我正在关注本教程:https://spring.io/guides/tutorials/spring-boot-oauth2/
成功登录后,我不知道如何重定向到html页面。
这是我的出发点:
@SpringBootApplication
@EnableOAuth2Sso
public class SimpleApplication extends WebSecurityConfigurerAdapter {
public static void main(String[] args) {
SpringApplication.run(SimpleApplication.class, args);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/**")
.authorizeRequests()
.antMatchers("/", "/login**", "/webjars/**", "/error**")
.permitAll()
.anyRequest()
.authenticated();
}
}
这是我的应用程序。yml
security:
oauth2:
client:
clientId: id
clientSecret: secret
accessTokenUri: https://graph.facebook.com/oauth/access_token
userAuthorizationUri: https://www.facebook.com/dialog/oauth
tokenName: oauth_token
authenticationScheme: query
clientAuthenticationScheme: form
resource:
userInfoUri: https://graph.facebook.com/me
我尝试将以下内容添加到 configure 方法中,但它只会造成缺少依赖项以及缺少bean等问题
.and()
.oauth2Login().defaultSuccessUrl("/after");
有人可以建议吗?
答案 0 :(得分:1)
似乎在spring security自动配置中没有属性,因此您需要自己初始化过滤器,并在其中设置成功处理程序,这是github
中的链接@SpringBootApplication
@Slf4j
@EnableOAuth2Sso
public class StackOverflowApplication extends WebSecurityConfigurerAdapter {
private AuthenticationSuccessHandler successHandler() {
return new SimpleUrlAuthenticationSuccessHandler("/after");
}
private OAuth2ClientAuthenticationProcessingFilter oAuth2ClientAuthenticationProcessingFilter() {
OAuth2SsoProperties sso = (OAuth2SsoProperties)this.getApplicationContext().getBean(OAuth2SsoProperties.class);
OAuth2RestOperations restTemplate = ((UserInfoRestTemplateFactory)this.getApplicationContext().getBean(UserInfoRestTemplateFactory.class)).getUserInfoRestTemplate();
ResourceServerTokenServices tokenServices = (ResourceServerTokenServices)this.getApplicationContext().getBean(ResourceServerTokenServices.class);
OAuth2ClientAuthenticationProcessingFilter filter = new OAuth2ClientAuthenticationProcessingFilter(sso.getLoginPath());
filter.setRestTemplate(restTemplate);
filter.setTokenServices(tokenServices);
filter.setApplicationEventPublisher(this.getApplicationContext());
filter.setAuthenticationSuccessHandler(successHandler());
return filter;
}
public static void main(String[] args) {
SpringApplication.run(StackOverflowApplication.class, args);
}
protected void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/**")
.authorizeRequests()
.antMatchers("/login**", "/webjars/**", "/error**")
.permitAll()
.anyRequest()
.authenticated()
;
http.addFilterAfter(oAuth2ClientAuthenticationProcessingFilter(), LogoutFilter.class);
}
}
答案 1 :(得分:0)
您还可以检索spring预先配置的过滤器并更改其属性:
@EventListener
public void retrieveAuthenticationFilter(ApplicationStartedEvent event){
FilterChainProxy filterChain = (FilterChainProxy) event.getApplicationContext().getBean(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME);
filterChain.getFilterChains().stream()
.map(f -> f.getFilters())
.flatMap(List::stream)
.filter(f -> f.getClass().isAssignableFrom(OAuth2ClientAuthenticationProcessingFilter.class))
.map(f -> (OAuth2ClientAuthenticationProcessingFilter)f)
.findFirst()
.ifPresent(this::configureAuthenticationFilter);
}
private void configureAuthenticationFilter(OAuth2ClientAuthenticationProcessingFilter authenticationFilter){
SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
successHandler.setUseReferer(true);
authenticationFilter.setAuthenticationSuccessHandler(successHandler);
}