我很难让client token relay使用Spring Boot 2.0.0.M7和Spring Cloud Finchley M5。请在github上找到示例代码:https://github.com/hansvanbeneden/oauth-example
我已经像这样配置了oauth2Login:
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login()
.and()
.csrf().disable();
}
}
和客户注册回购这样:
@Configuration
@EnableOAuth2Client
public class OAuth2LoginConfig {
@Bean
public ClientRegistrationRepository clientRegistrationRepository() {
return new InMemoryClientRegistrationRepository(this.myWebsiteClientRegistration());
}
private ClientRegistration myWebsiteClientRegistration() {
return ClientRegistration
.withRegistrationId("myauth")
...
.build();
}
@Bean
public OAuth2RestOperations restOperations(OAuth2ClientContext oauth2ClientContext) {
return new OAuth2RestTemplate(resource(), oauth2ClientContext);
}
private OAuth2ProtectedResourceDetails resource() {
ClientRegistration myauthClient = myWebsiteClientRegistration();
AuthorizationCodeResourceDetails resource = new AuthorizationCodeResourceDetails();
resource.setScope(new ArrayList<>(myauthClient.getScopes()));
...
return resource;
}
}
我希望oauth2Login以某种方式在Outhuth2ClientContext中设置OAuth2AccessToken以供OAuth2RestTemplate使用它。但显然事实并非如此,因为当我使用OAuth2RestTemplate时会抛出UserRedirectRequiredException。
我是否缺少一些神奇的注释? 有人可以把我送到正确的方向吗?
答案 0 :(得分:0)
如果我错了,请随时纠正我,但基本上这就是我理解这个问题的方法:
Spring Boot 2.0不再支持spring-security-oauth2,因为它现在拥有自己的OAuth支持(在此处记录:https://docs.spring.io/spring-security/site/docs/5.0.0.BUILD-SNAPSHOT/reference/htmlsingle/#jc-oauth2login)
这意味着您无法使用新的oauth2Login配置并期望Oauth2RestTemplate能够使用oauth2Login设置的oauth令牌
以下项目设置为允许在Spring Boot 2.0中使用spring-security-oauth2功能:https://docs.spring.io/spring-security-oauth2-boot/docs/current-SNAPSHOT/reference/htmlsingle/
为了解决我的问题,我添加了spring-security-oauth2-autoconfigure依赖项:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
<version>2.0.0.BUILD-SNAPSHOT</version>
</dependency>
我删除了oauth2Login并从WebSecurityConfig添加了EnableOauth2Ssso:
@Configuration
@EnableOAuth2Sso
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.csrf().disable();
}
}
然后我的Oauth2RestTemplate能够找到通过登录获得的OAuthToken。
@Bean
public RestOperations restOperations(OAuth2ProtectedResourceDetails resourceDetails,
OAuth2ClientContext clientContext) {
return new OAuth2RestTemplate(resourceDetails, clientContext);
}
我已在以下分支上提交此解决方案:https://github.com/hansvanbeneden/oauth-example/tree/implementation-with-spring-security-oauth2-boot