【发布时间】:2018-12-18 13:00:32
【问题描述】:
我已经成功地为这个请求在 OAuth2 中实现了对新令牌的请求:
curl --request POST --url https://some-autentication-server.com/token --header 'content-type: content-type'
正文提供为:
{
"grant_type"="password",
"username"="username",
"password"="password"
"client_id"="my-client-id"
}
认证后资源服务器 curl 可以访问为:
curl -i -H "authorization: Bearer token-received-from-auth-server" \
-H "accept: application/json" \
-H "request-id: abcdef" \
-H "consent-status: optedIn" \
-X GET https://my-resource-server.com/path
我在 Spring Boot 中使用的配置是这样的:
@EnableOAuth2Client
@Configuration
public class OauthClientConfig {
@Bean
public CloseableHttpClient httpClient() throws Exception {
CloseableHttpClient httpClient = null;
try {
httpClient = HttpClientBuilder.create()
.setProxy(new HttpHost("PROXY_HOST_NAME", 3000, "http"))
.build();
} catch (Exception e) {
throw e;
}
return httpClient;
}
@Bean
public ClientHttpRequestFactory clientHttpRequestFactory(CloseableHttpClient httpClient) throws Exception {
ClientHttpRequestFactory clientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory(httpClient);
((HttpComponentsClientHttpRequestFactory) clientHttpRequestFactory)
.setReadTimeout(10000);
((HttpComponentsClientHttpRequestFactory) clientHttpRequestFactory).setConnectTimeout(10000);
return clientHttpRequestFactory;
}
@Bean
@Qualifier("restTemplate")
@Scope(value = "session", proxyMode = ScopedProxyMode.INTERFACES)
public OAuth2RestOperations restTemplate(OAuth2ProtectedResourceDetails oAuth2Resource,
ClientHttpRequestFactory clientHttpRequestFactory, AccessTokenProvider accessTokenProvider)
throws Exception {
Map<String, String[]> map = new HashMap<>();
AccessTokenRequest tokenRequest = new DefaultAccessTokenRequest(map);
OAuth2RestTemplate restTemplate = new OAuth2RestTemplate(oAuth2Resource,
new DefaultOAuth2ClientContext(tokenRequest));
restTemplate.setRequestFactory(clientHttpRequestFactory);
restTemplate.setAccessTokenProvider(accessTokenProvider);
return restTemplate;
}
@Bean
public AccessTokenProvider accessTokenProvider(ClientHttpRequestFactory clientHttpRequestFactory,
OAuth2ProtectedResourceDetails oAuth2Resource) throws Exception {
ResourceOwnerPasswordAccessTokenProvider accessTokenProvider = new ResourceOwnerPasswordAccessTokenProvider();
accessTokenProvider.supportsRefresh(oAuth2Resource);
accessTokenProvider.setRequestFactory(clientHttpRequestFactory);
return new AccessTokenProviderChain(Arrays.<AccessTokenProvider>asList(accessTokenProvider));
}
@Bean
@Qualifier("oAuth2Resource")
public OAuth2ProtectedResourceDetails oAuth2Resource() {
ResourceOwnerPasswordResourceDetails oAuth2Resource = new ResourceOwnerPasswordResourceDetails();
oAuth2Resource.setId("MY_ID");
oAuth2Resource.setAccessTokenUri("TOKEN_URL");
oAuth2Resource.setClientId("TOKEN_CLIENTID");
oAuth2Resource.setClientSecret("TOKEN_CLIENT_SECRET");
oAuth2Resource.setScope(new ArrayList<String>(Arrays.asList(new String[]{"read"})));
oAuth2Resource.setUsername("TOKEN_USERNAME");
oAuth2Resource.setPassword("TOKEN_PAZZWORD");
oAuth2Resource.setTokenName("access_token");
oAuth2Resource.setGrantType("password");
return oAuth2Resource;
}
}
这适用于新令牌请求,但现在我希望能够编写一个逻辑来实现 refresh_token。理想情况下,我想在令牌到期之前存储令牌,一旦令牌到期达到其到期时间的 90% 左右,刷新令牌逻辑就会运行到身份验证服务器以刷新令牌。刷新令牌逻辑将一直在后台运行。我的问题是如何使用 spring-security-oauth2 库来实现这个逻辑?这个逻辑是否已经在库中实现了,还是我必须自己手动编写逻辑?
【问题讨论】:
-
您找到问题的解决方案了吗?我正在尝试做同样的事情
-
Map
map = new HashMap();你在这张地图中添加了什么?
标签: java spring-boot oauth-2.0 spring-security-oauth2 oauth2client