![](/img/trans.png)
[英]Unable to pass the extra parameter to Spring-Security with OAuth2.0
[英]Spring Security with oAuth2.0 and form login
在我的 Spring 啟動應用程序中,我使用基於表單的登錄和基於 oAuth2.0 的 Google 登錄,我的安全配置定義為
http
.cors()
.and()
.sessionManagement()
.sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.csrf().disable()
.authorizeRequests()
.antMatchers("/oauth2/**").permitAll()
.anyRequest().authenticated()
.and()
.addFilter(new JWTAuthenticationFilter(authenticationManager()))
.addFilter(jwtAuthorizationFilter)
.formLogin()
.and()
.oauth2Login()
.authorizationEndpoint()
.authorizationRequestRepository(httpCookieOAuth2AuthorizationRequestRepository)
.and()
.userInfoEndpoint()
.userService(customOAuth2UserService)
.and()
.successHandler(oAuth2AuthenticationSuccessHandler)
.failureHandler(oAuth2AuthenticationFailureHandler);
我正在使用 JWT 進行無狀態身份驗證,對於基於表單的登錄JWTAuthenticationFilter
處理身份驗證如下。
JWTAuthenticationFilter
public class JWTAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
//code to authenticate user and generate JWT
}
JWTAuthorizationFilter
為后續請求驗證 JWT,如下所示。
JWTAuthorizationFilter
public class JWTAuthorizationFilter extends BasicAuthenticationFilter {
// code to perform authorization
}
現在來到 OAuth2.0, customOAuth2UserService
會注冊新用戶並更新現有用戶信息。 OAuth2AuthenticationSuccessHandler
在成功的 OAuth2.0 身份驗證時生成 JWT。 現在功能方面,表單登錄和 OAuth2.0 都可以正常工作,但是我正在嘗試解決一些需要幫助的小問題。
問題
http://localhost:8080/login
,我會在 HTML 表單中登錄,其中 Google 登錄作為響應正文,200 作為狀態碼,理想情況下我想要 400 錯誤請求或其他東西。我缺少哪些配置,我可以更改哪些配置來解決這些問題。
對於第二個問題,您可以為 HTTP 安全配置添加這個
.exceptionHandling().authenticationEntryPoint(jwtUnAuthorizedResponseAuthenticationEntryPoint)
然后自動連接 class 中的 jwtUnAuthorizedResponseAuthenticationEntryPoint 並像這樣定義 JwtUnAuthorizedResponseAuthenticationEntryPoint class
import java.io.IOException;
import java.io.Serializable;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
@Component
public class JwtUnAuthorizedResponseAuthenticationEntryPoint implements AuthenticationEntryPoint, Serializable {
// they is always a generic message that is showed when the unauthenticated user
// user makes a request
// here in this class we will override and show what we want to show to an
// unauthorized user
// this is called internally
private static final long serialVersionUID = -8970718410437077606L;
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED,
"You would need to provide the Jwt Token to Access This resource");
}
}
它會拋出你想要的 401 錯誤
public static final int SC_UNAUTHORIZED = 401;
在public interface HttpServletResponse extends ServletResponse
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.