Java 如何使用Spring OAuth2ClientAuthenticationProcessingFilter处理OAuth2授权代码&x2B;授权代码资源详细信息
我正在尝试使用SpringSecurityOAuth进行oauth2身份验证 我已经在我的安全配置中插入了一个Java 如何使用Spring OAuth2ClientAuthenticationProcessingFilter处理OAuth2授权代码&x2B;授权代码资源详细信息,java,spring,oauth,spring-security,spring-security-oauth2,Java,Spring,Oauth,Spring Security,Spring Security Oauth2,我正在尝试使用SpringSecurityOAuth进行oauth2身份验证 我已经在我的安全配置中插入了一个OAuth2ClientAuthenticationProcessingFilter,并带有一个AuthorizationCodeResourceDetails。我正在检索授权代码,但Oauth流已中断,我无法获取访问令牌 以下是我的配置: @覆盖 受保护的无效配置(HttpSecurity http)引发异常{ /** *从com.myscript.backend.configurat
OAuth2ClientAuthenticationProcessingFilterAuthorizationCodeResourceDetails@覆盖
受保护的无效配置(HttpSecurity http)引发异常{
/**
*从com.myscript.backend.configuration.WebApp.java移动
* https://stackoverflow.com/questions/20863489/characterencodingfilter-dont-work-together-with-spring-security-3-2-0 *
*/
CharacterEncodingFilter CharacterEncodingFilter=新的CharacterEncodingFilter();
characterEncodingFilter.setEncoding(“UTF-8”);
characterEncodingFilter.setForceEncoding(true);
addFilterBefore(characterEncodingFilter,CsrfFilter.class);
字符串键=“****************************”;
APIpersistentTokenBasedMemberMeservices rememberMeServices=新的APIpersistentTokenBasedMemberMeservices(键、用户详细信息服务、adminTokenRepository);
//@formatter:off
http
.例外处理()
.authenticationEntryPoint(新的Http403ForbiddenEntryPoint())
.及()
.csrf().disable()
.rememberMe()
.记忆服务(记忆服务)
.tokenRepository(adminTokenRepository)
.钥匙(钥匙)
.userDetailsService(userDetailsService)
.及()
.addFilterAfter(oauth2ClientContextFilter,SecurityContextPersistenceFilter.class)
.addFilterBefore(ssoFilter(),BasicAuthenticationFilter.class)
.formLogin()
.loginProcessingUrl(“/**/authentication/login*”)
.usernameParameter(“电子邮件”)
.passwordParameter(“密码”)
.successHandler(新的重新验证successHandler())
.failureHandler(新的重新身份验证failureHandler())
.permitAll()
.及()
.logout()
.invalidateHttpSession(真)
.logoutSuccessHandler(新的logoutSuccessHandler(){
@凌驾
public void onLogoutSuccess(HttpServletRequest请求、HttpServletResponse响应、身份验证)
抛出IOException、ServletException{
response.setStatus(HttpServletResponse.SC_OK);
}
})
.logoutRequestMatcher(新的AntPathRequestMatcher(“/**/authentication/logout*”)
.permitAll()
.及()
.授权请求()
.antMatchers(“/authentication/**”,…)
.permitAll()
.anyRequest()
.authenticated()
.及()
.anonymous();
//@formatter:on
}
专用筛选器ssoFilter(){
OAuth2ClientAuthenticationProcessingFilter ssoFilter=新的OAuth2ClientAuthenticationProcessingFilter(“/**/authentication/login/sso”);
最终OAuth2RestTemplate=新的OAuth2RestTemplate(sso());
ssoFilter.setRestTemplate(模板);
回流过滤器;
}
@豆子
受保护的OAuth2ProtectedResourceDetails sso(){
AuthorizationCodeResourceDetails=新的AuthorizationCodeResourceDetails();
详细信息。setId(“sso”);
详细信息。setClientId(“*******”);
详细信息。setClientSecret(“*******”);
详细信息。setAccessTokenUri(“http://sso.test.com/oauth/token");
详细信息。setUserAuthorizationUri(“http://sso.test.com/oauth/authorize");
详细信息。setPreEstablishedRedirectUri(“http://localhost:8894/api/v3.0/admin/authentication/login/sso");
详细信息.设置范围(数组.asList(“读”、“写”));
详细信息。setUseCurrentUri(false);
退货详情;
}