spring-boot - 如何删除 hasAuthority 中的 SCOPE_ 前缀
问题描述
这是我的象征性回应。但 Spring 自动添加 SCOPE_ 前缀。如何在 Spring Boot 中配置 ScopeVoter.setScopePrefix(String scopePrefix)。请帮助我。谢谢
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI1MkRsOVNTMlREY0M5SkFtZmZ3ZE1BNjJkbFBreDlFMDdRSnhObF9sVDNJIn0.eyJleHAiOjE2MDQwMjM0MDEsImlhdCI6MTYwNDAyMzEwMSwianRpIjoiMTZkMDBjNzEtYTRiZS00MGNhLTk4NjUtZGQxNGVlYmU5MGFjIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21pY3Jvc2VydmljZSIsInN1YiI6IjFkYTEzZGMzLTI0NDUtNGVlNC1iMWE1LTM2NzZjNjIyNjg5NyIsInR5cCI6IkJlYXJlciIsImF6cCI6Im1vYmlsZXJldGFpbCIsInNlc3Npb25fc3RhdGUiOiIyYjM2MzFkYi05ZjAyLTQyMjktOTM4NC1kNDQxYzRjZjY3NTEiLCJhY3IiOiIxIiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb2JpbGVyZXRhaWwiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX19LCJzY29wZSI6InBob25lIHByb2ZpbGUgZW1haWwiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9iaWxlcmV0YWlsIiwiY2xpZW50SG9zdCI6IjEyNy4wLjAuMSIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1tb2JpbGVyZXRhaWwiLCJjbGllbnRBZGRyZXNzIjoiMTI3LjAuMC4xIn0.L0miTQSm1C_vQdE4DxW4h27R3qphjZ97JVOaoRDkAyiWSu26NpiNH0hBF3_iJ4RUlDm6pjOMQvRntVcpouV7gtTd4Pvi9bkxPI6je-LEhIXHeDsFpMeNIy9T7YyfICsQQULLzwJ9uNDAWcsgSIGAqHcCaHtSh3X3PUyDQtFth8JBqUGESyzqAQ2F2ydtQC4TBe7l6bKeU0hO0rVFWTBOB8KZm4NaV2xgyy3KSkr_iSNctidTyXDQZBIKJsVqUH8uUcCMxsdqVHmMY9i_Sr_GzbMBGNnVeQpvLiqN3yHgwTXJA58Ttt5LL4yOmtJEG7Qj9gESxAmkj1_WKqmhNWp7oA",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxOGM5ZmRiNy1mNzQ0LTQ2ZjktODQ4Ni0wMTFjNWVkOWNkZDIifQ.eyJleHAiOjE2MDQwMjQ5MDEsImlhdCI6MTYwNDAyMzEwMSwianRpIjoiOTY5ZGMzZTEtMWVhOC00YThkLWIxOTEtZDhlNDg1YTU2ZWVkIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21pY3Jvc2VydmljZSIsImF1ZCI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hdXRoL3JlYWxtcy9taWNyb3NlcnZpY2UiLCJzdWIiOiIxZGExM2RjMy0yNDQ1LTRlZTQtYjFhNS0zNjc2YzYyMjY4OTciLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoibW9iaWxlcmV0YWlsIiwic2Vzc2lvbl9zdGF0ZSI6IjJiMzYzMWRiLTlmMDItNDIyOS05Mzg0LWQ0NDFjNGNmNjc1MSIsInNjb3BlIjoicGhvbmUgcHJvZmlsZSBlbWFpbCJ9.wZtoxah1dofhZOoMfODG2faFIivjjlTIxVeMJgu_Gm8",
"token_type": "bearer",
"not-before-policy": 0,
"session_state": "2b3631db-9f02-4229-9384-d441c4cf6751",
"scope": "phone profile email"
hasAuthority('SCOPE_phone') 工作,但 hasAnyAuthority('phone') 不工作
@RequestMapping(value = "/user", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('SCOPE_phone')")
public ResponseEntity<String> getUser() {
return ResponseEntity.ok("Hello User");
}
@RequestMapping(value = "/test", method = RequestMethod.GET)
@PreAuthorize("hasAnyAuthority('phone')")
public ResponseEntity<String> test() {
return ResponseEntity.ok("Hello test");
}
解决方案
我在我们的一个应用程序中像下面这样管理它。您是否尝试过自定义 AccessDecisionManager 以使用 NoPrefix 注入 ScopeVoter。因为默认是SCOPE_。因为我找不到 SCOPE_ 前缀的开箱即用配置。
@Configuration
@EnableWebSecurity
public class ApplicationSecurityConfiguration extends WebSecurityConfigurerAdapter {
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.and()
....
....
....
....
.permitAll();
http.authorizeRequests()
.accessDecisionManager(accessDecisionManager()); // passed custom access decision manager
}
@Bean
public AccessDecisionManager accessDecisionManager() {
java.util.List<AccessDecisionVoter<? extends Object>> decisionVoters
= Arrays.asList(
new WebExpressionVoter(), // You can add or remove the Role voters as per need
new RoleVoter(), // For ROLE_ prefix
new AuthenticatedVoter(),
scopeVoterWithNoPrefix() // Get instance of ScopeVoter
);
return new UnanimousBased(decisionVoters);
}
@Bean
public ScopeVoter scopeVoterWithNoPrefix() {
ScopeVoter scopeVoter = new ScopeVoter();
scopeVoter.setScopePrefix("")
return scopeVoter;
}
}
推荐阅读
- selenium - 尝试从 RedBus.com 选择继续日期
- javascript - 多选复选框的 Javascript 验证
- java - Swagger codegen 服务器端工作流程
- reactjs - 并非所有的触摸事件都在 array.map react 中触发
- python - Django/Python 'int' 对象不可下标
- windows - NASM 64 中 Windows API 中的 CreateFileA:参数不正确,但哪个参数?
- reactjs - 如何以样式在快照中的方式从使用材质 ui 样式创建的组件中进行快照
- android - 使用 setOnClickListener 并获取“潜在 NullPointerException。某些布局版本中缺少资源
- java - JDK术语解释
- java - Java 中的 Apache-POI 不返回计算的单元格值