OAuth2 | ClientCredentialsResourceDetails | deprecated

牧云@^-^@ 提交于 2021-02-11 15:40:33

问题


I am new to spring security, and i come across to implement OAuth2 with client_credentials as Grant type. i am using below piece of code, but i am getting suggestion that ClientCredentialsResourceDetails, OAuth2RestTemplate & OAuth2AccessToken are deprecated.

Can someone help with the alternate to this ?

 private String getAuthTocken(){
     final ClientCredentialsResourceDetails resourceDetails = new ClientCredentialsResourceDetails();
     resourceDetails.setClientId("ceapiClientId");
     resourceDetails.setClientSecret("ceapiClientSecret");
     resourceDetails.setGrantType("client_credentials");
     resourceDetails.setAccessTokenUri("https://auth.abcdcommerce.com/oauth-server/oauth/token");

     final OAuth2RestTemplate oAuth2RestTemplate = new OAuth2RestTemplate(resourceDetails);
     final OAuth2AccessToken accessToken = oAuth2RestTemplate.getAccessToken();

     final String accessTokenAsString = accessToken.getValue();
     return accessTokenAsString;
 } 

回答1:


The alternative is to use the new non-blocking WebClient or a RestTemplate with an interceptor over the deprecated OAuthRestTemplate. Everything in the spring-security-oauth artifacts has an end of life road map.

https://spring.io/blog/2019/11/14/spring-security-oauth-2-0-roadmap-update

https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Features-Matrix

The migration guide can be found here,

https://github.com/spring-projects/spring-security/wiki/OAuth-2.0-Migration-Guide

From the migration guide,

Spring Security chooses to favor composition and instead exposes an OAuth2AuthorizedClientService, which is useful for creating RestTemplateinterceptors or WebClient exchange filter functions. Spring Security provides ExchangeFilterFunction s for both Servlet- and WebFlux-based applications that both leverage this service.

There is a migration example available here,

https://github.com/jgrandja/spring-security-oauth-5-2-migrate



来源:https://stackoverflow.com/questions/62087866/oauth2-clientcredentialsresourcedetails-deprecated

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!