I m 制作一个网络相片器,在社会标识中要求的直线地址在网络环境与信号环境之间有所不同。 我愿像社会标志要求那样,确定最后的再方向。
http:// localhost:80/auth/oauth2/authorize/google?redirect_uri=bar://。
是否有办法解决这一问题?
I wanted to intercept the first request in the OAuth2 filter and pass the redirect_uri to the final successHandler, but I couldn t find a way to do it.
不同的直接地址按不同的日志客户返回?
@Bean
public SecurityFilterChain filterChain(HttpSecurity http,ClientRegistrationRepository clientRegistrationRepository ) throws Exception {
return http
.csrf(AbstractHttpConfigurer::disable)
.oauth2Login(c -> c.authorizationEndpoint(cc->cc.authorizationRequestResolver(new CustomOAuth2AuthorizationRequestResolver(clientRegistrationRepository))))
.authorizeHttpRequests(c -> c.anyRequest().authenticated())
.build();
}
static class CustomOAuth2AuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver{
private final OAuth2AuthorizationRequestResolver resolver;
public CustomOAuth2AuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {
DefaultOAuth2AuthorizationRequestResolver resolver =
new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository, OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
resolver.setAuthorizationRequestCustomizer(builder -> {
if (isWebLogin()) {
builder.redirectUri("foo://");
}else if (isAppLogin()) {
builder.redirectUri("bar://");
}
});
this.resolver = resolver;
}
@Override
public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
return resolver.resolve(request);
}
@Override
public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String clientRegistrationId) {
return resolver.resolve(request,clientRegistrationId);
}
}
I have a java web application using spring framework and spring security for its login. In my database I have my passwords encrypted to MD5 before being saved. I added in my application-config.xml ...
I need to implement the oauth spring persistence for RandomValueProviderTokenServices class. The class that needs to be stored according to the abstract protected methods of the ...
Which is the best security solution for grails among acegi, jsecurity and Stark security?
I need to authenticate a user in a page based on the remember me cookie, inspired by this site: Tutorial for checking spring authentication, I came up with a solution for checking the authentication. ...
I m trying to get Tuckey UrlRewriteFilter to tidy up URLs for my webapp. One problem I ve got is that when spring-security notices that an anonymous user is trying to access a protected resource it ...
I m searching for the best way to handle view-level authorization (where you hide markup based on a user s roles). The typical way to do this is with the Acegi Security authz tag, as follows: <...
I m currently working on a project were we use freemarker as a template language. Instead of using the defualt login form I have created a custom controller and a custom freemarker view which goes ...
I m developing a webapp which allows for two types for users - User and Admin. There s are two parts of the site - the User side, and the Admin side. I m using Spring Security to secure both sites ...