SpringBoot和oauth

时间:2019-02-08 20:41:11

标签: java spring spring-boot oauth oauth-2.0

民间 我正在(再次)努力进行身份验证。

我已经在服务中实现了google auth。 现在我想:

  1. 限制域(即@mydomain.com)的连接
  2. 将连接限制为某些名称(即允许james.pastagueule@mydomain.com,不允许jenny.fany@mydomain.com

是否可以使用oauth2spring来做到这一点?

非常感谢您的帮助

这是我现在所做的:`

application.properties 

    security.oauth2.client.clientId = <clientId>
    security.oauth2.client.clientSecret = <clientSecret>
    security.oauth2.client.accessTokenUri  =  https://www.googleapis.com/oauth2/v3/token
    security.oauth2.client.userAuthorizationUri  =  https://accounts.google.com/o/oauth2/auth?hd=devoteam.com
    security.oauth2.client.tokenName = oauth_token
    security.oauth2.client.authenticationScheme = query
    security.oauth2.client.clientAuthenticationScheme = form
    security.oauth2.client.scope = profile email
    security.oauth2.client.registered-redirect-uri= http://127.0.0.1:8080/mypage1

    security.oauth2.resource.userInfoUri  =  https://www.googleapis.com/userinfo/v2/me
    security.oauth2.resource.preferTokenInfo = false

WebSecurityConfiguration.java 

    package com.devoteam.presales.testspringsecu;

    import org.springframework.context.annotation.Configuration;
    import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.security.web.csrf.CookieCsrfTokenRepository;

    @Configuration
    @EnableOAuth2Sso
    public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
        @Override
        protected void configure(HttpSecurity http) throws Exception {
             http
                     .csrf().disable()
                     .authorizeRequests()

                     .antMatchers("/", "/home").permitAll()
                     .anyRequest().authenticated()
                     .and()
                     .formLogin()
                     .loginPage("/login")
                     .permitAll()

                     .and()
                     .logout().logoutSuccessUrl("/")
                     .permitAll();  
        }
    }

TestspringApplication.java 

    package com.devoteam.presales.testspringsecu;
    import java.security.Principal;
    import org.springframework.boot.SpringApplication;
    import org.springframework.boot.autoconfigure.SpringBootApplication;
    import org.springframework.ui.Model;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RequestMethod;
    import org.springframework.web.bind.annotation.RestController;

    @SpringBootApplication
    @RestController
    public class TestspringsecuApplication {

        public static void main(String[] args) {

            SpringApplication.run(TestspringsecuApplication.class, args);
        }
        @RequestMapping(value = "/user")
        public Principal user(Principal principal) {
            return principal;
        }

    }

0 个答案:

没有答案
相关问题
最新问题