Spring boot下自定义spring oauth2的授权页面

自定义WhitelabelApprovalEndpoint的/oauth/confirm_access页面内容有两种方法:

  1. 通过在@Controller注解的类下再添加@SessionAttributes("authorizationRequest")注解.
    import javax.servlet.http.HttpServletRequest;
    
    import org.springframework.stereotype.Controller;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.SessionAttributes;
    
    @Controller
    @SessionAttributes("authorizationRequest")
    public class OAuth2ApprovalController {
    
      @RequestMapping("/oauth/confirm_access")
      public String getAccessConfirmation(Map<String, Object> model, HttpServletRequest request)
          throws Exception {
    
        return "oauth/oauth_approval";
      }
    
    }
    
     需要注意的地方是@Controller下必须有@SessionAttributes注解,以及相同的@RequestMapping("/oauth/confirm_access")地址。
  2. 另一种是直接在AuthorizationServerEndpointsConfigurer类下通过pathMapping(default,new)来映射新的地址
    @Configuration
    @EnableAuthorizationServer
    public class OAuth2Config extends AuthorizationServerConfigurerAdapter {
    
      @Resource(name = "mongoClientDetailsService")
      protected ClientDetailsService clientDetailsService;
    
      @Resource(name = "mongoAuthorizationCodeServices")
      protected AuthorizationCodeServices authorizationCodeServices;
    
      @Resource
      protected AuthenticationManager authenticationManager;
    
      protected OAuth2RequestFactory requestFactory;
    
      @Resource(name = "oAuth2AccessDeniedHandler")
      AccessDeniedHandler accessDeniedHandler;
    
    
      @Bean(name = "tokenStore")
      public TokenStore tokenStore() {
        return new MongoTokenStore();
      }
    
      @Bean
      public ApprovalStore approvalStore() {
        TokenApprovalStore approvalStore = new TokenApprovalStore();
        approvalStore.setTokenStore(tokenStore());
        return approvalStore;
      }
    
    
    
      // AuthenticationSuccessHandler authenticationSuccessHandler() {
      // return new OAuth2AuthenticationSuccessHandler();
      // }
    
      // AuthenticationFailureHandler authenticationFailureHandler() {
      // return new OAuth2AuthenticationFailureHandler();
      // }
    
    
      @Override
      public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.withClientDetails(clientDetailsService);
      }
    
    
      @Override
      public void configure(AuthorizationServerSecurityConfigurer oauthServer) throws Exception {
        // 允许表单鉴权
        oauthServer.allowFormAuthenticationForClients().accessDeniedHandler(accessDeniedHandler);
      }
    
      private AuthorizationServerTokenServices tokenServices() {
        CusTokenServices tokenServices = new CusTokenServices();
        tokenServices.setTokenStore(tokenStore());
        tokenServices.setSupportRefreshToken(true);
        tokenServices.setClientDetailsService(clientDetailsService);
        return tokenServices;
      }
    
      private OAuth2RequestFactory requestFactory() {
        if (requestFactory != null) {
          return requestFactory;
        }
        requestFactory = new DefaultOAuth2RequestFactory(clientDetailsService);
        return requestFactory;
      }
    
      private TokenGranter tokenGranter() throws Exception {
        List<TokenGranter> tokenGranters = new ArrayList<TokenGranter>();
        tokenGranters.add(new AuthorizationCodeTokenGranter(tokenServices(), authorizationCodeServices,
            clientDetailsService, requestFactory()));
        tokenGranters
            .add(new RefreshTokenGranter(tokenServices(), clientDetailsService, requestFactory()));
        tokenGranters
            .add(new ImplicitTokenGranter(tokenServices(), clientDetailsService, requestFactory()));
        tokenGranters.add(
            new ClientCredentialsTokenGranter(tokenServices(), clientDetailsService, requestFactory()));
        tokenGranters.add(new ResourceOwnerPasswordTokenGranter(authenticationManager, tokenServices(),
            clientDetailsService, requestFactory()));
        TokenGranter tokenGranter = new CompositeTokenGranter(tokenGranters);
        return tokenGranter;
      }
    
    
    
      @Override
      public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.approvalStore(approvalStore()).authorizationCodeServices(authorizationCodeServices)
            .tokenStore(tokenStore()).tokenGranter(tokenGranter());
        endpoints.pathMapping("/oauth/confirm_access", "/extenal/oauth/confirm_access");
    
      }
    
    }
     再添加一个普通的@Controller类即可
    @Controller
    //@SessionAttributes("authorizationRequest")
    public class OAuth2ApprovalController {
    
      @RequestMapping("/oauth/confirm_access")
      public String getAccessConfirmation(Map<String, Object> model, HttpServletRequest request)
          throws Exception {
    
        return "oauth/oauth_approval";
      }
    
    }
    
     此种方式不需要再配置@SessionAttributes注解了

 自定义了WhitelabelApprovalEndpoint后,那么WhitelabelErrorEndpoint就不多说了。

.

展开阅读全文

没有更多推荐了,返回首页