[英]Spring Boot: Calling an OAuth2 protected REST service
I have an existing REST API built using Spring Boot.我有一个现有的 REST API 使用 Spring 引导构建。 On one of my functions on the service layer, I need to call an external REST service that is protected by OAuth2 (client-credentials).在服务层上的一项功能中,我需要调用受 OAuth2(客户端凭据)保护的外部 REST 服务。
Using Spring Boot 2.3, I realized OAuth2RestTemplate
is deprecated, so I went with using WebClient
.使用 Spring Boot 2.3,我意识到OAuth2RestTemplate
已被弃用,所以我使用WebClient
。
Following this tutorial - https://www.baeldung.com/spring-webclient-oauth2 , I now have my WebClientConfig
class as follows:按照本教程 - https://www.baeldung.com/spring-webclient-oauth2 ,我现在有我的WebClientConfig
class 如下:
@Configuration
class WebClientConfig {
@Bean
fun webClient(
clientRegistrations: ClientRegistrationRepository?,
authorizedClients: OAuth2AuthorizedClientRepository?): WebClient? {
val oauth2 = ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients)
oauth2.setDefaultOAuth2AuthorizedClient(false)
oauth2.setDefaultClientRegistrationId("test")
return WebClient.builder()
.apply(oauth2.oauth2Configuration())
.build()
}
}
And in my properties file, I have:在我的属性文件中,我有:
spring:
security:
oauth2:
client:
registration:
test:
client-id: <redacted>
client-secret: <redacted>
authorization-grant-type: client_credentials
provider:
test:
token-uri: <redacted>
I can't even tell if this is working or not, because I keep getting the following error when accessing a different endpoint on my API that has nothing to do with this OAuth2 authentication:我什至无法判断这是否有效,因为在访问与此 OAuth2 身份验证无关的 API 上的不同端点时,我不断收到以下错误:
java.lang.IllegalArgumentException: Invalid Authorization Grant Type (client_credentials) for Client Registration with Id: test
I'm at my wits end because I can't overcome this issue... any help would be very appreciated!我束手无策,因为我无法克服这个问题......任何帮助将不胜感激! Thanks!谢谢!
This is working for me:这对我有用:
@Bean
public WebClient webClient(OAuth2AuthorizedClientManager authorizedClientManager) {
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2Client = new ServletOAuth2AuthorizedClientExchangeFilterFunction(
authorizedClientManager);
oauth2Client.setDefaultClientRegistrationId("test");
return WebClient.builder()
.apply(oauth2Client.oauth2Configuration())
.build();
}
@Bean
public OAuth2AuthorizedClientManager authorizedClientManager(
ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository) {
OAuth2AuthorizedClientProvider authorizedClientProvider = OAuth2AuthorizedClientProviderBuilder.builder()
.refreshToken()
.clientCredentials()
.build();
DefaultOAuth2AuthorizedClientManager authorizedClientManager = new DefaultOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientRepository);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
return authorizedClientManager;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.