我使用具有以下安全属性的springboot 2.0.5版本
<dependency>
<groupId>org.springframework.security.oauth</groupId>
<artifactId>spring-security-oauth2</artifactId>
<version>2.3.3.RELEASE</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security.oauth.boot</groupId>
<artifactId>spring-security-oauth2-autoconfigure</artifactId>
<version>2.0.0.RELEASE</version>
</dependency>
我已将我的application.properties配置为重定向到我的自定义身份验证服务器并获取身份验证代码(grant_type为authorization_code),然后使用配置的“ / login” 页面再次获取JWT在认证服务器端配置的令牌。这是我的示例application.properties
--------Spring oauth2 security configuration starts-----------#
security.oauth2.client.clientId=56XXXX
security.oauth2.client.clientSecret=814XXXX
security.oauth2.client.scope=openid+profile+email
security.oauth2.client.accessTokenUri=https://XXXXX
security.oauth2.client.user-authorization-uri=https://XXXX
security.oauth2.client.grant-type=authorization_code
security.oauth2.client.resource-ids=code
security.oauth2.client.registered-redirect-uri=https://localhost:8081/XXXX/login
security.oauth2.client.pre-established-redirect-uri=https://localhost:8081/XXXX/login
security.oauth2.client.use-current-uri=false
security.oauth2.resource.userInfoUri=https://localhost:8081/XXX/user
#--------Initial url-----------#
security.oauth2.sso.login-path = /v1
当我在这里使用重定向时,它工作正常
现在,如果我尝试在名为oauth_security.properties的自定义文件中进行配置,并可能基于不同的环境(oauth_security_QA / oauth_security_DEV_)启用不同的配置文件,则将永远不会读取重定向以及所有已配置的详细信息,因此我会遇到以下问题错误
org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval
at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.getRedirectForAuthorization(AuthorizationCodeAccessTokenProvider.java:359) ~[spring-security-oauth2-2.3.3.RELEASE.jar:na]
at org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider.obtainAccessToken(AuthorizationCodeAccessTokenProvider.java:205) ~[spring-security-oauth2-2.3.3.RELEASE.jar:na]
at org.springframework.security.oauth2.client.OAuth2RestTemplate.acquireAccessToken(OAuth2RestTemplate.java:221) ~[spring-security-oauth2-2.3.3.RELEASE.jar:na]
at org.springframework.security.oauth2.client.OAuth2RestTemplate.getAccessToken(OAuth2RestTemplate.java:173)
可以在定制文件中配置属性吗?你能帮我吗?
编辑:我确实尝试编辑PropertySourcesPlaceHolderBean以读取正确的属性文件。虽然确实可以读取,但是spring在进行安全重定向时不考虑它
这是豆子
@Bean
public PropertySourcesPlaceholderConfigurer propertyPlaceholderConfigurerconfigurer() {
PropertySourcesPlaceholderConfigurer cfg = new PropertySourcesPlaceholderConfigurer();
ClassPathResource cls1= new ClassPathResource("application.properties");
ClassPathResource cls2 = null;
List<String> profiles= Arrays.asList(ctx.getEnvironment().getActiveProfiles());
if(profiles == null || profiles.isEmpty()) {
cls2 = new ClassPathResource("XXX_default.properties");
}else {
for(String profile:profiles) {
if(profile.equalsIgnoreCase("DEV")) {
cls2 = new ClassPathResource("XXX_DEV.properties");
}else if(profile.equalsIgnoreCase("QA")) {
cls2 = new ClassPathResource("XXX_QA.properties");
}else if (profile.equalsIgnoreCase("UAT")) {
cls2 = new ClassPathResource("XXX_UAT.properties");
}else {
cls2 = new ClassPathResource("XXX_PROD.properties");
}
}
}
cfg.setLocations(cls1,cls2);
//cfg.setPlaceholderPrefix("#{");
return cfg;
}
Alos这是读取详细信息的Bean
@Configuration
@ConfigurationProperties(prefix="security.oauth2.client")
public class OauthSecurityConfigurationDto {
private String clientId;
private String clientSecret;
private String accessTokenUri;
private String userAuthorizationUri;
private String grantType;
private String resourceIds;
private String scope;
private String registeredRedirectUri;
private String preEstablishedRedirectUri;
private String useCurrentUri;
public String getClientId() {
return clientId;
}
public void setClientId(String clientId) {
this.clientId = clientId;
}
public String getClientSecret() {
return clientSecret;
}
public void setClientSecret(String clientSecret) {
this.clientSecret = clientSecret;
}
public String getAccessTokenUri() {
return accessTokenUri;
}
public void setAccessTokenUri(String accessTokenUri) {
this.accessTokenUri = accessTokenUri;
}
public String getUserAuthorizationUri() {
return userAuthorizationUri;
}
public void setUserAuthorizationUri(String userAuthorizationUri) {
this.userAuthorizationUri = userAuthorizationUri;
}
public String getGrantType() {
return grantType;
}
public void setGrantType(String grantType) {
this.grantType = grantType;
}
public String getResourceIds() {
return resourceIds;
}
public void setResourceIds(String resourceIds) {
this.resourceIds = resourceIds;
}
public String getScope() {
return scope;
}
public void setScope(String scope) {
this.scope = scope;
}
public String getRegisteredRedirectUri() {
return registeredRedirectUri;
}
public void setRegisteredRedirectUri(String registeredRedirectUri) {
this.registeredRedirectUri = registeredRedirectUri;
}
public String getPreEstablishedRedirectUri() {
return preEstablishedRedirectUri;
}
public void setPreEstablishedRedirectUri(String preEstablishedRedirectUri) {
this.preEstablishedRedirectUri = preEstablishedRedirectUri;
}
public String getUseCurrentUri() {
return useCurrentUri;
}
public void setUseCurrentUri(String useCurrentUri) {
this.useCurrentUri = useCurrentUri;
}
}