Spring boot Spring Security OAuth2-从身份验证对象获取自定义主体?
在使用OAuth2时,当我试图从身份验证对象(Authentication.getPrincipal())访问主体字段时,我当前正在尝试获取一个自定义UserInformation对象。我通过添加.oauth2Login()属性在WebSecurity ConfigAdapter中启用OAuth2:Spring boot Spring Security OAuth2-从身份验证对象获取自定义主体?,spring-boot,spring-security,oauth-2.0,spring-security-oauth2,spring-oauth2,Spring Boot,Spring Security,Oauth 2.0,Spring Security Oauth2,Spring Oauth2,在使用OAuth2时,当我试图从身份验证对象(Authentication.getPrincipal())访问主体字段时,我当前正在尝试获取一个自定义UserInformation对象。我通过添加.oauth2Login()属性在WebSecurity ConfigAdapter中启用OAuth2: @Configuration public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests().anyRequest().authenticated()
.and()
.oauth2Login();
}
}
当我添加此属性并尝试从控制器访问主体时,它表示主体的类型是DefaultOidcUser
@RestController
public class OAuthController {
@GetMapping("/getPrincipal")
public String authenticate(Authentication authenticate) {
return "PRINCIPAL CLASS: " + authenticate.getPrincipal().getClass().getName();
}
}
有没有办法让身份验证主体返回自定义对象(而不是OidcUser)?我试图编写一个自定义OidcService,但它仍然需要返回一个OidcUser
以下是我正在使用的依赖项:
- 弹簧启动启动器安全性:2.2.4-释放
- spring-security-oauth2-client:5.2.1-RELEASE
- spring-security-oauth2-jose:5.2.1-RELEASE
@Configuration
public class CustomOIDCUserService extends OidcUserService {
@Override
public OidcUser loadUser(OidcUserRequest oidcUserRequestst) throws OAuth2AuthenticationException {
OidcUser oidcUser = super.loadUser(oidcUserRequestst);
Set<GrantedAuthority> mappedAuthorities = new HashSet<>();
//Add roles to mappedAuthorities
UserInformation userInfo = new UserInformation(new DefaultOidcUser(mappedAuthorities,
oidcUser.getIdToken(),
oidcUser.getUserInfo()));
//Initialize other fields from oidcUser
return userInfo;
}
}
谢谢大家!
public class UserInformation implements OidcUser, UserDetails {
private OidcUser oidcUser;
String name;
String email;
public UserInformation(OidcUser oidcUser) {
this.oidcUser = oidcUser;
}
//Setting constructors, getters, and setters