Java Spring社会和安全集成(vs匿名用户)
我试图将spring security和spring social结合起来。问题是当我试图在我的系统中为他创建帐户时。我希望避免创建id为“anonymousUser”的用户 当我分析来自spring social security的代码时,我希望调用方法JdbcUsersConnectionRepository.FindUsersWithConnection(连接连接)在系统中创建用户和条目。但当我运行代码时,我发现这不是真的。在此操作之前,调用SocialConfigure.getUserId()的实现。伟大的如果我们有匿名用户,它将被缓存。。。但是无论如何,getUserId是在任何事情之前被调用的,所以授权不起作用。因此,我为这件事编写了自己的实现:Java Spring社会和安全集成(vs匿名用户),java,spring-security,spring-social,Java,Spring Security,Spring Social,我试图将spring security和spring social结合起来。问题是当我试图在我的系统中为他创建帐户时。我希望避免创建id为“anonymousUser”的用户 当我分析来自spring social security的代码时,我希望调用方法JdbcUsersConnectionRepository.FindUsersWithConnection(连接连接)在系统中创建用户和条目。但当我运行代码时,我发现这不是真的。在此操作之前,调用SocialConfigure.getUserI
@Configuration
@EnableSocial
public class SocialConfig implements SocialConfigurer {
@Autowired
private DataSource dataSource;
@Autowired
private CustomerService customerService;
@Autowired
private CustomerProviderRepository customerProviderRepository;
@Autowired
private PasswordEncoder passwordEncoder;
@Override
public void addConnectionFactories(ConnectionFactoryConfigurer connectionFactoryConfigurer, Environment environment) {
}
@Override
public UserIdSource getUserIdSource() {
return () -> {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null || authentication.getName().equals("anonymousUser")) {
throw new IllegalStateException("Unable to get a ConnectionRepository: no user signed in");
}
return authentication.getName();
};
}
@Override
public UsersConnectionRepository getUsersConnectionRepository(ConnectionFactoryLocator connectionFactoryLocator) {
JdbcUsersConnectionRepository repository = new JdbcUsersConnectionRepository(dataSource, connectionFactoryLocator, Encryptors.noOpText());
repository.setConnectionSignUp(new SocialConnectionSignUpService(customerService, customerProviderRepository, passwordEncoder));
return repository;
}
}
public class SocialConnectionSignUpService implements ConnectionSignUp {
private final CustomerService customerService;
private final CustomerProviderRepository customerProviderRepository;
private final PasswordEncoder passwordEncoder;
public SocialConnectionSignUpService(CustomerService customerService, CustomerProviderRepository customerProviderRepository, PasswordEncoder passwordEncoder) {
this.customerService = customerService;
this.passwordEncoder = passwordEncoder;
this.customerProviderRepository = customerProviderRepository;
}
@Override
public String execute(Connection<?> connection) {
ConnectionKey connectionKey = connection.getKey();
UserProfile profile = connection.fetchUserProfile();
Customer customer = customerService.findBy(profile.getEmail());
if(customer == null) {
customer = new Customer();
customer.setEmail(profile.getEmail());
customerService.add(customer);
}
SocialKey key = new SocialKey();
key.setUserId(customer.getId().toString());
key.setProviderUserId(connectionKey.getProviderUserId());
key.setProviderId(connectionKey.getProviderId());
CustomerProvider customerProvider = new CustomerProvider();
customerProvider.setKey(key);
customerProvider.setDisplayName(profile.getName());
customerProviderRepository.save(customerProvider);
return customerProvider.id();
}
}
@Configuration
@EnableWebSecurity
public class SecurityContext extends WebSecurityConfigurerAdapter {
@Autowired
private DataSource dataSource;
@Autowired
private CustomerRepository customerRepository;
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.loginPage("/login")
.loginProcessingUrl("/login/authenticate")
.permitAll()
.and()
.rememberMe()
.and()
.authorizeRequests()
.antMatchers("/signup/social").authenticated()
.antMatchers("/**").permitAll()
.and()
.apply(new SpringSocialConfigurer().postLoginUrl("/signup/social").alwaysUsePostLoginUrl(true))
.and()
.csrf().disable();
}
@Bean
public SocialUserDetailsService socialUserDetailsService() {
return new SocialUserDetailsServiceImpl(customerRepository);
}
}