堆栈内存溢出
  简体   繁体   English

使用 OAuth2 中继访问令牌的 Spring 资源服务器

[英]Spring Resource Server with OAuth2 to relay access token

 原文  2020-09-10 15:38:12       java/ spring-oauth2/ oauth2resttemplate

问题描述

I have a Spring Boot Resource Server protected with OAuth2 (KeyCloak).我有一个受 OAuth2 (KeyCloak) 保护的 Spring Boot 资源服务器。 I can access endpoints with Bearer Token.我可以使用 Bearer Token 访问端点。 Now, I want to call another service protected by the Auth Server.现在,我想调用另一个受身份验证服务器保护的服务。 I would like to relay the token.我想中继令牌。 I could not find a clear guide as to how to do it.我找不到关于如何做到这一点的明确指南。

My dependency is:我的依赖是:

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>

My application.yml is like:我的 application.yml 是这样的:

spring:
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: <info>

I am trying to create OAuth2RestTemplate like:我正在尝试创建 OAuth2RestTemplate,例如:

    @Bean
    public OAuth2RestTemplate oauth2RestTemplate(OAuth2ClientContext oauth2ClientContext, OAuth2ProtectedResourceDetails details) {
        return new OAuth2RestTemplate(details, oauth2ClientContext);
    }

But I am getting error:但我收到错误:

required a bean of type 'org.springframework.security.oauth2.client.resource.OAuth2ProtectedResourceDetails' that could not be found.

How can I fix this?我怎样才能解决这个问题?

1 个解决方案

解决方案1
 0  2020-09-14 14:30:27

After a lot research and many trial-and-error, the solutions I came up is:经过大量研究和反复试验,我提出的解决方案是:

Add dependency添加依赖

        <dependency>
            <groupId>org.springframework.security.oauth.boot</groupId>
            <artifactId>spring-security-oauth2-autoconfigure</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.security</groupId>
            <artifactId>spring-security-jwt</artifactId>
            <version>1.1.1.RELEASE</version>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
        </dependency>

And

@EnableOAuth2Client

In application.yml, I aded在 application.yml 中,我添加了

security:
  oauth2:
    keycloak:
      clientId: <CLIENT_ID>
      clientSecret: <CLIENT_SECRET>
      grantType: client_credentials
      accessTokenUri: <URI>
      userAuthorizationUri: <URI>
      scope: openid profile email

Configuration配置


    @Bean
    @ConfigurationProperties("security.oauth2.keycloak")
    protected OAuth2ProtectedResourceDetails keycloakOAuth2Details() {
        return new ClientCredentialsResourceDetails();
    }

    
    @LoadBalanced
    @Bean
    public OAuth2RestTemplate restTemplate(RestTemplateCustomizer customizer) {
        OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(keycloakOAuth2Details);
        customizer.customize(restTemplate);
        return restTemplate;
    }

I am not sure whether the depency it all necessary.我不确定是否有必要依赖它。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无需访问令牌即可访问受弹簧oauth2保护的资源 - Can access spring oauth2 protected resource without access token 带有Spring Boot REST应用程序的OAuth2 - 无法使用令牌访问资源 - OAuth2 with Spring Boot REST application - cannot access resource with token Spring Security OAuth2 JWT令牌中继问题 - Spring Security OAuth2 JWT Token Relay Issue Spring Security OAuth2纯资源服务器 - Spring Security OAuth2 pure resource server Spring以编程方式生成oauth2访问令牌 - Spring generate oauth2 access token programmatically Spring OAuth2资源服务器的Java配置 - Java Configuration for Spring OAuth2 Resource Server Spring security - oauth2 资源服务器测试 - Spring security - oauth2 resource server tests HTTP标头中的Spring OAuth2访问令牌 - Spring OAuth2 Access Token in HTTP Header Spring Oauth2无效的访问令牌 - Spring Oauth2 Invalid access token 从Spring RESTful资源服务器验证OAuth 2.0访问令牌 - validate OAuth 2.0 access token from a Spring RESTful resource server
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM