spring-security - Spring Security - OAuth 2.0 客户端 - 客户端凭证授予
问题描述
我想使用客户端凭据授予生成访问令牌 https://docs.spring.io/spring-security/site/docs/5.4.6/reference/html5/#oauth2Client-client-creds-grant
我们正在使用 Spring Security 5.4.6
我导入了这些依赖项:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-resource-server</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
这是一个资源服务器,它还必须根据 cron 计划发出服务器到服务器的身份验证请求。这就是为什么我需要resource-server
和oauth2-client
依赖项。
spring:
security:
oauth2:
resourceserver:
jwt:
jwk-set-uri: https://auth.pingone.com/...
client:
provider:
pingidentity:
token-uri: https://auth.pingone.com/.../as/token
registration:
pingidentity:
client-id: "69bxxxxx..."
client-secret: "Xxxxx"
scope: openid
authorization-grant-type: "client_credentials"
@Bean
public OAuth2AuthorizedClientManager authorizedClientManager(
ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository ) {
OAuth2AuthorizedClientProvider authorizedClientProvider =
OAuth2AuthorizedClientProviderBuilder.builder()
.clientCredentials()
.build();
DefaultOAuth2AuthorizedClientManager authorizedClientManager =
new DefaultOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientRepository );
authorizedClientManager.setAuthorizedClientProvider( authorizedClientProvider );
return authorizedClientManager;
}
protected void setSecurityContext() {
OAuth2AuthorizeRequest authorizeRequest = OAuth2AuthorizeRequest.withClientRegistrationId( "pingidentity" )
.principal( "69bbfc70-8fcf-4740-a11a-b86562d1c9f8" )
// .attributes( attrs -> {
// attrs.put( HttpServletRequest.class.getName(), servletRequest );
// attrs.put( HttpServletResponse.class.getName(), servletResponse );
// } )
.build();
OAuth2AuthorizedClient authorizedClient = this.authorizedClientManager.authorize( authorizeRequest );
OAuth2AccessToken accessToken = authorizedClient.getAccessToken();
}
我收到此错误:java.lang.IllegalArgumentException: servletRequest cannot be null at org.springframework.util.Assert.notNull(Assert.java:201) at org.springframework.security.oauth2.client.web.DefaultOAuth2AuthorizedClientManager.authorize (DefaultOAuth2AuthorizedClientManager.java:144) 在 com.edlogics.heathrow.api.scheduling.jobs.AbstractSchedulerJob.setSecurityContext(AbstractSchedulerJob.java:42) 在 com.edlogics.heathrow.api.scheduling.jobs.CheckForMissingCacheEntriesJob.execute(CheckForMissingCacheEntriesJob.java :32) 在 org.quartz.core.JobRunShell.run(JobRunShell.java:202) 在 org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)
如何在 Web 请求之外使用客户端凭据授权?
解决方案
推荐阅读
- react-native - mapbox 中的离线服务反应原生
- python-3.x - 需要帮助来抓取“显示更多”按钮
- angularjs - 将 Microsoft 身份验证链接到 AngularJS SPA 前端
- floating-point - 如何将浮点数限制为小数点后1位
- node.js - 测试异步函数未抛出的错误
- javascript - 使用 nginx 和 pm2 时出现 Requrie 堆栈错误
- scorm - 如何保存和检索学生的回答 SCORM?
- python - Django REST API 追随者系统
- python - 如何在python中用转义版本替换特殊字符
- python - apt - dpkg python-rpi.gpio 依赖问题