Spring Google 带刷新令牌的 OAuth2

Spring Google OAuth2 With Refresh Token

我当前的 OAuth2 配置没有 return 刷新令牌。我的配置尽可能基本。我如何配置它,以便它也可以 return refresh_token。 我在服务器端验证用户。所以 JS 解决方案不起作用。

我需要 RememberMe 功能的刷新令牌。具体来说,我正在使用 oAuth2AuthorizedClientService.loadAuthorizedClient(clientId, principalName); 方法来访问从 google 身份验证服务器检索到的信息。

 WebSecurityConfigurerAdapter {
 ...
 httpSecurity
        ...
          .and()
        .oauth2Login()
          .and()
        .rememberMe()
        ...

Application.yml:

security:
    oauth2:
      client:
        registration:
          google:
            clientId: ZZZ
            clientSecret: zzzz
            redirectUri: https://example.com/login/oauth2/code/google

我的解决方案是添加 OAuth2AuthorizationRequestResolver

OAuth2AuthorizationRequestResolver 中,我更改了 customAuthorizationRequest(见下文)。现在它 returns 每次都刷新令牌。

private OAuth2AuthorizationRequest customAuthorizationRequest( OAuth2AuthorizationRequest authorizationRequest) {

    Map<String, Object> additionalParameters =new LinkedHashMap<>(authorizationRequest.getAdditionalParameters());
    additionalParameters.put("access_type", "offline");

    return OAuth2AuthorizationRequest.from(authorizationRequest)
            .additionalParameters(additionalParameters)
            .build();
}

也更新了我的WebSecurityConfigurerAdapter

.oauth2Login()
    .authorizationEndpoint()
    .authorizationRequestResolver(
            new CustomAuthorizationRequestResolver(
                    this.clientRegistrationRepository))
    .and()
    .and()
.rememberMe()

如果有人找到更简单的解决方案,请post! :)