【发布时间】:2022-01-26 06:32:49
【问题描述】:
我有以下 Spring Security 配置:
security:
oauth2:
resourceserver:
jwt:
issuer-uri: ${issuer-uri-of-identity}
client:
registration:
some-app:
client-id: ${qwerty.server.client.client-id}
client-secret: ${qwerty.server.client.client-secret}
scope: ${qwerty.server.client.some-app-scope}
authorization-grant-type: client_credentials
provider: qwerty
qwerty:
server:
max-clock-skew: 60
url: ....
scope: my-scope
client:
client-id: ...
client-secret: ....
some-app-scope: my-ticket-scope
并使用以下配置:
private static final Authentication ANONYMOUS_AUTHENTICATION = new AnonymousAuthenticationToken(
"anonymous", "anonymousUser", AuthorityUtils.createAuthorityList("ROLE_ANONYMOUS"));
...
@Bean("someAppRestTemplate")
@Autowired
public RestTemplate buildRestTemplateForSomeApp(RestTemplateBuilder builder) {
return builder
.messageConverters(converter)
.additionalInterceptors(Arrays.asList(contentTypeInterceptor(), oauthInterceptor("some-app")))
.build();
}
...
private ClientHttpRequestInterceptor oauthInterceptor(String id) {
return (r, b, e) -> {
OAuth2AuthorizedClient client = manager.authorize(
OAuth2AuthorizeRequest
.withClientRegistrationId(id)
.principal(ANONYMOUS_AUTHENTICATION)
.build()
);
Assert.notNull(client, "Can not access File Storage Service");
r.getHeaders().setBearerAuth(client.getAccessToken().getTokenValue());
return e.execute(r, b);
};
}
现在我需要进行模拟(https://datatracker.ietf.org/doc/html/rfc8693)。所以我需要假装成某个用户。我需要它是因为某些应用程序应用程序中的“当前用户”逻辑。
如何重新配置来实现它?
P.S.我尝试用谷歌搜索,但没有找到任何相关内容。
【问题讨论】:
标签: java spring spring-security spring-security-oauth2 token-exchange