使用有效的用户数据成功登录后,Spring Oaut2会将我带到所需的路由,但是在验证用户数据后,它不会重定向到所需的路由。这是我的代码,如果您不理解我的解释或查询,请随时问我更多具体问题。
在下面的配置中,我已经在oauth2Login下定义了.defaultSuccesfulUrl到/ oauth_login,它可以正常工作。
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/**").permitAll()
.antMatchers("/admin/**").hasRole("admin")
.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login").defaultSuccessUrl("/",true).permitAll()
.and()
.logout().invalidateHttpSession(true)
.clearAuthentication(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/")
.and()
.oauth2Login()
.loginPage("/login")
.defaultSuccessUrl("/oauth_login", true);
}
但是在对用户的数据进行身份验证并设置了主体后,我觉得应用程序更易于处理,因此我已重定向到主页。似乎不起作用,在此页面之后,我的应用程序被重定向到/ login页面,并且已通过身份验证的用户自动注销。
@RequestMapping(value = "/oauth_login")
public ModelAndView oauthLogin(@AuthenticationPrincipal OAuth2User user, HttpServletRequest request) {
System.out.println("User: "+user);
if(user!=null) {
System.out.println("\nI'm HERE!!\n");
String email = user.getAttribute("email").toString();
String username = user.getAttribute("given_name").toString().toLowerCase()+user.getAttribute("family_name").toString().split(" ")[0].toLowerCase();
String provId = user.getAttribute("sub").toString();
String picture = user.getAttribute("picture").toString();
Boolean email_verified = Boolean.parseBoolean(user.getAttribute("email_verified").toString());
if(userService.isUserExists(email)) {
User oauthUser = userService.findByEmail(email);
System.out.println("Anonymous: "+(SecurityContextHolder.getContext().getAuthentication() instanceof AnonymousAuthenticationToken));
System.out.println(userService.isLoggedIn());
System.out.println("Authentication: "+SecurityContextHolder.getContext().getAuthentication());
SecurityContextHolder.getContext().setAuthentication(null);
System.out.println("Set to null succesfully");
PreAuthenticatedAuthenticationToken authentication = new PreAuthenticatedAuthenticationToken(oauthUser.getUsername(), oauthUser.getPassword());
System.out.println("PreAuthenticatedAuthenticationToken Created");
SecurityContextHolder.getContext().setAuthentication(authentication);
System.out.println("After logging in again: "+SecurityContextHolder.getContext().getAuthentication());
}
else {
User user1 = User.builder()
.email(email)
.username(username)
.emailVerified(email_verified)
.password("")
.userImage(picture)
.provider(AuthProvider.google)
.providerId(provId).build();
userService.save(user1);
try {
request.login(user1.getUsername(), user1.getPassword());
} catch (ServletException e) {
e.printStackTrace();
}
}
}
else {
System.out.println("Tried Second time");
}
return new ModelAndView("redirect:/");
}
我不得不注销经过oauth身份验证的用户,然后再次登录,因为我在登录后使用UserPrincipal中的getName()来获取用于获取用户数据的用户名,但是oauth主体给了我一些大数目而不是用户名。并且我必须使用此功能(oauth_login)来检查数据库中是否存在以前具有相同电子邮件地址的用户,如果该用户存在,它将进入数据库并在获取详细信息后将该用户登录,如果该用户不存在,它将在数据库中创建一个新用户。
编辑: 这是我在登录前后所获得的输出。它先登录然后再重定向到/ login,而不是重定向到home。
Anonymous: true
false
Authentication: org.springframework.security.authentication.AnonymousAuthenticationToken@75920481: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@166c8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 46268781-6fa9-4625-a82c-3e7e701d61df; Granted Authorities: ROLE_ANONYMOUS
User: Name: [113979972766733786875], Granted Authorities: [[ROLE_USER, SCOPE_https://www.googleapis.com/auth/userinfo.email, SCOPE_https://www.googleapis.com/auth/userinfo.profile, SCOPE_openid]], User Attributes: [{sub=113979972766733786875, name=Nigam Bhattarai QZmlsFvNLn, given_name=Nigam, family_name=Bhattarai QZmlsFvNLn, picture=https://lh3.googleusercontent.com/a-/AOh14GgAqFdMT3OhM20xZZ6wKT7XrnZ0hU-Xc902gl9GQJw, email=inigambhattarai@gmail.com, email_verified=true, locale=en}]
I'm HERE!!
