3

我正在使用oauth2with springboot reactive( webclient webflux) 我想获取给定属性文件的访问令牌:

我尝试过没有成功的springboot文档文档:
1)https://docs.spring.io/spring-security/site/docs/5.0.7.RELEASE/reference/html/oauth2login-advanced.html
2)https: //www.baeldung.com/spring-webclient-oauth2

public class WebClientServletConfig {
     @Value("${spring.security.oauth2.client.registration.cerner.client-id}")
    private String clientId;
    @Value("${spring.security.oauth2.client.registration.cerner.client-secret}")
    private String secret;
    @Value("${spring.security.oauth2.client.provider.cerner.token-uri}")
    private String tokenUri;
    @Value("${spring.security.oauth2.client.registration.cerner.scope}")
    private String scopes;

    @Bean("clientRegistration")
    ClientRegistrationRepository clientRegistrationRepository() {
        ClientRegistration clientRegistration = ClientRegistration.withRegistrationId(clientId)
                .clientId(clientId)
                .clientSecret(secret)
                .clientAuthenticationMethod(ClientAuthenticationMethod.BASIC)
                .authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
                .scope(scopes).tokenUri(tokenUri).build();
        return new InMemoryClientRegistrationRepository(Arrays.asList(clientRegistration));

    }
    @Bean
    public WebClient webClient(@Qualifier("clientRegistration")ClientRegistrationRepository clientRegistrationRepository,
            @Qualifier("authorizedClientRepositoryConditional")OAuth2AuthorizedClientRepository authorizedClients) {
        ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2 = new ServletOAuth2AuthorizedClientExchangeFilterFunction(
                clientRegistrationRepository, authorizedClients);


        return WebClient.builder().apply(oauth2.oauth2Configuration()).build();

    }

    @Bean("OAuth2AuthorizedClientServiceConditional")
    @ConditionalOnMissingBean       // Existing
    public OAuth2AuthorizedClientService authorizedClientService(
            @Qualifier("clientRegistration")ClientRegistrationRepository clientRegistrationRepository) {
        return new InMemoryOAuth2AuthorizedClientService(clientRegistrationRepository);
    }

    @Bean("authorizedClientRepositoryConditional")
    @ConditionalOnMissingBean       // New
    public OAuth2AuthorizedClientRepository authorizedClientRepository(
            @Qualifier("OAuth2AuthorizedClientServiceConditional")OAuth2AuthorizedClientService authorizedClientService) {
        return new AuthenticatedPrincipalOAuth2AuthorizedClientRepository(authorizedClientService);
    }
}

public class WebSecurityConfig extends WebSecurityConfigurerAdapter{
    @Autowired
    private ClientRegistrationRepository clientRegistrationRepository;
     @Override
        protected void configure(HttpSecurity http) throws Exception {
           http
           .authorizeRequests()
               .anyRequest().authenticated()
               .and()
           .oauth2Login()
               .authorizationEndpoint()
                   .authorizationRequestResolver(
                           new CustomAuthorizationRequestResolver(
                                   this.clientRegistrationRepository,"https://auth.com/tenants/string/protocols/oauth2/profiles/smart-v1/token"));
        }
}

public class CustomAuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver {

    private final OAuth2AuthorizationRequestResolver defaultAuthorizationRequestResolver;
//  private final OAuth2AuthorizationRequestResolver resolver;

    public CustomAuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {

        this.defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(
                clientRegistrationRepository, "/oauth2/authorization");

    }

    public CustomAuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository,
            String authorizationRequestBaseUri) {
        this.defaultAuthorizationRequestResolver = new DefaultOAuth2AuthorizationRequestResolver(
                clientRegistrationRepository, authorizationRequestBaseUri);

    }

    @Override
    public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
        OAuth2AuthorizationRequest authorizationRequest = this.defaultAuthorizationRequestResolver.resolve(request);
        if (authorizationRequest != null) {
            customAuthorizationRequest(authorizationRequest);
        }
        return authorizationRequest;
    }

    @Override
    public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String clientRegistrationId) {

        OAuth2AuthorizationRequest authorizationRequest = this.defaultAuthorizationRequestResolver.resolve(request,
                clientRegistrationId);
        if (authorizationRequest != null) {
            customAuthorizationRequest(authorizationRequest);
        }
        return authorizationRequest;
    }

    private OAuth2AuthorizationRequest customAuthorizationRequest(OAuth2AuthorizationRequest authorizationRequest) {

        String customAuthorizationRequestUri = UriComponentsBuilder
                .fromUriString(authorizationRequest.getAuthorizationRequestUri()).build(true).toUriString();

        return OAuth2AuthorizationRequest.from(authorizationRequest)
                .authorizationRequestUri(customAuthorizationRequestUri).build();
    }
}

----Propertiesfile:
spring.security.oauth2.client.registration.authProvider.client-id=client
spring.security.oauth2.client.registration.authProvider.client-secret=secret
spring.security.oauth2.client.provider.authProvider.token-uri=https://auth.com/tenants/string/protocols/oauth2/profiles/smart-v1/token
spring.security.oauth2.client.registration.authProvider.scope=scope1 

scope2 scope3 openId
spring.security.oauth2.client.registration.authProvider.authorization-grant-type=client_credentials
4

0 回答 0