OAuth2密码授予Spring Serurity
我在配置passport授权方面有问题。我需要使用用户名和密码(基本身份验证)进行POST请求“身份验证”,并返回令牌作为响应。 据我所知:OAuth2密码授予Spring Serurity,spring,spring-security,spring-security-oauth2,Spring,Spring Security,Spring Security Oauth2,我在配置passport授权方面有问题。我需要使用用户名和密码(基本身份验证)进行POST请求“身份验证”,并返回令牌作为响应。 据我所知: spring: 安全: oauth2: 客户: 注册: 大声笑: 客户端id:lol 客户机密:lol 客户端身份验证方法:基本 授权授予类型:密码 accessTokenUri:http://lol/token 供应商: 大声笑: 令牌uri:lol/token @启用Web安全性 公共类SecurityConfig扩展了WebSecurity配置适配器
spring:
安全:
oauth2:
客户:
注册:
大声笑:
客户端id:lol
客户机密:lol
客户端身份验证方法:基本
授权授予类型:密码
accessTokenUri:http://lol/token
供应商:
大声笑:
令牌uri:lol/token
@启用Web安全性
公共类SecurityConfig扩展了WebSecurity配置适配器{
@凌驾
受保护的无效配置(HttpSecurity http)引发异常{
http
.anyRequest().authenticated()
.及()
.httpBasic()
.及()
.例外处理()
.及()
.oauth2Client()
}
@豆子
公共OAuth2AuthorizedClientManager密码FlowAuthorizedClientManager(
ClientRegistrationRepository ClientRegistrationRepository,
OAuth2AuthorizedClientposition授权客户position
) {
DefaultPasswordTokenResponseClient passwordTokenResponseClient=新的DefaultPasswordTokenResponseClient();
RestTemplate RestTemplate=新RestTemplate();
restTemplate.setMessageConverters(Arrays.asList(
新表单HttpMessageConverter(),
新的OAuth2AccessTokenResponseHttpMessageConverter()
));
setErrorHandler(新的OAuth2ErrorResponseErrorHandler());
passwordTokenResponseClient.setRestOperations(restTemplate);
OAuth2AuthorizedClient提供程序AuthorizedClient提供程序=
OAuth2AuthorizedClientProviderBuilder.builder()
.password()
.build();
DefaultOAuth2AuthorizedClientManager授权dClientManager=
新的DefaultOAuth2AuthorizedClientManager(
clientRegistrationRepository,授权客户库);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
authorizedClientManager.setContextAttributesMapper(authorizeRequest->{
Map contextAttributes=new HashMap();
字符串username=authorizeRequest.getAttribute(OAuth2ParameterNames.username);
字符串密码=authorizeRequest.getAttribute(OAuth2ParameterNames.password);
if(StringUtils.hasText(用户名)和&StringUtils.hasText(密码)){
contextAttributes=newHashMap();
//`PasswordOAuth2AuthorizedClientProvider`需要这两个属性
put(OAuth2AuthorizationContext.USERNAME\u attributes\u NAME,USERNAME);
put(OAuth2AuthorizationContext.PASSWORD\u attributes\u NAME,PASSWORD);
}
返回contextAttributes;
});
返回授权客户管理器;
}
@豆子
网络客户端网络客户端(OAuth2AuthorizedClientManager授权客户端管理器){
ServletOAuth2AuthorizedClient更改筛选器函数oauth2Client=
新的ServletOAuth2AuthorizedClientChangeFilterFunction(authorizedClientManager);
返回WebClient.builder()
.apply(oauth2Client.oauth2Configuration())
.build();
}
}
当我拿到了->401。
如果DefaultPasswordTokenResponseClient已初始化,则“找不到UsernamePasswordAuthenticationToken”的AuthenticationProvider
但我想,这是密码OAuth2AuthorizedClient提供程序
什么都不管用/我不知道我能用它做什么。发生了什么?谢谢
spring:
security:
oauth2:
client:
registration:
lol:
client-id:lol
client-secret: lol
client-authentication-method: basic
authorization-grant-type: password
accessTokenUri: http://lol/token
provider:
lol:
token-uri: lol/token
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.anyRequest().authenticated()
.and()
.httpBasic()
.and()
.exceptionHandling()
.and()
.oauth2Client()
}
@Bean
public OAuth2AuthorizedClientManager passwordFlowAuthorizedClientManager(
ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository
) {
DefaultPasswordTokenResponseClient passwordTokenResponseClient = new DefaultPasswordTokenResponseClient();
RestTemplate restTemplate = new RestTemplate();
restTemplate.setMessageConverters(Arrays.asList(
new FormHttpMessageConverter(),
new OAuth2AccessTokenResponseHttpMessageConverter()
));
restTemplate.setErrorHandler(new OAuth2ErrorResponseErrorHandler());
passwordTokenResponseClient.setRestOperations(restTemplate);
OAuth2AuthorizedClientProvider authorizedClientProvider =
OAuth2AuthorizedClientProviderBuilder.builder()
.password()
.build();
DefaultOAuth2AuthorizedClientManager authorizedClientManager =
new DefaultOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientRepository);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
authorizedClientManager.setContextAttributesMapper(authorizeRequest -> {
Map<String, Object> contextAttributes = new HashMap<>();
String username = authorizeRequest.getAttribute(OAuth2ParameterNames.USERNAME);
String password = authorizeRequest.getAttribute(OAuth2ParameterNames.PASSWORD);
if (StringUtils.hasText(username) && StringUtils.hasText(password)) {
contextAttributes = new HashMap<>();
// `PasswordOAuth2AuthorizedClientProvider` requires both attributes
contextAttributes.put(OAuth2AuthorizationContext.USERNAME_ATTRIBUTE_NAME, username);
contextAttributes.put(OAuth2AuthorizationContext.PASSWORD_ATTRIBUTE_NAME, password);
}
return contextAttributes;
});
return authorizedClientManager;
}
@Bean
WebClient webClient(OAuth2AuthorizedClientManager authorizedClientManager) {
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2Client =
new ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
return WebClient.builder()
.apply(oauth2Client.oauth2Configuration())
.build();
}
}