首页
学习
活动
专区
工具
TVP
发布
精选内容/技术社群/优惠产品,尽在小程序
立即前往

Spring boot安全性不会重定向configure(HttpSecurity http)方法上的oauth/authorize调用

在Spring Boot中,使用Spring Security进行OAuth2认证时,通常会配置HttpSecurity来处理安全性配置。如果你遇到/oauth/authorize调用没有被重定向的问题,可能是配置不正确或者某些配置被遗漏了。

以下是一个典型的Spring Boot应用程序中配置OAuth2的示例:

1. 添加依赖

首先,确保你在pom.xml中添加了必要的依赖:

代码语言:javascript
复制
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

2. 配置应用程序属性

application.ymlapplication.properties中配置OAuth2客户端信息:

代码语言:javascript
复制
spring:
  security:
    oauth2:
      client:
        registration:
          google:
            client-id: YOUR_CLIENT_ID
            client-secret: YOUR_CLIENT_SECRET
            scope: profile, email
            redirect-uri: "{baseUrl}/login/oauth2/code/{registrationId}"
        provider:
          google:
            authorization-uri: https://accounts.google.com/o/oauth2/auth
            token-uri: https://oauth2.googleapis.com/token
            user-info-uri: https://www.googleapis.com/oauth2/v3/userinfo

3. 配置安全性

在你的Spring Security配置类中,配置HttpSecurity

代码语言:javascript
复制
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.oidc.userinfo.OidcUserService;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter;
import org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationProvider;
import org.springframework.security.oauth2.client.web.OAuth2LoginConfigurer;
import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.oidc.user.OidcUserAuthority;
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler;

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            .authorizeRequests()
                .antMatchers("/", "/home").permitAll()
                .anyRequest().authenticated()
                .and()
            .oauth2Login()
                .loginPage("/login")
                .defaultSuccessUrl("/home", true)
                .failureUrl("/login?error=true")
                .userInfoEndpoint()
                .oidcUserService(this.oidcUserService());
    }

    private OidcUserService oidcUserService() {
        OidcUserService delegate = new OidcUserService();

        return (userRequest) -> {
            OidcUser oidcUser = delegate.loadUser(userRequest);

            // Custom logic to handle the OIDC user
            // For example, you can map the authorities or extract additional information

            return oidcUser;
        };
    }
}

4. 自定义登录页面

如果你有自定义的登录页面,可以在控制器中处理:

代码语言:javascript
复制
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;

@Controller
public class LoginController {

    @GetMapping("/login")
    public String login() {
        return "login"; // 返回自定义的登录页面视图
    }
}

5. 检查重定向URL

确保你的OAuth2提供者配置中的redirect-uri正确,并且与你的应用程序配置匹配。通常,redirect-uri应该是类似于{baseUrl}/login/oauth2/code/{registrationId}的格式。

6. 日志和调试

启用调试日志以查看Spring Security的详细信息:

代码语言:javascript
复制
logging:
  level:
    org.springframework.security: DEBUG
页面内容是否对你有帮助?
有帮助
没帮助

相关·内容

没有搜到相关的沙龙

领券