大佬教程收集整理的这篇文章主要介绍了使用 OAuth,大佬教程大佬觉得挺不错的,现在分享给大家,也给大家做个参考。
大家好,我正在尝试将 Saml 身份验证添加到当前使用 OAuth2 密码登录表单并生成 JWT 令牌以启用对客户端的访问的 Spring Boot 应用程序。
目前我有一个端点,用于接收和解码 SAML 请求。现在我想以某种方式触发“登录”机制。我看到它似乎是从 WebSecurityConfig 类控制的,并最终在 JWTLoginFilter 成功/不成功方法中生成令牌。
IDP 设置为重定向到我的端点 /saml/authenticate:
@PostMapPing(value = "/saml/authenticate")
@ResponseBody
public String getSamlAzureResponse(@requestParam String SAMLResponse,httpServletResponse servletResponsE) throws Exception {
Response response = responseManager.processSAMLResponse(SAMLResponsE);
这是我的 WebSecurityConfig 配置方法:
protected voID configure(httpSecurity http) throws Exception {
UserInfoservice userInfoservice = applicationContext.getBean(UserInfoservice.class);
UserLockoutservice userLockoutservice = applicationContext.getBean(UserLockoutservice.class);
GetTokenservice getTokenservice = applicationContext.getBean(GetTokenservice.class);
TokenAuthenticationManager tokenAuthenticationManager = new TokenAuthenticationManager();
tokenAuthenticationManager.setUserDetailsservice(userDetailsservicE);
tokenAuthenticationManager.setGetTokenservice(getTokenservicE);
tokenAuthenticationManager.setUserInfoservice(userInfoservicE);
JWTAuthenticationFilter jwtTokenAuthenticationFilter = new JWTAuthenticationFilter("/web/**",Arrays.asList(permitAll),jwtTimeout,getTokenservice,failureHandler,requestCachE);
jwtTokenAuthenticationFilter.setAuthenticationManager(tokenAuthenticationManager);
JWTAuthenticationFilter jwtAuthenticationFilterSwagger =
new JWTAuthenticationFilter("/swagger-ui.HTML",requestCachE);
jwtAuthenticationFilterSwagger.setAuthenticationManager(tokenAuthenticationManager);
JWTAuthenticationFilter jwtAuthenticationFilteroauth =
new JWTAuthenticationFilter("/oauth/authorize",requestCachE);
jwtAuthenticationFilteroauth.setAuthenticationManager(tokenAuthenticationManager);
JWTAuthenticationFilter jwtAuthenticationFilterIndex =
new JWTAuthenticationFilter("/",requestCachE);
jwtAuthenticationFilterIndex.setAuthenticationManager(tokenAuthenticationManager);
jwtAuthenticationFilterIndex.setRedirectExpired@R_616_5279@;
JWTLoginFilter jwtLoginFilter = new JWTLoginFilter(
"/web/login","/web/dashboard_personal",requestCache,userSecurityservicE);
jwtLoginFilter.setAuthenticationManager(tokenAuthenticationManager);
jwtLoginFilter.setTokenAuthenticationservice(getTokenservicE);
jwtLoginFilter.setUserDetailsservice(userDetailsservicE);
jwtLoginFilter.setpasswordEncoder(passwordEncoder);
jwtLoginFilter.setUserLockoutservice(userLockoutservicE);
jwtLoginFilter.setPublisher(publisher);
http
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.addFilterBefore(jwtLoginFilter,UsernamepasswordAuthenticationFilter.class)
.addFilterBefore(jwtAuthenticationFilteroauth,UsernamepasswordAuthenticationFilter.class)
//.addFilterBefore(jwtAuthenticationFilterSaml,UsernamepasswordAuthenticationFilter.class)
.addFilterBefore(jwtTokenAuthenticationFilter,UsernamepasswordAuthenticationFilter.class)
.addFilterBefore(jwtAuthenticationFilterSwagger,UsernamepasswordAuthenticationFilter.class)
.addFilterBefore(jwtAuthenticationFilterIndex,UsernamepasswordAuthenticationFilter.class)
.addFilterafter(new WeBACcountValIDationFilter(userAuthservice,setTingsservicE),JWTAuthenticationFilter.class)
.headers()
.addheaderWriter(new StaticheadersWriter("Server","R2W server"))
.addheaderWriter(new StaticheadersWriter("Cache-Control","no-cache,no-store,max-age=0,must-revalIDate"))
.addheaderWriter(new StaticheadersWriter("Pragma","no-cache"))
.addheaderWriter(new StaticheadersWriter("Expires","0"))
.and()
.requestMatchers()
.antMatchers("/dashboard/**","/web/**","/swagger-ui.HTML","/","/oauth/authorize").and()
.authorizerequests()
.antMatchers(permitAll).permitAll()
.anyrequest().authenticated()
.and()
.exceptionHandling()
.accessDenIEdPage("/access_denIEd")
.and()
.csrf()
.csrftokenRepository(new CustomcatsrftokenRepository(new cookieCsrftokenRepository()))
.and()
.formLogin()
.loginPage("/web/login")
.failureHandler(failureHandler)
.successHandler(authenticationsuccessHandler())
.defaultsuccessUrl("/web/dashboard_personal")
.permitAll();
}
我想知道如何使用来自 IDP 的响应来触发 JWT 的生成,以便对用户进行身份验证。
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)
以上是大佬教程为你收集整理的使用 OAuth全部内容,希望文章能够帮你解决使用 OAuth所遇到的程序开发问题。
如果觉得大佬教程网站内容还不错,欢迎将大佬教程推荐给程序员好友。
本图文内容来源于网友网络收集整理提供,作为学习参考使用,版权属于原作者。
如您有任何意见或建议可联系处理。小编QQ:384754419,请注明来意。