如何使用OAuth2和社交登录保护Spring Boot RESTful服务 [英] how to Secure Spring Boot RESTful service with OAuth2 and Social login
问题描述
我正在尝试使用Angular 2前端应用程序作为客户端,该客户端将使用Spring RESTful Web服务中的资源.
I am trying to use Angular 2 Front End application as a client which will consume the resource from Spring RESTful Web Service.
因此请考虑通过OAuth 2身份验证和社交登录(Google和Facebook)保护此Web服务.
So thought of protecting this web service with OAuth 2 authentication and Social Login (Google and Facebook).
使用社交登录"成功登录后,它没有重定向到我发出请求的URL(Angular 2在本地环境中以3000端口运行的端口),而是重定向到本地环境中的8080端口
After successful login with Social Login it's not redirecting to the URL (port at which Angular 2 is running in local environment with 3000 port) from which I made the request but its redirecting to 8080 port in local environment
localhost:3000-前端 本地主机:8080-OAuth
localhost:3000 - Front End localhost:8080 - OAuth
我遵循了本教程 https://spring.io/guides/tutorials/spring -boot-oauth2/用于上述情况,但是他们使用JAVA Application作为其客户端,并且使用批注进行处理.
I followed this tutorial https://spring.io/guides/tutorials/spring-boot-oauth2/ for the above scenario but they are using JAVA Application as their client and it's handling with annotations.
推荐答案
通过以下两个示例应用程序,我可以使用多个RESTful资源实现社交登录,这些步骤如下:
I am able to achieve social login with multiple RESTful resource by following two example applications, following are the steps:
(1)结帐 https://github.com/spring-guides/tut-spring-security-and-angular-js/tree/master/oauth2
(2)删除"authserver"文件夹(我们将从另一个项目中使用auth-server)
(2) Delete "authserver" folder (We will use auth-server from another project)
(3) Checkout auth-server from social demo: https://github.com/spring-guides/tut-spring-boot-oauth2/tree/master/auth-server
(4)打开"ui"项目的application.yml并进行以下更改:
(4) Open application.yml of "ui" project and do following changes:
server.port: 9001
server.context-path: /zuul
debug: true
spring:
aop:
proxy-target-class: true
security:
oauth2:
client:
client-id: acme
client-secret: acmesecret
access-token-uri: http://localhost:8080/oauth/token
user-authorization-uri: http://localhost:8080/oauth/authorize
grant-type: implicit
resource:
user-info-uri: http://localhost:8080/me
zuul:
routes:
resource:
path: /resource/**
url: http://localhost:9000/resource
user:
path: /user/**
url: http://localhost:8080/me
logging:
level:
org.springframework.security: DEBUG
(5)打开auth-server的application.yml并添加google属性:
(5) Open application.yml of auth-server and add google properties:
google:
client:
clientId: <your client id>
clientSecret: <your client secret>
accessTokenUri: https://accounts.google.com/o/oauth2/token
scope: profile,email
userAuthorizationUri: https://accounts.google.com/o/oauth2/auth
clientAuthenticationScheme: form
redirect-uri: http://localhost:8080
resource:
userInfoUri: https://www.googleapis.com/plus/v1/people/me
(6)打开auth-server的SocialApplication.java: 添加与Google相关的bean和过滤器(类似于facebook和github).
(6) Open SocialApplication.java of auth-server : Add google related bean and filters (similar to facebook and github).
(7)将application.properties重命名为资源"项目的application.yml 以下是该yml的内容:
(7) rename application.properties to application.yml of "resource" project following is the content of that yml:
server:
port: 9000
context-path: /resource
security:
oauth2:
resource:
user-info-uri: http://localhost:8080/me
logging:
level:
org.springframework.security: DEBUG
org.springframework.web: DEBUG
(8)现在运行auth-server,resource和ui项目,并使用端口9001和上下文/zuul命中URL.
(8) Now run auth-server, resource and ui projects and hit URL with port 9001 and context /zuul.
这篇关于如何使用OAuth2和社交登录保护Spring Boot RESTful服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!