我正在将oauth2与springboot reactive(webclient webflux)结合使用,我想获取给定属性文件的访问令牌:
我尝试遍历springboot文档没有成功
说明文件:
1)https://docs.spring.io/spring-security/site/docs/5.0.7.RELEASE/reference/html/oauth2login-advanced.html
2)https://www.baeldung.com/spring-webclient-oauth2
public class WebClientServletConfig {
@Value("${spring.security.oauth2.client.registration.cerner.client-id}")
private String clientId;
@Value("${spring.security.oauth2.client.registration.cerner.client-secret}")
private String secret;
@Value("${spring.security.oauth2.client.provider.cerner.token-uri}")
private String tokenUri;
@Value("${spring.security.oauth2.client.registration.cerner.scope}")
private String scopes;
@Bean("clientRegistration")
ClientRegistrationRepository clientRegistrationRepository() {
ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(clientId)
.clientId(clientId)
.clientSecret(secret)
.clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.scope(scopes).tokenUri(tokenUri).build();
return new InMemoryClientRegistrationRepository(Arrays.asList(clientRegistration));
}
@Bean
public WebClient webClient(@Qualifier("clientRegistration")ClientRegistrationRepository clientRegistrationRepository,
@Qualifier("authorizedClientRepositoryConditional")OAuth2AuthorizedClientRepository authorizedClients) {
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2 = new ServletOAuth2AuthorizedClientExchangeFilterFunction(
clientRegistrationRepository, authorizedClients);
return WebClient.builder().apply(oauth2.oauth2Configuration()).build();
}
@Bean("OAuth2AuthorizedClientServiceConditional")
@ConditionalOnMissingBean // Existing
public OAuth2AuthorizedClientService authorizedClientService(
@Qualifier("clientRegistration")ClientRegistrationRepository clientRegistrationRepository) {
return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
}
@Bean("authorizedClientRepositoryConditional")
@ConditionalOnMissingBean // New
public OAuth2AuthorizedClientRepository authorizedClientRepository(
@Qualifier("OAuth2AuthorizedClientServiceConditional")OAuth2AuthorizedClientService authorizedClientService) {
return new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(authorizedClientService);
}
}
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
@Autowired
private ClientRegistrationRepository clientRegistrationRepository;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()
.authorizationEndpoint()
.authorizationRequestResolver(
new CustomAuthorizationRequestResolver(
this.clientRegistrationRepository,"https://auth.com/tenants/string/protocols/oauth2/profiles/smart-v1/token"));
}
}
public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {
private final OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver;
// private final OAuth2AuthorizationRequestResolver resolver;
public CustomAuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {
this.defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(
clientRegistrationRepository, "/oauth2/authorization");
}
public CustomAuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository,
String authorizationRequestBaseUri) {
this.defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(
clientRegistrationRepository, authorizationRequestBaseUri);
}
@Override
public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
OAuth2AuthorizationRequest authorizationRequest = this.defaultAuthorizationRequestResolver.resolve(request);
if (authorizationRequest != null) {
customAuthorizationRequest(authorizationRequest);
}
return authorizationRequest;
}
@Override
public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String clientRegistrationId) {
OAuth2AuthorizationRequest authorizationRequest = this.defaultAuthorizationRequestResolver.resolve(request,
clientRegistrationId);
if (authorizationRequest != null) {
customAuthorizationRequest(authorizationRequest);
}
return authorizationRequest;
}
private OAuth2AuthorizationRequest customAuthorizationRequest(OAuth2AuthorizationRequest authorizationRequest) {
String customAuthorizationRequestUri = UriComponentsBuilder
.fromUriString(authorizationRequest.getAuthorizationRequestUri()).build(true).toUriString();
return OAuth2AuthorizationRequest.from(authorizationRequest)
.authorizationRequestUri(customAuthorizationRequestUri).build();
}
}
----Propertiesfile:
spring.security.oauth2.client.registration.authProvider.client-id=client
spring.security.oauth2.client.registration.authProvider.client-secret=secret
spring.security.oauth2.client.provider.authProvider.token-uri=https://auth.com/tenants/string/protocols/oauth2/profiles/smart-v1/token
spring.security.oauth2.client.registration.authProvider.scope=scope1
scope2 scope3 openId
spring.security.oauth2.client.registration.authProvider.authorization-grant-type=client_credentials