Spring 在主体中启动 OAuth2RestTemplate 客户端凭据
[英]Spring Boot OAuth2RestTemplate Client Credentials in Body
问题描述
I was trying to configure a Spring Boot OAuth2RestTemplate to issue an access token for an OAuth2 Resource Server.
我试图配置 Spring Boot OAuth2RestTemplate 来为 OAuth2 资源服务器颁发访问令牌。 The Resource Server only accepts the credentials in the Request Body.资源服务器只接受请求主体中的凭据。
Something like this:是这样的:
grant_type: "client_credentials"
scope: ""
client_id: "client"
client_secret: "superdupersecret"
In Postman I can archive this by selecting "Send client credentials in body" in the "Get new access token" dialog.在 Postman 中,我可以通过在“获取新访问令牌”对话框中选择“在正文中发送客户端凭据”来存档它。
However, I need to get this token in my Spring Boot application.但是,我需要在我的 Spring 引导应用程序中获取此令牌。 I debugged the OAuth2RestTemplate (and the classes used by the template) but couldn't find a way to configure it to send the credentials as request body.我调试了 OAuth2RestTemplate(以及模板使用的类),但找不到配置它以将凭据作为请求正文发送的方法。
Am I completely on the wrong track here or just missing something?我是完全走错了路还是只是错过了什么?
Currently I configure the template like this:目前我这样配置模板:
private fun resourceDetails(): BaseOAuth2ProtectedResourceDetails? {
val resourceDetails: BaseOAuth2ProtectedResourceDetails = ClientCredentialsResourceDetails()
resourceDetails.id = clientId
resourceDetails.clientId = clientId
resourceDetails.clientSecret = clientSecret
resourceDetails.accessTokenUri = accessTokenUri
//resourceDetails.clientAuthenticationScheme = AuthenticationScheme.header
return resourceDetails
}
I found the clientAuthenticationScheme parameter but only query, form and header are supported我找到了clientAuthenticationScheme参数但是只支持查询,表单和header
2 个解决方案
解决方案1
1 2021-04-20 06:35:06
You must use AuthenticationScheme.form in clientAuthenticationScheme and authenticationScheme to put the data in the body with content type application/x-www-form-urlencoded.您必须在 clientAuthenticationScheme 和 authenticationScheme 中使用 AuthenticationScheme.form 将数据放入内容类型为 application/x-www-form-urlencoded 的正文中。 It works for me.这个对我有用。
The request will be something like that:请求将是这样的:
POST /auth/oauth/v2/token HTTP/1.1
Host: localhost:8080
Content-Type: application/x-www-form-urlencoded
Content-Length: 136
client_id=user1&client_secret=pass1&grant_type=client_credentials&scope=admin
解决方案2
0 2022-09-16 17:19:28
For future reference, the correct answer is setting the client authentication method to client_secret_post in the client registration configuration.为了将来参考,正确答案是在客户端注册配置中将客户端身份验证方法设置为client_secret_post 。 It should be something like this应该是这样的
private fun resourceDetails(): BaseOAuth2ProtectedResourceDetails? {
val resourceDetails: BaseOAuth2ProtectedResourceDetails = ClientCredentialsResourceDetails()
resourceDetails.id = clientId
resourceDetails.clientId = clientId
resourceDetails.clientSecret = clientSecret
resourceDetails.accessTokenUri = accessTokenUri
resourceDetails.clientAuthenticationMethod = ClientAuthenticationMethod.CLIENT_SECRET_POST
return resourceDetails
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.