问题
I'm trying to set up a spring boot app that uses oauth2 with Active Directory Federation Services as the authentication provider. I started with the tutorial here...
https://spring.io/guides/tutorials/spring-boot-oauth2/
... and got the facebook example to work. Then, I started adapting it to work with ADFS. It is close to working, but ADFS expects a resource parameter to be passed with the authorization request and I can't figure out how to set it. Here's what I've got so far in the config...
security:
oauth2:
client:
clientId: spring-boot-test-client
userAuthorizationUri: https://domain/adfs/oauth2/authorize
access-token-uri: https://domain/adfs/oauth2/token
tokenName: code
authenticationScheme: query
clientAuthenticationScheme: form
grant-type: authorization_codeWhen I click the login link, it redirects to https://domain/adfs/oauth2/authorize?client_id=spring-boot-test-client&redirect_uri=http://localhost:8080/login&response_type=code&state=rjzfyZ
I've tried setting the security:oauth2:client:id, the security:oauth2:client:resourceids and the security:oauth2:resource:id, but none of those seemed to affect the first redirect. Any idea what I should set to get the resource included in that first redirect?
回答1:
Answering my own question here... It may be a hack, but I just appended the resource to the userAuthorizationUri
security:
oauth2:
client:
clientId: spring-boot-test-client
userAuthorizationUri: https://domain/adfs/oauth2/authorize?resource=RelyingPartyTrustIdentifier
access-token-uri: https://domain/adfs/oauth2/token
tokenName: code
authenticationScheme: query
clientAuthenticationScheme: form
grant-type: authorization_codeNow, I'm getting the login form.
来源:https://stackoverflow.com/questions/39055971/spring-boot-oauth2-how-to-set-the-resource-parameter-in-the-authorization-reque