OAuth2 | ClientCredentialsResourceDetails |弃用
OAuth2 | ClientCredentialsResourceDetails | deprecated
我是 spring 安全方面的新手,我遇到过使用 client_credentials 作为授权类型来实施 OAuth2。
我正在使用下面的代码,但我得到的建议是 ClientCredentialsResourceDetails、OAuth2RestTemplate 和 OAuth2AccessToken 已被弃用。
有人可以帮忙解决这个问题吗?
private String getAuthTocken(){
final ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
resourceDetails.setClientId("ceapiClientId");
resourceDetails.setClientSecret("ceapiClientSecret");
resourceDetails.setGrantType("client_credentials");
resourceDetails.setAccessTokenUri("https://auth.abcdcommerce.com/oauth-server/oauth/token");
final OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(resourceDetails);
final OAuth2AccessToken accessToken = oAuth2RestTemplate.getAccessToken();
final String accessTokenAsString = accessToken.getValue();
return accessTokenAsString;
}
另一种方法是使用新的非阻塞 WebClient 或带有拦截器的 RestTemplate,而不是已弃用的 OAuthRestTemplate。 spring-security-oauth 工件中的所有内容都有生命终结路线图。
https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update
https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix
迁移指南可以在这里找到,
https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide
来自迁移指南,
Spring Security chooses to favor composition and instead exposes an OAuth2AuthorizedClientService, which is useful for creating RestTemplateinterceptors or WebClient exchange filter functions. Spring Security provides ExchangeFilterFunction s for both Servlet- and WebFlux-based applications that both leverage this service.
这里有一个迁移示例,
https://github.com/jgrandja/spring-security-oauth-5-2-migrate
我是 spring 安全方面的新手,我遇到过使用 client_credentials 作为授权类型来实施 OAuth2。 我正在使用下面的代码,但我得到的建议是 ClientCredentialsResourceDetails、OAuth2RestTemplate 和 OAuth2AccessToken 已被弃用。
有人可以帮忙解决这个问题吗?
private String getAuthTocken(){
final ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
resourceDetails.setClientId("ceapiClientId");
resourceDetails.setClientSecret("ceapiClientSecret");
resourceDetails.setGrantType("client_credentials");
resourceDetails.setAccessTokenUri("https://auth.abcdcommerce.com/oauth-server/oauth/token");
final OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(resourceDetails);
final OAuth2AccessToken accessToken = oAuth2RestTemplate.getAccessToken();
final String accessTokenAsString = accessToken.getValue();
return accessTokenAsString;
}
另一种方法是使用新的非阻塞 WebClient 或带有拦截器的 RestTemplate,而不是已弃用的 OAuthRestTemplate。 spring-security-oauth 工件中的所有内容都有生命终结路线图。
https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update
https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix
迁移指南可以在这里找到,
https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide
来自迁移指南,
Spring Security chooses to favor composition and instead exposes an
OAuth2AuthorizedClientService, which is useful for creatingRestTemplateinterceptors orWebClientexchange filter functions. Spring Security providesExchangeFilterFunctions for both Servlet- and WebFlux-based applications that both leverage this service.
这里有一个迁移示例,
https://github.com/jgrandja/spring-security-oauth-5-2-migrate