Spring 引导、安全、OAuth2:是否可以使用自定义 AuthorizationCodeResourceDetails?身份验证服务器需要重定向中的特定参数 url

Spring boot, Security, OAuth2: Is possible to use custom AuthorizationCodeResourceDetails? Auth server requires specific params in redirect url

我正在使用 SpringBoot 开发 OAuth2 客户端。第三方身份验证服务器需要重定向中的特定参数 urls.

我的app.yml

 acme:
    client:
      clientId:     acme
      clientSecret: acmepassword
      accessTokenUri:       http://localhost:8080/sso/oauth/token
      userAuthorizationUri: http://localhost:8080/sso/oauth/authorize
      specificParam1: specific1
      specificParam2: specific2

    resource:
      userInfoUri:    http://localhost:8080/sso/api/me

我通过 AuthorizationCodeResourceDetails.

的扩展创建了我的 CustomClientResourceDetails
public class CustomClientResourceDetails extends AuthorizationCodeResourceDetails {
    private String specificParam1;
    private String specificParam2;
    ...    
}

并在我的 SecurityConfig 中@Autowire。我还创建了一个自定义过滤器

  @Configuration
    @EnableOAuth2Client
    public class SecurityConfiguration extends WebSecurityConfigurerAdapter {      
        @Autowired
        OAuth2ClientContext oauth2ClientContext;

        @Override
        protected void configure(HttpSecurity http) throws Exception {
         ...
        .addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
     }

        @Bean
        public FilterRegistrationBean<OAuth2ClientContextFilter> oauth2ClientFilterRegistration(OAuth2ClientContextFilter filter) {
            FilterRegistrationBean<OAuth2ClientContextFilter> registration = new FilterRegistrationBean<OAuth2ClientContextFilter>();
            registration.setFilter(filter);
            registration.setOrder(-100);
            return registration;
        }

        private Filter ssoFilter() {
            OAuth2ClientAuthenticationProcessingFilter customFilter = new OAuth2ClientAuthenticationProcessingFilter(LOGIN);
            OAuth2RestTemplate customTemplate = new OAuth2RestTemplate(custom(), oauth2ClientContext);
            customFilter.setRestTemplate(customTemplate);
            UserInfoTokenServices tokenServices = new UserInfoTokenServices(customResource().getUserInfoUri(),
                    custom().getClientId());
            tokenServices.setRestTemplate(customTemplate);
            customFilter.setTokenServices(
                    new UserInfoTokenServices(customResource().getUserInfoUri(), custom().getClientId()));
            return customFilter;
        }

        @Bean
        @ConfigurationProperties("acme.client")
        @Primary
        public AuthorizationCodeResourceDetails custom() {
            return new CustomClientResourceDetails();
        }

        @Bean
        @ConfigurationProperties("acme.resource")
        public ResourceServerProperties customResource() {
            return new ResourceServerProperties();
        }
    }

但是特定参数不包含在重定向 url 中,因为 OAuth2ClientAuthenticationProcessingFilter 和与之关联的 类 通过 OAuth2RestOperations 或 'OAuth2ProtectedResourceDetails' 工作,只有默认参数。

是否可以包含额外的参数来重定向 url?又如何?

感谢您的帮助!

我假设您在被重定向到 IDP 的授权页面时需要发送一些动态参数。在这种情况下,您可以扩展 AuthorizationCodeAccessTokenProvider 并覆盖方法 getRedirectForAuthorization。您可以像这样添加自定义参数:

// add all your custom parameter to 'requestParameters'
requestParameters.put("myCustomParameter","myCustomParameterValue");

UserRedirectRequiredException redirectException = new UserRedirectRequiredException(
                    resource.getUserAuthorizationUri(), requestParameters);