如何自定义Spring Boot AccessTokenProvider? [英] How do I customize the Spring Boot AccessTokenProvider?

问题描述

我想增强对我的OAuth2提供程序的令牌请求.我需要在POST请求中添加一个附加参数.我不知道在哪里可以插入Spring Boot框架来完成此任务.

I want to enhance the token request for my OAuth2 provider. I need to add an additional parameter to the POST request. I don't understand where to hook into the Spring Boot framework to accomplish this.

Spring Boot框架提供了一个用于自定义OAuth2RestTemplate的钩子，如"

The Spring Boot framework provides a hook for customizing the OAuth2RestTemplate as described in "Customizing the User Info RestTemplate". I have implemented the following customizer, which gets instantiated and called as expected. Unfortunately, my provider does not seem to get called when the token request is made.

public class AadUserInfoRestTemplateCustomizer implements UserInfoRestTemplateCustomizer {
    @Override
    public void customize(OAuth2RestTemplate oAuth2RestTemplate) {

        oAuth2RestTemplate.setAuthenticator(new AadOauth2RequestAuthenticator());

        // Attempt 1: Use my own token provider, but it never gets called...
        oAuth2RestTemplate.setAccessTokenProvider(new AadAccessTokenProvider());

        // Even better, if only OAuth2RestTemplate provided a getter for AccessTokenProvider, I could add interceptors and or enhancers
        // Can't do this :( AuthorizationCodeAccessTokenProvider provider = oAuth2RestTemplate.getAccessTokenProvider();
    }
}

问题:

如何设置自定义AccessTokeProvder，或者甚至更好，如何获取对默认AccessTokeProvder的引用并使用拦截器或增强器将其挂钩到请求中?

How does set a custom AccessTokeProvder, or even better, get a reference to the default one and hook into the request with an interceptor or enhancer?

代码示例

在下面的分支中，请参阅/simple模块.将您的AAD租户信息添加到/simple/src/main/resources/application.yml文件中:

In the fork below, please see the /simple module. Add your AAD tenant info into the /simple/src/main/resources/application.yml file:

https://github.com/bmillerbma/tut-spring -boot-oauth2/tree/aad

注释:

• 对该框架的提交似乎使之成为可能，但是如何利用这一功能呢?

• This commit to the framework seems to make this possible, but how does one leverage this functionality?

这个问题似乎与之相关.不知何故，伙计添加了一个自定义提供程序.但是在哪里?

This question seems to be related. Somehow the fella added a custom provider. But where?

推荐答案

我遇到了相同的问题，并使用了此解决方法，但由于这个原因，我坚持使用Spring Boot 1.3.8

I came across with the same issue and used this workaround but because of this I stuck with spring boot 1.3.8

因此，我开始更深入地研究，然后终于找到了一种更简单的方法.只需在userAuthorizationUri之后添加资源参数.

So I started to dig deeper and then I finally found an easier method. Just add a resource parameter after the userAuthorizationUri.

security:
  oauth2:
    client:
      ...
      userAuthorizationUri: https://login.microsoftonline.com/<<tenantId>>/oauth2/authorize?resource=https://graph.windows.net
      ...

这篇关于如何自定义Spring Boot AccessTokenProvider?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！