这可能不是一个简单的解决方案.但最终设法通过以下代码在oauth请求上设置代理.
注册过滤器
@Override
protected void configure(HttpSecurity http) throws Exception {
// @formatter:off
http.antMatcher("/**")
.authorizeRequests().antMatchers("/webjars/**", "/scripts/**", "/styles/**", "/instances/**", "/#/invalid").permitAll()
.anyRequest().authenticated()
.and().csrf().csrfTokenRepository(csrfTokenRepository())
.and().addFilterAfter(csrfHeaderFilter(), CsrfFilter.class)
.addFilterBefore(oauthFilter(), BasicAuthenticationFilter.class);
// @formatter:on
super.configure(http);
}
验证过滤器
@Autowired
OAuth2ClientContext oauth2ClientContext;
@Autowired
OAuth2ProtectedResourceDetails resource;
@Autowired
ResourceServerProperties resourceServer;
@Autowired
RequestHelper requestHelper;
private Filter oauthFilter() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
OAuth2ClientAuthenticationProcessingFilter oauthFilter = new OAuth2ClientAuthenticationProcessingFilter("/login");
OAuth2RestTemplate oauthTemplate = new OAuth2RestTemplate(resource, oauth2ClientContext);
OAuth2AccessTokenSupport authAccessProvider = new AuthorizationCodeAccessTokenProvider();
// Set request factory for '/oauth/token'
authAccessProvider.setRequestFactory(requestHelper.getRequestFactory());
AccessTokenProvider accessTokenProvider = new AccessTokenProviderChain(Arrays. asList(
(AuthorizationCodeAccessTokenProvider)authAccessProvider));
oauthTemplate.setAccessTokenProvider(accessTokenProvider);
// Set request factory for '/userinfo'
oauthTemplate.setRequestFactory(requestHelper.getRequestFactory());
oauthFilter.setRestTemplate(oauthTemplate);
UserInfoTokenServices userInfoTokenService = new UserInfoTokenServices(resourceServer.getUserInfoUri(), resource.getClientId());
userInfoTokenService.setRestTemplate(oauthTemplate);
oauthFilter.setTokenServices(userInfoTokenService);
return oauthFilter;
}
请求帮助程序代码
@Configuration
public class RequestHelper {
@Value("${proxy.hostname}")
private String proxyHost;
@Value("${proxy.port}")
private int proxyPort;
@Value("${proxy.username}")
private String proxyUser;
@Value("${proxy.password}")
private String proxyPassword;
@Value("${useProxy}")
private boolean useProxyFlag;
@Value("${skipSslValidation}")
private Boolean skipSslValidationFlag;
public HttpComponentsClientHttpRequestFactory getRequestFactory() throws KeyManagementException, NoSuchAlgorithmException, KeyStoreException {
HttpClientBuilder httpClientBuilder = HttpClients.custom();
// Skip SSL validation based on condition
if (skipSslValidationFlag) {
TrustStrategy acceptingTrustStrategy = (X509Certificate[] chain, String authType) -> true;
SSLContext sslContext = org.apache.http.ssl.SSLContexts.custom()
.loadTrustMaterial(null, acceptingTrustStrategy)
.build();
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext);
httpClientBuilder = httpClientBuilder.setSSLSocketFactory(csf);
}
// Set proxy based on condition
if (useProxyFlag) {
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(proxyUser, proxyPassword));
httpClientBuilder = httpClientBuilder.setProxy(new HttpHost(proxyHost, proxyPort));
httpClientBuilder = httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider);
}
CloseableHttpClient httpClient = httpClientBuilder.build();
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
requestFactory.setHttpClient(httpClient);
return requestFactory;
}
}