Spring CXF Soap 客户端 OAuth2 客户端凭证

Question

我想要使​​用 SOAP Web 服务，该服务需要使用 client_credentials 授予类型进行 OAuth2 身份验证。

从文档（http://cxf.apache.org/docs/jax-rs-oauth2.html#JAX-RSOAuth2-AdvancedOAuth2clientapplications）中，我发现这BearerAuthSupplier可能有用。所以我尝试了

    @Bean
    public CustomName customName()
    {

        final JaxWsProxyFactoryBean factoryBean = new JaxWsProxyFactoryBean();
        factoryBean.setServiceClass(CustomName.class);
        factoryBean.setAddress("");
        final CustomName serviceClient = (CustomName ) factoryBean.create();

        // Get the underlying Client object from the proxy object of service interface
        final org.apache.cxf.endpoint.Client proxy = ClientProxy.getClient(serviceClient);

        final HTTPConduit conduit = (HTTPConduit) proxy.getConduit();

        final BearerAuthSupplier supplier = new BearerAuthSupplier();
        supplier.setAccessTokenServiceUri("");
        supplier.setConsumer(new Consumer("client-id", "client-secret"));
        supplier.setRefreshEarly(true);
        conduit.setAuthSupplier(supplier);

        return serviceClient;


    }

在授权标头中，我有一个Basic断言（我想要一个Bearer）。另外，我无法设置令牌的范围。我想我错过了一些东西......

为了让它发挥作用，我必须扩展BearerAuthSupplier到这样的想法

public class CustomAuthSupplier extends BearerAuthSupplier {

    private String accessTokenServiceUri;

    public String getAuthorization(AuthorizationPolicy authPolicy,
                                   URI currentURI,
                                   Message message,
                                   String fullHeader) {

        ClientCredentialsGrant clientCredentialsGrant = new ClientCredentialsGrant("scope_needed");
        clientCredentialsGrant.setClientId(this.getConsumer().getClientId());
        clientCredentialsGrant.setClientSecret(this.getConsumer().getClientSecret());

        WebClient wc = WebClient.create(this.accessTokenServiceUri, Collections.singletonList(new OAuthJSONProvider()));
        ClientAccessToken at = OAuthClientUtils.getAccessToken(wc,clientCredentialsGrant);
        this.setClientAccessToken(at);

        return super.getAuthorization(authPolicy, currentURI, message, fullHeader);
    }

    public void setAccessTokenServiceUri(String uri) {
        this.accessTokenServiceUri = uri;
        super.setAccessTokenServiceUri(uri);
    }

到目前为止，它运行良好，但我发现它有点复杂（而且我不太确定我在做什么）。我的问题是：调用 Soap WS 时如何使用 CXF 执行客户端凭据授予？