我想将我的自定义端点添加到spring oauth2授权服务器,并且我创建一个端点
@FrameworkEndpoint
public class LoginEndpoint extends AbstractEndpoint {
@Autowired
private AuthenticationManager authenticationManager;
@RequestMapping("/sys/username")
public ResponseEntity<OAuth2AccessToken> login(Principal principal, @RequestParam Map<String, String> parameters) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("", "");
}
}
并像
一样注册到授权服务器 @Bean
public LoginEndpoint loginEndpoint() throws Exception {
LoginEndpoint tokenEndpoint = new LoginEndpoint();
tokenEndpoint.setClientDetailsService(clientDetailsService);
tokenEndpoint.setProviderExceptionHandler(configuration.getEndpointsConfigurer().getExceptionTranslator());
tokenEndpoint.setTokenGranter(configuration.getEndpointsConfigurer().getTokenGranter());
tokenEndpoint.setOAuth2RequestFactory(configuration.getEndpointsConfigurer().getOAuth2RequestFactory());
// tokenEndpoint.setOAuth2RequestValidator(configuration.getEndpointsConfigurer().getOAuth2RequestValidator());
// tokenEndpoint.setAllowedRequestMethods(configuration.getEndpointsConfigurer().getAllowedTokenEndpointRequestMethods());
return tokenEndpoint;
}
但是,我为此进行调试,并且principal为null,因此如何在@Requstmapping("/sys/username")之前使用clientId和client secret保护该配置。