Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/spring-boot/5.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
使用spring-boot-starter-OAuth2-client检索OAuth2三段式身份验证的访问令牌_Spring Boot_Spring Security_Oauth 2.0_Access Token - Fatal编程技术网
Fatal编程技术网
  • spring-boot/
  • 使用spring-boot-starter-OAuth2-client检索OAuth2三段式身份验证的访问令牌

使用spring-boot-starter-OAuth2-client检索OAuth2三段式身份验证的访问令牌

spring-boot spring-security oauth-2.0

使用spring-boot-starter-OAuth2-client检索OAuth2三段式身份验证的访问令牌,spring-boot,spring-security,oauth-2.0,access-token,Spring Boot,Spring Security,Oauth 2.0,Access Token,我想知道如何使用org.springframework.Boot:Spring-Boot-starter-oauth2-client提供的功能在springboot三段式身份验证上检索访问令牌 我能够使用常规RestTemplate调用获取访问令牌 我尝试使用spring-boot-starter-oauth2-client功能获得相同的访问令牌,方法是遵循中的示例 我能够检索服务器提供的代码,但我无法确定如何获取访问令牌 我的代码如下所示: application.Properties中的属性

我想知道如何使用org.springframework.Boot:Spring-Boot-starter-oauth2-client提供的功能在springboot三段式身份验证上检索访问令牌

我能够使用常规RestTemplate调用获取访问令牌

我尝试使用spring-boot-starter-oauth2-client功能获得相同的访问令牌,方法是遵循中的示例

我能够检索服务器提供的代码,但我无法确定如何获取访问令牌

我的代码如下所示:

application.Properties中的属性:

login.html中的Thymeleaf模板:

SecurityConfig.java中的配置:

@配置 @启用Web安全性 公共类SegurityConfig扩展了WebSecurity配置适配器{ @凌驾 受保护的void configureHttpSecurity http_安全性引发异常{ http_security.authorizeRequests.RequestMatcherPathRequest.toStaticResources.atCommonLocations .permitAll.antMatchers/authentication/**.permitAll.anyRequest.authenticated.and.oauth2Login .loginPage/authentication/login.permitAll; } } AuthenticationController.java中的控制器:

@控制器 公共类身份验证控制器{ @自动连线 OAuth2AuthorizedClientService客户端服务; @自动连线 InMemoryClientRegistrationRepository客户端注册存储库; @GetMappingauthentication/login 公共字符串登录模型{ 列表注册=StreamSupport.streamclientRegistrationRepository.spliterator,true .mapclientRegistration->new RegistrationclientRegistration.getRegistrationId, OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI+/ +clientRegistration.getRegistrationId, clientRegistration.getClientName .toList; model.addAttributeRegistration,注册; 返回身份验证/登录; } @GetMappingauthentication/3leggedtoken/callback 公共字符串accessTokenModel,@RequestParamcode字符串代码{ Authentication Authentication=SecurityContextHolder.getContext.getAuthentication; 如果authentication.getClass.isAssignableFromOAuth2AuthenticationToken.class{ OAuth2AuthenticationToken oauthToken=OAuth2AuthenticationToken身份验证; 字符串clientRegistrationId=oauthToken.getAuthorizedClientRegistrationId; OAuth2AuthorizedClient=clientService.LoadAuthorizedClient客户端注册ID, oauthToken.getName; 返回client.getAccessToken.getTokenValue; } 返回null; } 应用程序成功地创建了到服务器的身份验证页面的链接,并且在登录后回调重定向URI

回调中返回的代码是正确的

公共字符串accessTokenModel,@RequestParamcode字符串代码{…} 但是身份验证不是OAuth2AuthenticationToken类型

Authentication Authentication=SecurityContextHolder.getContext.getAuthentication; 但类型为AnonymousAuthenticationToken

我应该如何获取访问令牌?我应该如何访问它以在以下请求中传递它

提前感谢!

尝试删除@GetMappingauthentication/3leggedtoken/callback端点并将其注册为bean。如下所示:

导入org.springframework.security.core.Authentication; 导入org.springframework.security.core.context.SecurityContextHolder; 导入org.springframework.security.oauth2.client.OAuth2AuthorizedClient; 导入org.springframework.security.oauth2.client.OAuth2AuthorizedClientService; 导入org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken; 导入org.springframework.web.context.annotation.RequestScope; 导入sample.api.facebook.facebook; @配置 公共类社会配置{ 私有最终静态记录器日志=LoggerFactory.getLoggerSocialConfig.class; @豆子 @请求范围 公共Facebook FaceBookOAuth2AuthorizedClient服务客户端服务{ Authentication Authentication=SecurityContextHolder.getContext.getAuthentication; 字符串accessToken=null; 如果authentication.getClass.isAssignableFromOAuth2AuthenticationToken.class{ OAuth2AuthenticationToken oauthToken=OAuth2AuthenticationToken身份验证; 字符串clientRegistrationId=oauthToken.getAuthorizedClientRegistrationId; 如果clientRegistrationId.equalsfacebook{ OAuth2AuthorizedClient客户端= clientService.LoadAuthorizedClient客户端注册ID,oauthToken.getName; accessToken=client.getAccessToken.getTokenValue; LOG.erroraccessToken; } } 返回新的FacebookaccessToken; } } 然后遵循本教程,它帮助我在我的项目中集成获取Facebook令牌

spring.security.oauth2.client.registration.my-client-name-here.client-id=__client_id_here__
spring.security.oauth2.client.registration.my-client-name-here.client-secret=__client_secret_here__
spring.security.oauth2.client.registration.my-client-name-here.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.my-client-name-here.redirect-uri-template=http://localhost:8080/authentication/3leggedtoken/callback
spring.security.oauth2.client.registration.my-client-name-here.scope=data:read
spring.security.oauth2.client.registration.my-client-name-here.client-name=__client_name_here__
spring.security.oauth2.client.registration.my-client-name-here.client-authentication-method=POST
spring.security.oauth2.client.provider.my-client-name-here.token-uri=https://example.com/api/token
spring.security.oauth2.client.provider.my-client-name-here.authorization-uri=https://example.com/api/authorize
spring.security.oauth2.client.provider.my-client-name-here.user-info-uri=
spring.security.oauth2.client.provider.my-client-name-here.user-name-attribute=

org.springframework.security.authentication.AnonymousAuthenticationToken@ef72fdb1:
   Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true;
   Details: org.springframework.security.web.authentication.WebAuthenticationDetails@b364:
       RemoteIpAddress: 0:0:0:0:0:0:0:1; SessionId: D8FFF6F20C14791E505B8B86648F7E1B;
       Granted Authorities: ROLE_ANONYMOUS