gpt4 book ai didi

spring - 如何从 Spring 检索 azure AD JWT 访问 token ?

转载 作者:行者123 更新时间:2023-12-02 16:44:41 25 4
gpt4 key购买 nike

我正在尝试通过查询/token 端点从另一个应用程序的 Spring Boot 应用程序中检索 azure JWT 访问 token ,但我收到的 token 似乎不正确。

该项目有一个 Spring Boot 后端和一个 Eclipse rcp 前端。我正在尝试从 Eclipse 前端检索访问 token 。为此,我有以下 Controller :

    @Autowired
private OAuth2AuthorizedClientService authorizedClientService;

@GetMapping("/token")
public String user(OAuth2AuthenticationToken authentication) {

OAuth2AuthorizedClient authorizedClient = this.authorizedClientService
.loadAuthorizedClient(authentication.getAuthorizedClientRegistrationId(), authentication.getName());
return authorizedClient.getAccessToken().getTokenValue();
}

它返回具有以下格式的 token :

PAQABAAAAAABeAFzDwllzTYGDLh_qYbH8hgtbYMB8x7YLamQyQPk_MEXyd9Ckc5epDFQMv3RxjmMie0JDr5uN82U4RFLgU3fnDBxGolo4XVwzLEsTZDmUK_r0YG6ZwLbbQI_ch_Xn8xCxhsFq-AoRbEESDqK3GmK4eXwCYoT0G8_XfZjHTvCNTOMqUb2Q-CD2EalIKf0zSZ5184qrvlXfdNeT_BJdH_tqaodn80Bp2UL2hdnOCDZuWRqKl_2fi4v-eOOKJCcjOqY6SreVEeoKkIvVdayGE8F6qCxFehmlA0sX9sVW34FIVYVo4lDRsTkm-WN2KJwxJmalNcxg0k2ObDnIeC1ulPPpiPq-O_LK9bVA4HEZ63cJi9ZwQHwLPUhOO6TquoCOroHSy5KPoFkX3N796hM1i0NpaaY4MeAx17CSYeZ9P06jvYD7UMTV3OwWt-OVrDm5z_AvbOvyHRf9wjh31H6oLoc-iu_NCspT6NzC2UZQSHBtKdydEcP6sNkRp073jrZEg8UtcVT6HzddIBk2P0tVeIiSyU3SfLETbzJE67xtJVip3ai9aLN28c0qt3rDBaVGDAXjXhqrh5D3NiXdQjS6YTAKy0bVmNk9Yr9o2CGBA2wFjE8OZ6_Hb3k8_13KMJHafx0gAA

来自 pom.xml 的依赖

使用具有以下相关依赖项的 spring boot 构建:

  • spring-boot-starter-web v2.2.4
  • azure-active-directory-spring-boot-starter v2.2.1
  • spring-security-oauth2-client v5.2.1
  • spring-security-oauth2-jose v5.2.1
  • spring-security-oauth2-resource-server v5.2.1

从 application.yml 配置

我们支持多个授权服务器,这里是完整配置的 azure 客户端:

spring:
security:
oauth2:
client:
azure:
client-id: XXX
client-secret: XXX
client-name: Microsoft
scope: openid, https://graph.microsoft.com/user.read, profile
authorization-grant-type: authorization_code
redirect-uri: http://localhost:8080/login/oauth2/code/azure
client-authentication-method: basic
authentication-method: post
provider:
authorization-uri: https://login.microsoftonline.com/XXX/oauth2/authorize
token-uri: https://login.microsoftonline.com/XXX/oauth2/token
user-info-uri: https://login.microsoftonline.com/XXX/openid/userinfo
jwt-set-uri: https://login.microsoftonline.com/dXXX/discovery/keys

azure:
activedirectory:
tenant-id: XXX
active-directory-groups: XXX
allow-telemetry: false

网络安全配置.java

@Configuration
@EnableConfigurationProperties
@EnableWebSecurity
@Order(1)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {


@Autowired
private OAuth2UserService<OidcUserRequest, OidcUser> oidcUserService;

@Override
protected void configure(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
[...]
.anyRequest().authenticated();

http.oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt)

http.oauth2Login()
.userInfoEndpoint()
.oidcUserService(oidcUserService)
.and()
.authorizationEndpoint();
}

[...]
}

最佳答案

这就是我最终从 Azure 获取开放 ID token 的方式

@GetMapping("/token")
public String user(OAuth2AuthenticationToken authentication) {
DefaultOidcUser user = (DefaultOidcUser) authentication.getPrincipal();
return user.getIdToken().getTokenValue();
}

关于spring - 如何从 Spring 检索 azure AD JWT 访问 token ?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60836728/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com