如何自定义 Spring Boot AccessTokenProvider? [英] How do I customize the Spring Boot AccessTokenProvider?

问题描述

我想为我的 OAuth2 提供者增强令牌请求.我需要向 POST 请求添加一个附加参数.我不明白在哪里挂钩到 Spring Boot 框架来完成这个.

I want to enhance the token request for my OAuth2 provider. I need to add an additional parameter to the POST request. I don't understand where to hook into the Spring Boot framework to accomplish this.

Spring Boot 框架提供了一个用于自定义 OAuth2RestTemplate 的钩子，如自定义用户信息 RestTemplate".我已经实现了以下定制器，它被实例化并按预期调用.不幸的是，发出令牌请求时似乎没有调用我的提供程序.

The Spring Boot framework provides a hook for customizing the OAuth2RestTemplate as described in "Customizing the User Info RestTemplate". I have implemented the following customizer, which gets instantiated and called as expected. Unfortunately, my provider does not seem to get called when the token request is made.

public class AadUserInfoRestTemplateCustomizer implements UserInfoRestTemplateCustomizer {
    @Override
    public void customize(OAuth2RestTemplate oAuth2RestTemplate) {

        oAuth2RestTemplate.setAuthenticator(new AadOauth2RequestAuthenticator());

        // Attempt 1: Use my own token provider, but it never gets called...
        oAuth2RestTemplate.setAccessTokenProvider(new AadAccessTokenProvider());

        // Even better, if only OAuth2RestTemplate provided a getter for AccessTokenProvider, I could add interceptors and or enhancers
        // Can't do this :( AuthorizationCodeAccessTokenProvider provider = oAuth2RestTemplate.getAccessTokenProvider();
    }
}

问题:

如何设置自定义 AccessTokeProvder，或者更好的是，获取对默认值的引用并使用拦截器或增强器挂钩到请求中?

How does set a custom AccessTokeProvder, or even better, get a reference to the default one and hook into the request with an interceptor or enhancer?

代码示例

在下面的分叉中，请查看/simple 模块.将您的 AAD 租户信息添加到/simple/src/main/resources/application.yml 文件中:

In the fork below, please see the /simple module. Add your AAD tenant info into the /simple/src/main/resources/application.yml file:

https://github.com/bmillerbma/tut-spring-boot-oauth2/tree/aad

注意事项:

• 这个提交似乎是框架使这成为可能，但是如何利用这一功能呢?

• This commit to the framework seems to make this possible, but how does one leverage this functionality?

这个问题似乎是相关的.不知何故，这个家伙添加了一个自定义提供程序.但是在哪里?

This question seems to be related. Somehow the fella added a custom provider. But where?

推荐答案

我遇到了同样的问题并使用了这个解决方法，但因此我坚持使用 spring boot 1.3.8

I came across with the same issue and used this workaround but because of this I stuck with spring boot 1.3.8

所以我开始深入挖掘，然后我终于找到了一个更简单的方法.只需在 userAuthorizationUri 之后添加资源参数即可.

So I started to dig deeper and then I finally found an easier method. Just add a resource parameter after the userAuthorizationUri.

security:
  oauth2:
    client:
      ...
      userAuthorizationUri: https://login.microsoftonline.com/<<tenantId>>/oauth2/authorize?resource=https://graph.windows.net
      ...

这篇关于如何自定义 Spring Boot AccessTokenProvider?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！