spring security oauth2 - 添加自定义UserDetails

时间:2017-12-19 15:41:40

标签: java spring spring-security-oauth2

我有Application,它使用spring security,用户数据存储在数据库等。 我确实扩展了UserDetails以便能够存储更多数据。在UserDetailsS​​ervice的自定义实现的loadUserByUsername中添加了这个附加信息。

现在我决定添加通过facebook / google +登录的可能性,我无法找到可以将自定义UserDetails添加到身份验证的地方。

这是我的WebConfigurationAdapter:

@Configuration
@EnableWebSecurity
@EnableOAuth2Client
public class WebConfiguration extends WebSecurityConfigurerAdapter {

    private final DataSource dataSource;
    private final UserDetailsService boostmeUserService;
    private final OAuth2ClientContext oauth2ClientContext;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    public WebConfiguration(DataSource dataSource, UserDetailsService boostmeUserService, OAuth2ClientContext oauth2ClientContext) {
        this.dataSource = dataSource;
        this.boostmeUserService = boostmeUserService;
        this.oauth2ClientContext = oauth2ClientContext;
    }

    public WebConfiguration(boolean disableDefaults, DataSource dataSource, UserDetailsService boostmeUserService, OAuth2ClientContext oauth2ClientContext) {
        super(disableDefaults);
        this.dataSource = dataSource;
        this.boostmeUserService = boostmeUserService;
        this.oauth2ClientContext = oauth2ClientContext;
    }

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(boostmeUserService)
                .passwordEncoder(passwordEncoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .antMatcher("/**")
                .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class)
                .formLogin()
                .successHandler(new BoostmeAuthenticationSuccessHandler())
                .loginPage("/login")
                //todo dodelat error redirect
                //.failureUrl("/login?error")
                .usernameParameter("username")
                .passwordParameter("password")
                //todo chci tuhle adresu jako logout?
                .and().logout().logoutSuccessUrl("/").logoutUrl("/logout")
                .and().csrf()
                //todo dodelat error codes
                //.and().exceptionHandling().accessDeniedPage("/403")
                .and()
                .rememberMe().tokenRepository(persistentTokenRepository())
                .tokenValiditySeconds(1209600);
    }

    /**
     * Used by remember me functionality
     */
    @Bean
    public PersistentTokenRepository persistentTokenRepository() {
        JdbcTokenRepositoryImpl db = new JdbcTokenRepositoryImpl();
        db.setDataSource(dataSource);
        return db;
    }

    /**
     * Password encryptor
     */
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    private Filter ssoFilter() {

        CompositeFilter filter = new CompositeFilter();
        List<OAuth2ClientAuthenticationProcessingFilter> filters = new ArrayList<>();

        OAuth2ClientAuthenticationProcessingFilter facebookFilter = new OAuth2ClientAuthenticationProcessingFilter(
                "/connect/facebook");
        OAuth2RestTemplate facebookTemplate = new OAuth2RestTemplate(facebook(), oauth2ClientContext);
        facebookFilter.setRestTemplate(facebookTemplate);
        UserInfoTokenServices tokenServices = new UserInfoTokenServices(facebookResource().getUserInfoUri(),
                facebook().getClientId());
        tokenServices.setRestTemplate(facebookTemplate);
        facebookFilter.setTokenServices(tokenServices);
        facebookFilter.setAuthenticationSuccessHandler(new BoostmeAuthenticationSuccessHandler());

        OAuth2ClientAuthenticationProcessingFilter googleFilter = new OAuth2ClientAuthenticationProcessingFilter(
                "/connect/google");
        OAuth2RestTemplate googleTemplate = new OAuth2RestTemplate(google(), oauth2ClientContext);
        googleFilter.setRestTemplate(googleTemplate);
        tokenServices = new UserInfoTokenServices(googleResource().getUserInfoUri(), google().getClientId());
        tokenServices.setRestTemplate(googleTemplate);
        googleFilter.setTokenServices(tokenServices);
        googleFilter.setAuthenticationSuccessHandler(new BoostmeAuthenticationSuccessHandler());

        filters.add(facebookFilter);
        filters.add(googleFilter);

        filter.setFilters(filters);

        return filter;
    }

    @Bean
    public FilterRegistrationBean oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(filter);
        registration.setOrder(-100);
        return registration;
    }

    @Bean
    @ConfigurationProperties("facebook.client")
    public AuthorizationCodeResourceDetails facebook() {
        return new AuthorizationCodeResourceDetails();
    }

    @Bean
    @ConfigurationProperties("facebook.resource")
    public ResourceServerProperties facebookResource() {
        return new ResourceServerProperties();
    }

    @Bean
    @ConfigurationProperties("google.client")
    public AuthorizationCodeResourceDetails google() {
        return new AuthorizationCodeResourceDetails();
    }

    @Bean
    @ConfigurationProperties("google.resource")
    public ResourceServerProperties googleResource() {
        return new ResourceServerProperties();
    }

}

0 个答案:

没有答案
相关问题
最新问题