Spring boot Spring Security Oauth oauth2UserService(在github上工作,但在google上不工作)
我在学习补习 在最后一个示例中,有一个添加错误消息的示例。 一切似乎都很好,但我不明白为什么当我使用github登录时,这个bean可以工作 但当我使用谷歌登录时,它就不起作用了。(当我调试它时,断点在github登录时停止,在通过谷歌登录时不停止)。 哪里注意到只针对github的内容? bean(完全来自示例):Spring boot Spring Security Oauth oauth2UserService(在github上工作,但在google上不工作),spring-boot,spring-security,oauth-2.0,spring-social,Spring Boot,Spring Security,Oauth 2.0,Spring Social,我在学习补习 在最后一个示例中,有一个添加错误消息的示例。 一切似乎都很好,但我不明白为什么当我使用github登录时,这个bean可以工作 但当我使用谷歌登录时,它就不起作用了。(当我调试它时,断点在github登录时停止,在通过谷歌登录时不停止)。 哪里注意到只针对github的内容? bean(完全来自示例): @Bean 公共OAuth2UserService OAuth2UserService(WebClient rest){ DefaultOAuth2UserService委托=新建
@Bean
公共OAuth2UserService OAuth2UserService(WebClient rest){
DefaultOAuth2UserService委托=新建DefaultOAuth2UserService();//此处为断点
退货申请->{
OAuth2User=delegate.loadUser(请求);//并在此处设置断点
if(!“github”.equals(request.getClientRegistration().getRegistrationId())){
返回用户;
}
OAuth2AuthorizedClient=新的OAuth2AuthorizedClient
(request.getClientRegistration()、user.getName()、request.getAccessToken());
stringurl=user.getAttribute(“organizations_url”);
列表组织=休息
.get().uri(url)
.attributes(oauth2AuthorizedClient(客户端))
.retrieve()
.bodyToMono(列表类)
.block();
if(orgs.stream().anyMatch(org->“spring projects”.equals(org.get(“login”))){
返回用户;
}
抛出新的OAuth2AuthenticationException(新的OAuth2Error(“无效的_令牌”,“不在Spring团队中”,“”);
};
}
希望这有帮助。您可以使用OidcUserService来钩住google oauth身份验证过程 检查下面的文章
希望这有帮助。苏丹朱马塔耶夫,对于谷歌,您必须实施:
@Bean
public OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {
final OidcUserService delegate = new OidcUserService();
return (userRequest) -> {
// Delegate to the default implementation for loading a user
OidcUser oidcUser = delegate.loadUser(userRequest);
//OAuth2AccessToken accessToken = userRequest.getAccessToken();
//Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
// TODO
// 1) Fetch the authority information from the protected resource using accessToken
// 2) Map the authority information to one or more GrantedAuthority's and add it to mappedAuthorities
// 3) Create a copy of oidcUser but use the mappedAuthorities instead
//oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
return oidcUser;
};
}
@Bean
公共OAuth2UserService oidcUserService(){
最终OidcUserService委托=新OIDCUSERVICE();
返回(用户请求)->{
//委托给默认实现以加载用户
OidcUser OidcUser=delegate.loadUser(userRequest);
//OAuth2AccessToken accessToken=userRequest.getAccessToken();
//Set mappedAuthorities=new HashSet();
//待办事项
//1)使用accessToken从受保护的资源获取权限信息
//2)将权限信息映射到一个或多个授权权限,并将其添加到MappeAuthorities
//3)创建oidcUser的副本,但改用mappedAuthorities
//oidcUser=新的DefaultOidcUser(mappedAuthorities,oidcUser.getIdToken(),oidcUser.getUserInfo());
回归方程;
};
}
@Bean
public OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService() {
final OidcUserService delegate = new OidcUserService();
return (userRequest) -> {
// Delegate to the default implementation for loading a user
OidcUser oidcUser = delegate.loadUser(userRequest);
//OAuth2AccessToken accessToken = userRequest.getAccessToken();
//Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
// TODO
// 1) Fetch the authority information from the protected resource using accessToken
// 2) Map the authority information to one or more GrantedAuthority's and add it to mappedAuthorities
// 3) Create a copy of oidcUser but use the mappedAuthorities instead
//oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
return oidcUser;
};
}
@Bean
公共OAuth2UserService oidcUserService(){
最终OidcUserService委托=新OIDCUSERVICE();
返回(用户请求)->{
//委托给默认实现以加载用户
OidcUser OidcUser=delegate.loadUser(userRequest);
//OAuth2AccessToken accessToken=userRequest.getAccessToken();
//Set mappedAuthorities=new HashSet();
//待办事项
//1)使用accessToken从受保护的资源获取权限信息
//2)将权限信息映射到一个或多个授权权限,并将其添加到MappeAuthorities
//3)创建oidcUser的副本,但改用mappedAuthorities
//oidcUser=新的DefaultOidcUser(mappedAuthorities,oidcUser.getIdToken(),oidcUser.getUserInfo());
回归方程;
};
}