在我当前的 Spring HATEOAS 0.25.1.RELEASE 项目中,我大量使用了 ResourceProcessor接口:
@Bean
public ResourceProcessor<Resource<Person>> personProcessor() {
return new ResourceProcessor<Resource<Person>>() {
@Override
public Resource<Person> process(Resource<Person> resource) {
resource.add(new Link("http://localhost:8080/people", "added-link"));
return resource;
}
};
}
如何将我的 ResourceProcessors 迁移到 Spring HATEOAS 1.0.0 M1?
我的 Spring OAuth2 客户端只向经过身份验证的用户授予ROLE_USER权限,忽略resource_access提供的 JWT 中的权限。
{
"wdb": {
"roles": [
"TestRole",
"TestRoleFoo",
"TestRoleBar"
]
}
如何设置我的 OAuth2 客户端以同时授予来自resource_access(TestRole、TestRoleFoo、TestRoleBar)的权限?我在这里错过了一些关键配置吗?
在我的资源服务器上,我使用具有以下配置的 Springs 默认 OAuth2 客户端:
security:
oauth2:
client:
client-id: wdb
client-secret: some-secret
access-token-uri: http://localhost:8080/auth/realms/master/protocol/openid-connect/token
user-authorization-uri: http://localhost:8080/auth/realms/master/protocol/openid-connect/auth
scope: openid profile email
authorized-grant-types: code
resource:
user-info-uri: http://localhost:8080/auth/realms/master/protocol/openid-connect/userinfo
我的 Keycloak 授权服务器为我提供了以下 JWT 负载:
{
"jti": "6a666808-2b69-4de0-ab94-9ceebdac13de",
"exp": 1569674641,
"nbf": 0,
"iat": 1569674341,
"iss": "http://localhost:8080/auth/realms/master",
"aud": "account",
"sub": "f19b0443-4cce-495a-8479-ff36f82628fc",
"typ": "Bearer",
"azp": …spring-security oauth-2.0 jwt spring-security-oauth2 keycloak