add(customer.getAuthorizedGrantTypes());
        return authorizedGrantTypes;
    }

    @Override
    public String getClientId() {
        return customer.getClientId();
    }

    @Override
    public String getClientSecret() {
        return customer.getClientSecret();
    }

    @Override
    public Integer getRefreshTokenValiditySeconds() {
        return customer.getRefreshTokenValidity();
    }

    @Override
    public Set<String> getRegisteredRedirectUri() {
        final Set<String> registeredRedirectUris = new HashSet<String>();
        registeredRedirectUris.add(customer.getWebServerRedirectUri());
        return registeredRedirectUris;
    }

    @Override
    public Set<String> getResourceIds() {
        final Set<String> resourcesIds = new HashSet<String>();
        resourcesIds.add(customer.getResourceIds());
        return resourcesIds;
    }

    @Override
    public Set<String> getScope() {
        final Set<String> scopes = new HashSet<String>();
        scopes.add(customer.getScope());            
        return scopes;
    }

    @Override
    public boolean isAutoApprove(String scope) {
        return false; //TODO: for some reason this is always false
    }

    @Override
    public boolean isScoped() {         
        return true; //TODO: for some reason this is always true
    }

    @Override
    public boolean isSecretRequired() {         
        return true; //TODO: for some reason this is always true
    }

}




public class CustomClientDetailsManager implements ClientDetailsService {

    final static Logger log = LoggerFactory.getLogger(CustomClientDetailsManager.class);

    private final CustomerService customerService;

    @Inject
    public CustomClientDetailsManager(final CustomerService customerService) {
        this.customerService = customerService;
    }

    @Override
    public ClientDetails loadClientByClientId(String clientId) throws ClientRegistrationException {

        final Customer customer = customerService.getCustomerByClientId(clientId);  

        final CustomClientDetails customClientDetails = new CustomClientDetails(customer);

        return customClientDetails;
    }
相关问题
最新问题