Aje*_*sal 10 spring-security spring-security-oauth2
我们使用 spring security oauth2 使用客户端凭据授予类型来获取令牌。我们不使用该application.properties文件来指定客户端凭据,而是以编程方式提供它们。
ClientRegistration clientRegistration = ClientRegistration
.withRegistrationId("test")
.clientId("testclientid")
.clientSecret("testclientsecret")
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.tokenUri("http://test.tokenuri.com")
.build();
ReactiveClientRegistrationRepository reactiveClientRegistrationRepository = new InMemoryReactiveClientRegistrationRepository(clientRegistration);
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth =
new ServerOAuth2AuthorizedClientExchangeFilterFunction(
reactiveClientRegistrationRepository,
new UnAuthenticatedServerOAuth2AuthorizedClientRepository());
oauth.setDefaultClientRegistrationId("test");
this.webClient = webClientFactory.getBuilder()
.filter(oauth)
.build();
该代码工作正常,但我们看到一条已UnAuthenticatedServerOAuth2AuthorizedClientRepository弃用的警告。api 文档UnAuthenticatedServerOAuth2AuthorizedClientRepository建议使用AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager,但AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager没有实现与UnAuthenticatedServerOAuth2AuthorizedClientRepository. 在这种情况下,对于替换已弃用的内容有何建议UnAuthenticatedServerOAuth2AuthorizedClientRepository?
我找到了https://github.com/spring-projects/spring-security/issues/8016但该问题没有提供太多细节。
小智 10
在@Jokers回答的帮助下,我设法通过以下方式解决了这个问题。我将凭据放入其中appliction.properties并为此分离了 RegistrationRepository。
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.client.AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.client.InMemoryReactiveOAuth2AuthorizedClientService;
import org.springframework.security.oauth2.client.registration.ClientRegistration;
import org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.registration.ReactiveClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.web.reactive.function.client.WebClient;
@Configuration
public class MyClientRequestConfig {
@Bean
ReactiveClientRegistrationRepository getRegistration(
@Value("${spring.security.oauth2.client.provider.myprovider.token-uri}") String token_uri,
@Value("${spring.security.oauth2.client.registration.myprovider.client-id}") String client_id,
@Value("${spring.security.oauth2.client.registration.myprovider.client-secret}") String client_secret
) {
ClientRegistration registration = ClientRegistration
.withRegistrationId("myprovider")
.tokenUri(token_uri)
.clientId(client_id)
.clientSecret(client_secret)
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.build();
return new InMemoryReactiveClientRegistrationRepository(registration);
}
@Bean(name = "myprovider")
WebClient webClient(ReactiveClientRegistrationRepository clientRegistrations) {
InMemoryReactiveOAuth2AuthorizedClientService clientService = new InMemoryReactiveOAuth2AuthorizedClientService(clientRegistrations);
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager authorizedClientManager = new AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(clientRegistrations, clientService);
ServerOAuth2AuthorizedClientExchangeFilterFunction oauth = new ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
oauth.setDefaultClientRegistrationId("myprovider");
return WebClient.builder()
.filter(oauth)
.build();
}
}
尽管 kotlin 代码(转换为 java 应该很容易),但我们最终得到了类似的结果:
val clientRegistryRepo = InMemoryReactiveClientRegistrationRepository(ClientRegistration
.withRegistrationId("test")
.tokenUri("http://test.tokenuri.com")
.clientId("testClientId")
.clientSecret("testclientsecret")
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.build())
val clientService = InMemoryReactiveOAuth2AuthorizedClientService(clientRegistryRepo)
val authorizedClientManager =
AuthorizedClientServiceReactiveOAuth2AuthorizedClientManager(clientRegistryRepo, clientService)
val oauthFilter = ServerOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager)
oauthFilter.setDefaultClientRegistrationId("test")
WebClient.builder()
.filter(oauthFilter)
.build()
| 归档时间: |
|
| 查看次数: |
8655 次 |
| 最近记录: |