2020-09-01 10:30:12.599 DEBUG 934515 --- [nio-8080-exec-2] org.hibernate.SQL :
select
user0_.usid as usid1_8_,
user0_.email as email2_8_,
user0_.email_verified as email_ve3_8_,
user0_.password as password4_8_,
user0_.phone as phone5_8_,
user0_.provider as provider6_8_,
user0_.provider_id as provider7_8_,
user0_.role as role8_8_,
user0_.user_image as user_ima9_8_,
user0_.username as usernam10_8_
from
user user0_
where
user0_.email=?
Hibernate:
select
user0_.usid as usid1_8_,
user0_.email as email2_8_,
user0_.email_verified as email_ve3_8_,
user0_.password as password4_8_,
user0_.phone as phone5_8_,
user0_.provider as provider6_8_,
user0_.provider_id as provider7_8_,
user0_.role as role8_8_,
user0_.user_image as user_ima9_8_,
user0_.username as usernam10_8_
from
user user0_
where
user0_.email=?
2020-09-01 10:30:12.600 TRACE 934515 --- [nio-8080-exec-2] o.h.type.descriptor.sql.BasicBinder : binding parameter [1] as [VARCHAR] - [inigambhattarai@gmail.com]
2020-09-01 10:30:12.608 DEBUG 934515 --- [nio-8080-exec-2] org.hibernate.SQL :
select
user0_.usid as usid1_8_,
user0_.email as email2_8_,
user0_.email_verified as email_ve3_8_,
user0_.password as password4_8_,
user0_.phone as phone5_8_,
user0_.provider as provider6_8_,
user0_.provider_id as provider7_8_,
user0_.role as role8_8_,
user0_.user_image as user_ima9_8_,
user0_.username as usernam10_8_
from
user user0_
where
user0_.email=?
Hibernate:
select
user0_.usid as usid1_8_,
user0_.email as email2_8_,
user0_.email_verified as email_ve3_8_,
user0_.password as password4_8_,
user0_.phone as phone5_8_,
user0_.provider as provider6_8_,
user0_.provider_id as provider7_8_,
user0_.role as role8_8_,
user0_.user_image as user_ima9_8_,
user0_.username as usernam10_8_
from
user user0_
where
user0_.email=?
2020-09-01 10:30:12.609 TRACE 934515 --- [nio-8080-exec-2] o.h.type.descriptor.sql.BasicBinder : binding parameter [1] as [VARCHAR] - [inigambhattarai@gmail.com]
Anonymous: false
true
Authentication: org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken@5fba9b66: Principal: Name: [113979972766733786875], Granted Authorities: [[ROLE_USER, SCOPE_https://www.googleapis.com/auth/userinfo.email, SCOPE_https://www.googleapis.com/auth/userinfo.profile, SCOPE_openid]], User Attributes: [{sub=113979972766733786875, name=Nigam Bhattarai QZmlsFvNLn, given_name=Nigam, family_name=Bhattarai QZmlsFvNLn, picture=https://lh3.googleusercontent.com/a-/AOh14GgAqFdMT3OhM20xZZ6wKT7XrnZ0hU-Xc902gl9GQJw, email=inigambhattarai@gmail.com, email_verified=true, locale=en}]; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@166c8: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 46268781-6fa9-4625-a82c-3e7e701d61df; Granted Authorities: ROLE_USER, SCOPE_https://www.googleapis.com/auth/userinfo.email, SCOPE_https://www.googleapis.com/auth/userinfo.profile, SCOPE_openid
Set to null succesfully
PreAuthenticatedAuthenticationToken Created
After logging in again: org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken@933dd12e: Principal: nigam; Credentials: [PROTECTED]; Authenticated: false; Details: null; Not granted any authorities
Anonymous: true
false
Authentication: org.springframework.security.authentication.AnonymousAuthenticationToken@81346cb1: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe9938: RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: 1b22015c-9083-4718-b397-de7548e1580c; Granted Authorities: ROLE_ANONYMOUS