All geek questions in one place

Manually configuring an OAuth2 client using @ EnableOAuth2Client not working

I am following this tutorial from spring white papers to manually configure an OAuth2 client using @EnableOAuth2Client. For some reason it does not work. When I launch the application and visit http://localhost:8080/login, I see the basic login form instead of the Google login options. (I need this setting to work manually due to my use.)

However, the code @EnableOauth2Ssoworks fine when I do not perform manual tuning with OAuth2AuthenticationProcessingFilters. In this case, I find the google pointer in the options when visiting my login page. Can someone please help me. I added the code below:

This is with @EnableOauth2Ssothat works great

@Configuration
@EnableWebSecurity
@EnableOAuth2Sso
@PropertySource({ "classpath:/oauth2.properties" })
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    OAuth2ClientContext oauth2ClientContext;

    @Value("${security.oauth2.resource.userInfoUri}")
    String userInfoUri;

    @Value("${security.oauth2.client.clientId}")
    String clientId;

    @Bean
    public RequestContextListener requestContextListener() {
        return new RequestContextListener();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
//      http.antMatcher("/**").addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
    }
}

@EnableOAuth2Client, ,

@Configuration
@EnableWebSecurity
@EnableOAuth2Client
@PropertySource({ "classpath:/oauth2.properties" })
@EnableGlobalMethodSecurity(prePostEnabled = true, jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    OAuth2ClientContext oauth2ClientContext;

    @Value("${security.oauth2.resource.userInfoUri}")
    String userInfoUri;

    @Value("${security.oauth2.client.clientId}")
    String clientId;

    @Bean
    public RequestContextListener requestContextListener() {
        return new RequestContextListener();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        super.configure(http);
        http.antMatcher("/**").addFilterBefore(ssoFilter(), BasicAuthenticationFilter.class);
    }

    private Filter ssoFilter() {
        OAuth2ClientAuthenticationProcessingFilter googleFilter = new OAuth2ClientAuthenticationProcessingFilter("/login");
        OAuth2RestTemplate googleTemplate = new OAuth2RestTemplate(google(), oauth2ClientContext);
        googleFilter.setRestTemplate(googleTemplate);
        googleFilter.setTokenServices(new UserInfoTokenServices(googleResource().getUserInfoUri(), google().getClientId()));
        return googleFilter;
    }

    @Bean
    @ConfigurationProperties("security.oauth2.client")
    public AuthorizationCodeResourceDetails google() {
        return new AuthorizationCodeResourceDetails();
    }

    @Bean
    @ConfigurationProperties("security.oauth2.resource")
    public ResourceServerProperties googleResource() {
        return new ResourceServerProperties();
    }

    @Bean
    public FilterRegistrationBean oauth2ClientFilterRegistration(
            OAuth2ClientContextFilter filter) {
        FilterRegistrationBean registration = new FilterRegistrationBean();
        registration.setFilter(filter);
        registration.setOrder(-100);
        return registration;
    }

}
+4
1

, super.configure(http) .

javadoc:

, , . "

+2

Source: https://habr.com/ru/post/1665299/

More articles:


All Articles