如何告诉 spring 安全 5 在调用默认重定向端点时使用不同的上下文
How to tell spring security 5 to use different context while calling default redirection endpoint
我在我的 UI 应用程序中通过 Oauth2 代码授权类型启用了 spring 安全 5。
UI 应用程序的基础或上下文 uri 是“/”,重定向 URI 是“BASE_URI/welcome/”
当我将重定向 URI 模板配置为“https://:/welcome/login/oauth2/code/myAuthProvider”时
它给出了无效重定向 URI 的错误。
出现此错误是因为 spring 安全人员正在尝试查找“/welcome/login/oauth2/code/myAuthProvider”而不是“/login/oauth2/code/myAuthProvider”
以下文档建议如何更改默认重定向 uri。但是,我需要解决方案来告诉 spring 安全忽略重定向端点中的“/welcome/”。如果我的理解不正确,请提出任何方法或指导我。
application.yml
spring:
application:
name: My Client Application
main:
allow-bean-definition-overriding: true
security:
oauth2:
client:
provider:
myAuthProvider:
token-uri: https://someserver.com/as/token.oauth2
authorization-uri: https://someserver.com/as/authorization.oauth2
registration:
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: https://localhost:8080/welcome/login/oauth2/code/myAuthProvider
网络客户端为
@Configuration
public class WebClientConfig {
@Bean
WebClient authProviderWebClient(ClientRegistrationRepository clientRegistrations,
OAuth2AuthorizedClientRepository authorizedClients) {
var oauth = new ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,authorizedClients);
oauth.setDefaultOAuth2AuthorizedClient(true);
oauth.setDefaultClientRegistrationId("myAuthProvider");
return WebClient.builder()
.apply(oauth.oauth2Configuration())
.build();
}
}
WebSecurityConfig 为
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login();
}
}
控制器为
@控制器
@RequestMapping("/欢迎")
public class 欢迎控制器 {
private static final String WELCOME_PAGE = "welcome";
@GetMapping("/")
public String homePage() {
....
return WELCOME_PAGE;
}
}
application.yml
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: "{baseUrl}/welcome/login/oauth2/code/{registrationId}"
WebSecurityConfig.class
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login()
.redirectionEndpoint().baseUri("/welcome/login/oauth2/callback/*");
}
}
我在我的 UI 应用程序中通过 Oauth2 代码授权类型启用了 spring 安全 5。
UI 应用程序的基础或上下文 uri 是“/”,重定向 URI 是“BASE_URI/welcome/”
当我将重定向 URI 模板配置为“https://:/welcome/login/oauth2/code/myAuthProvider”时 它给出了无效重定向 URI 的错误。
出现此错误是因为 spring 安全人员正在尝试查找“/welcome/login/oauth2/code/myAuthProvider”而不是“/login/oauth2/code/myAuthProvider”
以下文档建议如何更改默认重定向 uri。但是,我需要解决方案来告诉 spring 安全忽略重定向端点中的“/welcome/”。如果我的理解不正确,请提出任何方法或指导我。
application.yml
spring:
application:
name: My Client Application
main:
allow-bean-definition-overriding: true
security:
oauth2:
client:
provider:
myAuthProvider:
token-uri: https://someserver.com/as/token.oauth2
authorization-uri: https://someserver.com/as/authorization.oauth2
registration:
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: https://localhost:8080/welcome/login/oauth2/code/myAuthProvider
网络客户端为
@Configuration
public class WebClientConfig {
@Bean
WebClient authProviderWebClient(ClientRegistrationRepository clientRegistrations,
OAuth2AuthorizedClientRepository authorizedClients) {
var oauth = new ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,authorizedClients);
oauth.setDefaultOAuth2AuthorizedClient(true);
oauth.setDefaultClientRegistrationId("myAuthProvider");
return WebClient.builder()
.apply(oauth.oauth2Configuration())
.build();
}
}
WebSecurityConfig 为
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login();
}
}
控制器为
@控制器 @RequestMapping("/欢迎") public class 欢迎控制器 {
private static final String WELCOME_PAGE = "welcome";
@GetMapping("/")
public String homePage() {
....
return WELCOME_PAGE;
}
}
application.yml
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: "{baseUrl}/welcome/login/oauth2/code/{registrationId}"
WebSecurityConfig.class
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login()
.redirectionEndpoint().baseUri("/welcome/login/oauth2/callback/*");
}
}