如何使用spring-social-security SocialAuthenticationFilter指定OAuth2范围？ [英] How to specify OAuth2 scope with spring-social-security SocialAuthenticationFilter?

问题描述

我正在使用Spring Social和Spring Security对用户进行身份验证，并在我的网络应用上自动创建本地帐户。如何为身份验证提供OAuth2 范围？

I'm using Spring Social with Spring Security to authenticate users and automatically create local accounts on my web app. How do I provide the OAuth2 scope for authentication?

在 spring -social-samples ，我看不到范围应该去哪里。

In the spring-social-samples, I don't see where scope should go.

<bean id="socialAuthenticationFilter" class="org.springframework.social.security.SocialAuthenticationFilter"
    c:_0-ref="authenticationManager"
    c:_1-ref="userIdSource"
    c:_2-ref="usersConnectionRepository"
    c:_3-ref="connectionFactoryLocator"
    p:signupUrl="/spring-social-showcase/signup"
    p:rememberMeServices-ref="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0" />

<bean id="socialAuthenticationProvider" class="org.springframework.social.security.SocialAuthenticationProvider"
    c:_0-ref="usersConnectionRepository"
    c:_1-ref="socialUsersDetailService" />

范围的特定用例将是让用户通过Facebook进行身份验证，然后获取用户的Facebook电子邮件（ scope =email）以创建本地帐户。

A specific usecase for scope would be to let the user authenticate with Facebook and then get the user's Facebook email (scope="email") for creating a local account.

推荐答案

在您的配置中，您需要指定范围作为 FacebookAuthenticationService的属性。这是处理对 auth / facebook的调用的服务

In your configuration, you need to specify scope as a property of the FacebookAuthenticationService. This is the service that handles calls to auth/facebook

在XML配置中，而不是：

In XML configuration, instead of:

<facebook:config app-id="${facebook.clientId}" app-secret="${facebook.clientSecret}"/>

使用：

<bean id="connectionFactoryLocator" class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
    <property name="authenticationServices">
        <list>
            <bean class="org.springframework.social.facebook.security.FacebookAuthenticationService">
                <constructor-arg value="${facebook.clientId}" />
                <constructor-arg value="${facebook.clientSecret}" />
                <!-- Important: The next property name changed from "scope" to "defaultScope" in 1.1.0.M4 -->
                <property name="scope" value="email" />              
            </bean>
        </list>
    </property>
</bean>

这适用于Spring Social 1.1.0.M3

This works with Spring Social 1.1.0.M3

这篇关于如何使用spring-social-security SocialAuthenticationFilter指定OAuth2范围？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！