一周前,我开始使用OAuth2框架(使用Spring Boot v1.3.0.M4)开发应用程序.对我来说是一次全新的体验.所以我尽量让它变得更简单,以便更好地理解它.我正在使用Spring Security OAuth2,我正面临着正确使用它的困难.
我想做的事
当用户授权我的应用程序时,对用户进行身份验证.实际上,我不希望他在我的申请上注册,这样他就可以自由使用它,而无需填写无聊的表格进行注册.
遇到问题
我找不到处理UserRedirectRequired Exception的方法.因为我没有这样做,所以用户永远不会被重定向到授权页面并抛出异常(并且未处理).
StandardController.java
package org.test.oauth.web;
import java.security.Principal;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class StandardController {
@RequestMapping(value = "/", method = RequestMethod.GET)
public String getHelloWorld() {
return "Hello world !";
}
@RequestMapping(value = "/user", method = RequestMethod.GET)
public Principal getUser(Principal principal) {
return principal;
}
}
StandardConfiguration.java
package org.test.oauth.configuration;
import java.util.Arrays;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.OAuth2ClientContext;
import org.springframework.security.oauth2.client.filter.OAuth2ClientContextFilter;
import …