如何在调用默认重定向端点时告诉 Spring Security 5 使用不同的上下文 [英] How to tell spring security 5 to use different context while calling default redirection endpoint
问题描述
我在我的 UI 应用程序中通过 Oauth2 代码授权类型启用了 spring security 5.
I have enabled spring security 5 via Oauth2 code grant type in my UI application.
UI 应用程序的基础或上下文 uri 是/";并且重定向 URI 是BASE_URI/welcome/"
The base or context uri of UI application is "/" and the redirect URI is "BASE_URI/welcome/"
当我将重定向 URI 模板配置为https://:/welcome/login/oauth2/code/myAuthProvider"时;它给出的错误是无效的重定向 URI.
When i configure redirect URI template as "https://:/welcome/login/oauth2/code/myAuthProvider" it gives error as invalid redirect URI.
出现此错误是因为 spring security 正在尝试查找/welcome/login/oauth2/code/myAuthProvider"而不是/login/oauth2/code/myAuthProvider"
This error is coming because spring security is trying to find "/welcome/login/oauth2/code/myAuthProvider" instead of "/login/oauth2/code/myAuthProvider"
以下文档建议了如何更改默认重定向 uri.但是,我需要解决方案来告诉 Spring Security 忽略/welcome/"在重定向端点中.如果我的理解不正确,请提出任何方法或指导我.
Below documentation suggests how to change default redirect uri. However, i need solution to tell spring security to ignore "/welcome/" in redirection endpoint. Please suggest any approach or guide me if my understanding is incorrect.
应用程序.yml
spring:
application:
name: My Client Application
main:
allow-bean-definition-overriding: true
security:
oauth2:
client:
provider:
myAuthProvider:
token-uri: https://someserver.com/as/token.oauth2
authorization-uri: https://someserver.com/as/authorization.oauth2
registration:
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: https://localhost:8080/welcome/login/oauth2/code/myAuthProvider
WebClient 为
WebClient as
@Configuration
public class WebClientConfig {
@Bean
WebClient authProviderWebClient(ClientRegistrationRepository clientRegistrations,
OAuth2AuthorizedClientRepository authorizedClients) {
var oauth = new ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,authorizedClients);
oauth.setDefaultOAuth2AuthorizedClient(true);
oauth.setDefaultClientRegistrationId("myAuthProvider");
return WebClient.builder()
.apply(oauth.oauth2Configuration())
.build();
}
}
WebSecurityConfig 为
WebSecurityConfig as
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login();
}
}
控制器为
@控制器@RequestMapping("/欢迎")公共类 WelcomeController {
@Controller @RequestMapping("/welcome") public class WelcomeController {
private static final String WELCOME_PAGE = "welcome";
@GetMapping("/")
public String homePage() {
....
return WELCOME_PAGE;
}
}
推荐答案
application.yml
application.yml
myAuthProvider:
client-name: myAuthProvider
client-id: ABCID
client-secret: XYZSECRET
client-authentication-method: basic
authorization-grant-type: authorization_code
redirect-uri: "{baseUrl}/welcome/login/oauth2/code/{registrationId}"
WebSecurityConfig.class
WebSecurityConfig.class
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.oauth2Login()
.redirectionEndpoint().baseUri("/welcome/login/oauth2/callback/*");
}
}
这篇关于如何在调用默认重定向端点时告诉 Spring Security 5 使用不同的上下文的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!