堆栈内存溢出
  简体   繁体   English

Spring Google OAuth2 带刷新令牌

[英]Spring Google OAuth2 With Refresh Token

 原文  2019-10-25 14:10:45       spring-security/ google-oauth/ spring-oauth2

问题描述

My current OAuth2 configuration doesn't return refresh token.我当前的 OAuth2 配置不返回刷新令牌。 My configuration is as basic as possible.我的配置尽可能基本。 How can I configure it so that it would return refresh_token as well.我该如何配置它,以便它也能返回 refresh_token 。 I'm authenticating user on the server side.我正在服务器端对用户进行身份验证。 So JS solutions don't work.所以JS解决方案不起作用。

I need the refresh token for RememberMe functionality.我需要 RememberMe 功能的刷新令牌。 Specifically I'm using oAuth2AuthorizedClientService.loadAuthorizedClient(clientId, principalName);具体来说,我正在使用oAuth2AuthorizedClientService.loadAuthorizedClient(clientId, principalName); method, to get access to the information that was retrieved from googles authentication server.方法,以访问从谷歌身份验证服务器检索到的信息。

 WebSecurityConfigurerAdapter {
 ...
 httpSecurity
        ...
          .and()
        .oauth2Login()
          .and()
        .rememberMe()
        ...

Application.yml:应用程序.yml:

security:
    oauth2:
      client:
        registration:
          google:
            clientId: ZZZ
            clientSecret: zzzz
            redirectUri: https://example.com/login/oauth2/code/google

1 个解决方案

解决方案1
 2 已采纳  2019-10-25 15:11:28

My solution was to add OAuth2AuthorizationRequestResolver我的解决方案是添加OAuth2AuthorizationRequestResolver

In OAuth2AuthorizationRequestResolver I changed the customAuthorizationRequest (see below).OAuth2AuthorizationRequestResolver我更改了customAuthorizationRequest (见下文)。 Now it returns refresh token every time.现在它每次都返回刷新令牌。

private OAuth2AuthorizationRequest customAuthorizationRequest( OAuth2AuthorizationRequest authorizationRequest) {

    Map<String, Object> additionalParameters =new LinkedHashMap<>(authorizationRequest.getAdditionalParameters());
    additionalParameters.put("access_type", "offline");

    return OAuth2AuthorizationRequest.from(authorizationRequest)
            .additionalParameters(additionalParameters)
            .build();
}

also updated my WebSecurityConfigurerAdapter还更新了我的WebSecurityConfigurerAdapter

.oauth2Login()
    .authorizationEndpoint()
    .authorizationRequestResolver(
            new CustomAuthorizationRequestResolver(
                    this.clientRegistrationRepository))
    .and()
    .and()
.rememberMe()

if somebody finds simpler solution do post: :)如果有人找到更简单的解决方案,请发布::)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Spring 启动 - google oauth2,在数据库中存储刷新令牌 - Spring boot - google oauth2, store refresh token in database Spring 5,401返回后带有Google刷新访问令牌的OAuth2 - Spring 5, OAuth2 with Google refresh access token after 401 return Spring Boot Oauth2刷新令牌-IllegalStateException - Spring Boot Oauth2 Refresh Token - IllegalStateException Spring OAuth2没有提供刷新令牌 - Spring OAuth2 not giving refresh token Spring OAuth2 刷新令牌过期 - Spring OAuth2 Refresh token expiration Spring刷新访问令牌后刷新令牌以更改令牌 - Spring OAuth2 refresh token to change after refreshing access token 春天如何在oauth2中使用刷新令牌更新访问令牌? - How to renew access token with the refresh token in oauth2 in spring? 从 OAuth2 refresh_token 设置 Spring WebClient 过滤器 - Setup Spring WebClient filter from an OAuth2 refresh_token Spring Secuity 5:持久化和访问 Oauth2 刷新令牌 - Spring Secuity 5: Persist and access Oauth2 refresh token Spring 安全 OAuth2 刷新令牌 - IllegalStateException,需要 UserDetailsS​​ervice - Spring security OAuth2 Refresh Token - IllegalStateException, UserDetailsService is required
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM