Spring boot安全性不会重定向configure(HttpSecurity http)方法上的oauth/authorize调用
在Spring Boot中,使用Spring Security进行OAuth2认证时,通常会配置HttpSecurity来处理安全性配置。如果你遇到/oauth/authorize调用没有被重定向的问题,可能是配置不正确或者某些配置被遗漏了。
以下是一个典型的Spring Boot应用程序中配置OAuth2的示例:
1. 添加依赖
首先,确保你在pom.xml中添加了必要的依赖:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>2. 配置应用程序属性
在application.yml或application.properties中配置OAuth2客户端信息:
spring:
security:
oauth2:
client:
registration:
google:
client-id: YOUR_CLIENT_ID
client-secret: YOUR_CLIENT_SECRET
scope: profile, email
redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
provider:
google:
authorization-uri: https://accounts.google.com/o/oauth2/auth
token-uri: https://oauth2.googleapis.com/token
user-info-uri: https://www.googleapis.com/oauth2/v3/userinfo3. 配置安全性
在你的Spring Security配置类中,配置HttpSecurity:
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationProvider;
import org.springframework.security.oauth2.client.web.OAuth2LoginConfigurer;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.anyRequest().authenticated()
.and()
.oauth2Login()
.loginPage("/login")
.defaultSuccessUrl("/home", true)
.failureUrl("/login?error=true")
.userInfoEndpoint()
.oidcUserService(this.oidcUserService());
}
private OidcUserService oidcUserService() {
OidcUserService delegate = new OidcUserService();
return (userRequest) -> {
OidcUser oidcUser = delegate.loadUser(userRequest);
// Custom logic to handle the OIDC user
// For example, you can map the authorities or extract additional information
return oidcUser;
};
}
}4. 自定义登录页面
如果你有自定义的登录页面,可以在控制器中处理:
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
@Controller
public class LoginController {
@GetMapping("/login")
public String login() {
return "login"; // 返回自定义的登录页面视图
}
}5. 检查重定向URL
确保你的OAuth2提供者配置中的redirect-uri正确,并且与你的应用程序配置匹配。通常,redirect-uri应该是类似于{baseUrl}/login/oauth2/code/{registrationId}的格式。
6. 日志和调试
启用调试日志以查看Spring Security的详细信息:
logging:
level:
org.springframework.security: DEBUG相关·内容
扫码
添加站长 进交流群
领取专属 10元无门槛券
手把手带您无忧上云
相关资讯
热门标签
云服务器
ICP备案
对象存储
实时音视频
即时通信 IM活动推荐
腾讯云开发者
