OAuth2FeignRequestInterceptor 的替代方案,因为它现在已弃用
Alternative For OAuth2FeignRequestInterceptor as it is deprecated NOW
在我之前的实现中,我使用的是 OAuth2FeignRequestInterceptor。但是从 Spring security 5 开始,OAuth2FeignRequestInterceptor 似乎被弃用了。实现相同目标的替代方法是什么?我搜索了很多博客和主题,但找不到任何答案。
build.gradle.kts
implementation("org.springframework.security:spring-security-oauth2-client")
application.yml
spring:
security:
oauth2:
client:
registration:
keycloak: // <- replace with your custom oauth2 client details
provider: keycloak
client-id: [keycloak-client-id]
client-secret: [keycloak-client-secret]
authorization-grant-type: client_credentials
scope: openid
provider:
keycloak: // <- replace with your custom oauth2 provider details
authorization-uri: http://localhost:8080/auth/realms/yourealm/protocol/openid-connect/auth
token-uri: http://localhost:8080/auth/realms/yourealm/protocol/openid-connect/token
Oauth2Config
@Configuration
class Oauth2Config {
@Bean
fun authorizedClientManager(
clientRegistrationRepository: ClientRegistrationRepository?,
authorizedClientRepository: OAuth2AuthorizedClientRepository?
): OAuth2AuthorizedClientManager? {
val authorizedClientProvider: OAuth2AuthorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder()
.authorizationCode()
.clientCredentials()
.build()
val authorizedClientManager = DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository)
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider)
return authorizedClientManager
}
}
FeignOauth2配置
class FeignOauth2Configuration (private val authorizedClientManager: OAuth2AuthorizedClientManager) {
@Bean
fun oauth2HttpRequestInterceptor(): RequestInterceptor {
return RequestInterceptor { request ->
request.headers()["Authorization"] = listOf("Bearer ${getAccessToken()?.tokenValue}")
}
}
private fun getAccessToken(): OAuth2AccessToken? {
val request = OAuth2AuthorizeRequest
.withClientRegistrationId("keycloak")
.principal("client-id")
.build()
return authorizedClientManager.authorize(request)?.accessToken
}
}
用户客户端
@FeignClient(name="user-service", configuration = [FeignOauth2Configuration::class])
interface UserClient {
@GetMapping("/users")
fun getAllUsers(): List<UserDto>
}
在我之前的实现中,我使用的是 OAuth2FeignRequestInterceptor。但是从 Spring security 5 开始,OAuth2FeignRequestInterceptor 似乎被弃用了。实现相同目标的替代方法是什么?我搜索了很多博客和主题,但找不到任何答案。
build.gradle.kts
implementation("org.springframework.security:spring-security-oauth2-client")
application.yml
spring:
security:
oauth2:
client:
registration:
keycloak: // <- replace with your custom oauth2 client details
provider: keycloak
client-id: [keycloak-client-id]
client-secret: [keycloak-client-secret]
authorization-grant-type: client_credentials
scope: openid
provider:
keycloak: // <- replace with your custom oauth2 provider details
authorization-uri: http://localhost:8080/auth/realms/yourealm/protocol/openid-connect/auth
token-uri: http://localhost:8080/auth/realms/yourealm/protocol/openid-connect/token
Oauth2Config
@Configuration
class Oauth2Config {
@Bean
fun authorizedClientManager(
clientRegistrationRepository: ClientRegistrationRepository?,
authorizedClientRepository: OAuth2AuthorizedClientRepository?
): OAuth2AuthorizedClientManager? {
val authorizedClientProvider: OAuth2AuthorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder()
.authorizationCode()
.clientCredentials()
.build()
val authorizedClientManager = DefaultOAuth2AuthorizedClientManager(clientRegistrationRepository, authorizedClientRepository)
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider)
return authorizedClientManager
}
}
FeignOauth2配置
class FeignOauth2Configuration (private val authorizedClientManager: OAuth2AuthorizedClientManager) {
@Bean
fun oauth2HttpRequestInterceptor(): RequestInterceptor {
return RequestInterceptor { request ->
request.headers()["Authorization"] = listOf("Bearer ${getAccessToken()?.tokenValue}")
}
}
private fun getAccessToken(): OAuth2AccessToken? {
val request = OAuth2AuthorizeRequest
.withClientRegistrationId("keycloak")
.principal("client-id")
.build()
return authorizedClientManager.authorize(request)?.accessToken
}
}
用户客户端
@FeignClient(name="user-service", configuration = [FeignOauth2Configuration::class])
interface UserClient {
@GetMapping("/users")
fun getAllUsers(): List<UserDto>
}