我目前正在使用Spring Security + OAUth2协议构建Spring Boot应用程序。
Here is the Authorization Guide from Spotify I'm following
我在理解如何执行授权代码流程的步骤2-4时遇到麻烦。我能够获得授权并获得授权代码以交换访问和刷新令牌,但是我不确定如何获取令牌然后开始进行API调用。
阅读Spring文档使我对某些事情感到困惑。
这是我的application.properties
#
# OAuth ClientRegistration Properties
#
spring.security.oauth2.client.registration.spotify.client-id=#
spring.security.oauth2.client.registration.spotify.client-secret=#
spring.security.oauth2.client.registration.spotify.provider=spotify-provider
spring.security.oauth2.client.registration.spotify.client-authentication-method=basic
spring.security.oauth2.client.registration.spotify.authorization-grant-type=authorization_code
spring.security.oauth2.client.registration.spotify.redirect-uri=http://localhost:8080/redirect
spring.security.oauth2.client.registration.spotify.scope=user-read-private,user-read-email
#
# OAuth ProviderDetails Properties
#
spring.security.oauth2.client.provider.spotify-provider.authorization-
uri=https://accounts.spotify.com/authorize?show_dialog=true
spring.security.oauth2.client.provider.spotify-provider.token-
uri=https://accounts.spotify.com/api/token
spring.security.oauth2.client.provider.spotify-provider.user-info-uri=https://api.spotify.com/v1/me
spring.security.oauth2.client.provider.spotify-provider.user-name-attribute=id
这是我的WebSecurityConfig
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/redirect")
.permitAll()
.and()
.authorizeRequests()
.anyRequest().authenticated()
.and()
.oauth2Login()
.loginPage("/login")
.permitAll();
}
}
控制器
@Controller
public class HomeController {
@Autowired
private OAuth2AuthorizedClientService authorizedClientService;
@GetMapping("/login")
public String getLogin()
{
return "login";
}
///login/oauth2/code/spotify
@GetMapping("/redirect")
public String getRedirect()
{
return "redirect";
}
@GetMapping("/home")
public String getHome()
{
return "home";
}
}
我仍然是一个初学者,花了我一段时间才能理解,所以在此先感谢您的帮助。
让它开始工作。显然,我应该将WebClient与使用OAuth2AuthorizedClientManager的ExchangeFilterFunction集成在一起,该函数处理访问令牌和刷新令牌的授权代码交换。我遵循并阅读了文档,直到理解为止。 Here's the section that helped me the most。
这是我对代码所做的更改...
我添加了一个新的配置类,以将webclient与exchangefilter功能集成在一起。
@Configuration
public class WebClientConfig {
@Bean
public OAuth2AuthorizedClientManager authorizedClientManager(
ClientRegistrationRepository clientRegistrationRepository,
OAuth2AuthorizedClientRepository authorizedClientRepository) {
OAuth2AuthorizedClientProvider authorizedClientProvider =
OAuth2AuthorizedClientProviderBuilder.builder()
.authorizationCode()
.refreshToken()
.build();
DefaultOAuth2AuthorizedClientManager authorizedClientManager =
new DefaultOAuth2AuthorizedClientManager(
clientRegistrationRepository, authorizedClientRepository);
authorizedClientManager.setAuthorizedClientProvider(authorizedClientProvider);
return authorizedClientManager;
}
@Bean
public WebClient webClient(OAuth2AuthorizedClientManager authorizedClientManager) {
ServletOAuth2AuthorizedClientExchangeFilterFunction oauth2Client =
new ServletOAuth2AuthorizedClientExchangeFilterFunction(authorizedClientManager);
oauth2Client.setDefaultClientRegistrationId("spotify");
return WebClient.builder()
.apply(oauth2Client.oauth2Configuration())
.build();
}
}
然后,我只是像以前那样使用WebClient而不使用控制器中的OAuth2:
@GetMapping("/redirect")
public String getRedirect()
{
String resourceUri = "https://api.spotify.com/v1/me/top/artists";
String body = webClient
.get()
.uri(resourceUri)
.retrieve()
.bodyToMono(String.class)
.block();
System.out.println(body);
return "redirect";
}