我已经通过UI应用程序中的Oauth2代码授予类型启用了spring-security 5。
UI应用程序的基础或上下文uri是"/"并且重定向URI是"0";BASE_ URI/欢迎/";
当我将重定向URI模板配置为"时;https://:/welcome/login/oauth2/code/myAuthProvider";它将错误作为无效的重定向URI。
这个错误的出现是因为spring security正试图找到"/welcome/login/oauth2/code/myAuthProvider";而不是"/login/oauth2/code/myAuthProvider";
下面的文档建议如何更改默认重定向uri。然而,我需要解决方案来告诉springsecurity忽略"欢迎/";在重定向端点中。如果我的理解不正确,请建议任何方法或指导我。
https://docs.spring.io/spring-security/site/docs/5.0.7.RELEASE/reference/html/oauth2login-advanced.html#oauth2login-高级重定向端点
application.yml
spring:
application:
name: My Client Application
main:
allow-bean-definition-overriding: true
security:
oauth2:
client:
provider:
myAuthProvider:
token-uri: https://someserver.com/as/token.oauth2
authorization-uri: https://someserver.com/as/authorization.oauth2
registration:
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: https://localhost:8080/welcome/login/oauth2/code/myAuthProvider
WebClient作为
@Configuration
public class WebClientConfig {
@Bean
WebClient authProviderWebClient(ClientRegistrationRepository clientRegistrations,
OAuth2AuthorizedClientRepository authorizedClients) {
var oauth = new ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,authorizedClients);
oauth.setDefaultOAuth2AuthorizedClient(true);
oauth.setDefaultClientRegistrationId("myAuthProvider");
return WebClient.builder()
.apply(oauth.oauth2Configuration())
.build();
}
}
作为的WebSecurityConfig
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login();
}
}
控制器作为
@控制器@RequestMapping("/welcome"(公共类WelcomeController{
private static final String WELCOME_PAGE = "welcome";
@GetMapping("/")
public String homePage() {
....
return WELCOME_PAGE;
}
}
application.yml
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: "{baseUrl}/welcome/login/oauth2/code/{registrationId}"
WebSecurityConfig.class
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login()
.redirectionEndpoint().baseUri("/welcome/login/oauth2/callback/*");
}
}