在2.0版中具有自定义TokenGranter的Spring Security OAuth2 + [英] Spring Security OAuth2 with custom TokenGranter in version 2.0.+
问题描述
在以前的OAuth2版本中,可以通过将自定义令牌授予者添加到<authorization-server>元素中的xml配置中来添加它.
In previous versions of OAuth2 it was possible to add a custom token granter by adding it to the xml configuration in the <authorization-server> element.
我想知道如何使用AuthorizationServerConfigurerAdapter使用Java Config扩展授权服务器,而又不丢失默认配置,该默认配置包含隐式,客户端凭据,刷新令牌和授权代码授予类型.
I wonder how I could extend the authorization server with Java Config using a AuthorizationServerConfigurerAdapter, without losing the default configuration, which contains the implicit, client credentials, refresh token and authorization code grant types.
首次尝试使用通过@Component创建TokenGranter:
First attempt was using creating the TokenGranter with @Component:
@Component("customTokenGranter")
public class CustomTokenGranter {
//implementation
}
这导致依赖项解析异常,因为无法自动装配构造授予者所需的tokenServices.
This leads to a dependency resolution exception because the tokenServices needed to construct the Granter cannot be autowired.
第二次尝试使用configure方法
Second attempt was using the configure method
@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception
{
endpoints
.tokenGranter(new CustomTokenGranter(endpoints.getTokenServices(),
endpoints.getClientDetailsService(), endpoints.getOAuth2RequestFactory()));
}
使用此选项,将不会注册默认的赠款类型.
Using this, the default grant types will not be registered.
我还尝试了第二种配置,但顺序较低,但没有成功. 我还可以做些什么来添加我的自定义赠款类型?
I also tried a second configuration with a lower order, but without success. What else could I do to add my custom grant type?
推荐答案
您还需要添加默认值,例如使用CompositeTokenGranter:
You need to add the default ones too, e.g. using a CompositeTokenGranter:
List<TokenGranter> tokenGranters = getTokenGranters(); // implementation up to you
tokenGranter = new CompositeTokenGranter(tokenGranters);
endpoints.tokenGranter(tokenGranter);
这篇关于在2.0版中具有自定义TokenGranter的Spring Security OAuth2 +的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
