зеркало из
https://github.com/iharh/notes.git
synced 2025-10-30 13:16:07 +02:00
44 строки
1.5 KiB
Plaintext
44 строки
1.5 KiB
Plaintext
HttpSecurity http
|
|
http.oauth2Login()
|
|
adds OAuth2LoginAuthentionFilter
|
|
|
|
ClientRegistration (represents the client in OAuth2 arch) is also needed
|
|
- client_id
|
|
- client_secret
|
|
- grant_type
|
|
- scopes
|
|
|
|
ClientRegistration cr = ClientRegistration.withRegistrationId("github")
|
|
.clientId("...")
|
|
.clientSecret("...")
|
|
.scope(new String [] {"read:user"})
|
|
.authorizationUri("https://github.com/login/auth/authorize")
|
|
.tokenUri("https://github.com/login/auth/access_token")
|
|
.userInfoUri("https://api.github.com/user") // to get more details about user
|
|
.userNameAttributeId("id")
|
|
.clientName("GitHub")
|
|
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
|
|
.redirectUriTemplate("{baseUrl}/{action}/oauth2/code/{registrationId}")
|
|
.build();
|
|
|
|
https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps
|
|
|
|
CommonOAuth2Provider - partially defines ClientRegistration
|
|
|
|
ClientRegistration cr = CommonOAuth2Provider.GITHUB
|
|
.getBuilder("github")
|
|
.clientId("...")
|
|
.clientSecret("...")
|
|
.build();
|
|
|
|
ClientRegistrationRepository bean (InMemory...) is used by OAuth2LoginAuthentionFilter ...
|
|
|
|
http.oauth2Login(c -> {
|
|
c.clientRegistrationRepository(...);
|
|
});
|
|
|
|
spring boot can fill OAuth2AuthenticationToken object to controller method params
|
|
|
|
props:
|
|
spring.security.oauth2.client.provider.myprovider.<prop-name>=<prop-val>
|