spring - Spring webflux oauth2 资源服务器自动配置身份验证转换器
问题描述
有人知道为什么我需要下面的代码线才能让它工作吗?
我认为它应该通过配置 Bean 自动应用?
.jwtAuthenticationConverter(reactiveJwtAuthenticationConverter()) //<-- 为什么我需要这条线???
@Configuration
@EnableWebFluxSecurity
@EnableReactiveMethodSecurity
@Import(LabcubeOAuth2SecurityConfiguration.class)
public class RestServiceOAuthConfig {
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange()
.pathMatchers("/api/v1/*/"+ ResourceType.SHARED.toString()).permitAll()
.pathMatchers("/api/v1/**").hasAnyAuthority(LabcubeOAuth2SecurityConfiguration.ALL_ACCESS_SCOPE, LabcubeOAuth2SecurityConfiguration.ADMIN_ROLE, LabcubeOAuth2SecurityConfiguration.SUPPORT_ROLE)
.pathMatchers("/api/**").authenticated()
.and().oauth2ResourceServer().jwt()
.jwtAuthenticationConverter(reactiveJwtAuthenticationConverter()) //<-- WHY DO I NEED THIS LINE???
;
return http.build();
}
@Bean
public ReactiveJwtAuthenticationConverter reactiveJwtAuthenticationConverter(){
JwtGrantedAuthoritiesConverter grantedAuthoritiesConverterRoles = new JwtGrantedAuthoritiesConverter();
grantedAuthoritiesConverterRoles.setAuthoritiesClaimName("role");
grantedAuthoritiesConverterRoles.setAuthorityPrefix("");
JwtGrantedAuthoritiesConverter grantedAuthoritiesConverterScopes = new JwtGrantedAuthoritiesConverter();
grantedAuthoritiesConverterScopes.setAuthoritiesClaimName("scope");
grantedAuthoritiesConverterScopes.setAuthorityPrefix("");
ReactiveJwtAuthenticationConverter jwtAuthenticationConverter = new ReactiveJwtAuthenticationConverter();
jwtAuthenticationConverter.setJwtGrantedAuthoritiesConverter(jwt -> Flux.fromStream(Stream.concat(grantedAuthoritiesConverterRoles.convert(jwt).stream(), grantedAuthoritiesConverterScopes.convert(jwt).stream())));
return jwtAuthenticationConverter;
}
}
解决方案
推荐阅读
- c - 尝试一个基本的音频电平出纳器,但它给出了错误的答案
- html - CSS 3D 垂直翻转效果动画看起来不正确
- c# - 我在 C# 中的网页抓取和 html 敏捷包有错误
- c# - 将日期范围拆分为几个特定的日期范围块
- jquery - 实时侦听器中复杂 jquery 选择器的语法
- java - 使用 Retrofit 和 Sugar ORM 获取数据(制作书签按钮)
- java - Android Studio Sqlite 数据库
- mysql - 带有参数的Mysql ODBC Select命令 - 不起作用
- string - 就地字符串操作以进行字符计数
- javascript - 给定一个带有键、Val 对的 JavaScript 对象,在 D3.js 中反转数据数组