gpt4 book ai didi

java - 使用@EnableAuthorizationServer 时如何在 HTTP BasicAuthenticationFilter 之后添加过滤器

转载 作者:搜寻专家 更新时间:2023-10-30 21:31:59 24 4
gpt4 key购买 nike

我正在尝试查看以下文档:https://github.com/spring-projects/spring-security-oauth/blob/f25592e682303b0cf89e1d7555174bac18e174df/docs/oauth2.md#mapping-user-roles-to-scopes

在文档中,它说为了将用户角色映射到范围,以及在 DefaultOAuth2RequestFactory 中设置 checkUserScopes=true,我们需要添加 TokenEndpointAuthenticationFilter 过滤器在 HTTP BasicAuthenticationFilter 之后。我想知道如何做到这一点。

这是我的 AuthorizationServer 的样子:

@Configuration
@EnableAuthorizationServer
protected static class OAuth2Config extends
AuthorizationServerConfigurerAdapter {

@Autowired
private AuthenticationManager authenticationManager;

@Autowired
private OAuth2RequestFactory requestFactory;

@Override
public void configure(AuthorizationServerEndpointsConfigurer endpoints) {
endpoints.authenticationManager(authenticationManager);
endpoints.requestFactory(requestFactory);
}

@Override
public void configure(ClientDetailsServiceConfigurer clients)
throws Exception {
clients.withClientDetails(clientDetailsService());
}

@Override
public void configure(AuthorizationServerSecurityConfigurer oauthServer)
throws Exception {
oauthServer.checkTokenAccess("isAuthenticated()");
}

@Bean
public ClientDetailsService clientDetailsService() {

Map<String, ClientDetails> clientDetailsStore = new HashMap<String, ClientDetails>();

Collection<String> scope = new HashSet<String>();
scope.add("user");
scope.add("admin");

Collection<String> authorizedGrantTypes = new HashSet<String>();
authorizedGrantTypes.add("password");
authorizedGrantTypes.add("refresh_token");


BaseClientDetails clientDetails = new BaseClientDetails();
clientDetails.setClientId("client");
clientDetails.setClientSecret("secret");
clientDetails.setScope(scope);
clientDetails.setAuthorizedGrantTypes(authorizedGrantTypes);

clientDetailsStore.put("client", clientDetails);

InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();
clientDetailsService.setClientDetailsStore(clientDetailsStore);

return clientDetailsService;
}

@Bean
public OAuth2RequestFactory requestFactory() {
DefaultOAuth2RequestFactory requestFactory =
new DefaultOAuth2RequestFactory(clientDetailsService());

requestFactory.setCheckUserScopes(true);

return requestFactory;
}
}

另外,如果能提供一个关于我们如何测试授权类型密码的示例 CURL 就太好了。

感谢任何帮助!

最佳答案

除了使用 @EnableAuthorizationServer,您应该能够扩展 AuthorizationServerSecurityConfiguration 并将其包含在您的 Spring 配置中。例如

@Configuration
public class OAuth2Config extends AuthorizationServerSecurityConfiguration {
@Override
protected void configure(HttpSecurity http) throws Exception {
super.configure(http);
http.addFilterAfter(myFilter(), BasicAuthenticationFilter.class);
}
}

关于java - 使用@EnableAuthorizationServer 时如何在 HTTP BasicAuthenticationFilter 之后添加过滤器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/29736231/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com