问题
Here is my current setup:
I'm exposing a WebClient bean with oauth2 filter:
@Configuration
class OAuthConfiguration {
@Bean("authProvider")
fun webClient(
clientRegistrationRepository: ClientRegistrationRepository,
authorizedClientRepository: OAuth2AuthorizedClientRepository,
clientHttpConnector: ClientHttpConnector
): WebClient {
val oauth = ServletOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrationRepository, authorizedClientRepository)
oauth.setDefaultClientRegistrationId("authProvider")
oauth.setDefaultOAuth2AuthorizedClient(true)
return WebClient.builder()
.baseUrl("baseUrl")
.clientConnector(clientHttpConnector)
.filter(oauth)
.build()
}
}
And I'm using it here:
fun callExternalService() {
val retrieve = webClient.get()
.uri("/uri")
.retrieve()
.bodyToMono(String::class.java)
.block()
// ...
}
My application.yml has the following structure
security:
oauth2:
client:
provider:
authProvider:
token-uri: https://authentication-uri.com
registration:
authProvider:
client-id: client-id
client-secret: client-secret
authorization-grant-type: authorization_code
scope: any
This code is failing because my internal authentication service accepts only password grant-type and I can see the response for my auth URL returning a 400 code. Once I change authorization-grant-type: authorization_code
to authorization-grant-type: password
, spring ignores all the logic of authentication, it does not try to authenticate.
Does anyone know how to implement authorization-grant-type: password
?
来源:https://stackoverflow.com/questions/59621397/spring-security-5-2-1-spring-security-oauth2-webclient-how-to-use-password