问题
i'm fairly new to spring oauth2. I was wondering if it was possible to attached custom userdetails on the oauth client side.
something like this
@EnableOAuth2Sso
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
@Qualifier("customUserDetailsService")
private UserDetailsService userDetailsService;
@Override
public void configure(HttpSecurity http) throws Exception {
http
.antMatcher("/**")
.authorizeRequests()
.antMatchers("/", "/login**")
.permitAll()
.anyRequest()
.authenticated();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService);
}
}
this does not work as the configuration is somehow ignored.
this client authenticated in a spring oauth2 authentication server successfully, but i want to load the other user details after obtaining authorization.
回答1:
Custom implementation of UserDetailsService is used to load user by username during authentication and that goes under AuthorizationServerConfigurerAdapter. We override its configure(..) method, the one that takes AuthorizationServerEndpointsConfigurer as parameter and set it there.
Similarly, we can write custom implementation of ClientDetailsService. During authentication this is used to load client by client id. This custom implementation is also registered the same way as UserDetailsService.
@Override
public void configure(final AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
endpoints.authenticationManager(authenticationManager);
endpoints.userDetailsService(userDetailsService);
endpoints.tokenStore(tokenStore);
endpoints.setClientDetailsService(clientDetailsService);
endpoints.accessTokenConverter(accessTokenConverter);
}
来源:https://stackoverflow.com/questions/49244821/spring-oauth2-fetch-userdetails-on-oauth-client