我正在开发一个Web应用程序跨平台应用程序,社交登录期间所需的重定向地址在Web和应用程序环境之间有所不同。我想在社交登录请求中设置最终的redirect_uri,例如
http://localhost:8080/auth/oauth2/authorize/google?redirect_uri=foo://
和 http://localhost:8080/auth/oauth2/authorize/google?redirect_uri=bar://
。
有办法解决这个问题吗?
我想拦截OAuth2过滤器中的第一个请求并将redirect_uri传递给最终的successHandler,但我找不到方法来做到这一点。
根据不同的登录客户端返回不同的重定向地址,如下?
@Bean
public SecurityFilterChain filterChain(HttpSecurity http,ClientRegistrationRepository clientRegistrationRepository ) throws Exception {
return http
.csrf(AbstractHttpConfigurer::disable)
.oauth2Login(c -> c.authorizationEndpoint(cc->cc.authorizationRequestResolver(new CustomOAuth2AuthorizationRequestResolver(clientRegistrationRepository))))
.authorizeHttpRequests(c -> c.anyRequest().authenticated())
.build();
}
static class CustomOAuth2AuthorizationRequestResolver implements OAuth2AuthorizationRequestResolver{
private final OAuth2AuthorizationRequestResolver resolver;
public CustomOAuth2AuthorizationRequestResolver(ClientRegistrationRepository clientRegistrationRepository) {
DefaultOAuth2AuthorizationRequestResolver resolver =
new DefaultOAuth2AuthorizationRequestResolver(clientRegistrationRepository, OAuth2AuthorizationRequestRedirectFilter.DEFAULT_AUTHORIZATION_REQUEST_BASE_URI);
resolver.setAuthorizationRequestCustomizer(builder -> {
if (isWebLogin()) {
builder.redirectUri("foo://");
}else if (isAppLogin()) {
builder.redirectUri("bar://");
}
});
this.resolver = resolver;
}
@Override
public OAuth2AuthorizationRequest resolve(HttpServletRequest request) {
return resolver.resolve(request);
}
@Override
public OAuth2AuthorizationRequest resolve(HttpServletRequest request, String clientRegistrationId) {
return resolver.resolve(request,clientRegistrationId);
}
}