本文介绍了如何使用spring-social-security SocialAuthenticationFilter指定OAuth2范围?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在使用Spring Social和Spring Security对用户进行身份验证,并在我的网络应用上自动创建本地帐户。如何为身份验证提供OAuth2 范围

I'm using Spring Social with Spring Security to authenticate users and automatically create local accounts on my web app. How do I provide the OAuth2 scope for authentication?

在,我看不到范围应该去哪里。

In the spring-social-samples, I don't see where scope should go.

<bean id="socialAuthenticationFilter" class="org.springframework.social.security.SocialAuthenticationFilter"
    c:_0-ref="authenticationManager"
    c:_1-ref="userIdSource"
    c:_2-ref="usersConnectionRepository"
    c:_3-ref="connectionFactoryLocator"
    p:signupUrl="/spring-social-showcase/signup"
    p:rememberMeServices-ref="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0" />

<bean id="socialAuthenticationProvider" class="org.springframework.social.security.SocialAuthenticationProvider"
    c:_0-ref="usersConnectionRepository"
    c:_1-ref="socialUsersDetailService" />

范围的特定用例将是让用户通过Facebook进行身份验证,然后获取用户的Facebook电子邮件( scope =email)以创建本地帐户。

A specific usecase for scope would be to let the user authenticate with Facebook and then get the user's Facebook email (scope="email") for creating a local account.

推荐答案

在您的配置中,您需要指定范围作为 FacebookAuthenticationService的属性。这是处理对 auth / facebook的调用的服务

In your configuration, you need to specify scope as a property of the FacebookAuthenticationService. This is the service that handles calls to auth/facebook

在XML配置中,而不是:

In XML configuration, instead of:

<facebook:config app-id="${facebook.clientId}" app-secret="${facebook.clientSecret}"/>

使用:

<bean id="connectionFactoryLocator" class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
    <property name="authenticationServices">
        <list>
            <bean class="org.springframework.social.facebook.security.FacebookAuthenticationService">
                <constructor-arg value="${facebook.clientId}" />
                <constructor-arg value="${facebook.clientSecret}" />
                <!-- Important: The next property name changed from "scope" to "defaultScope" in 1.1.0.M4 -->
                <property name="scope" value="email" />              
            </bean>
        </list>
    </property>
</bean>

这适用于Spring Social 1.1.0.M3

This works with Spring Social 1.1.0.M3

这篇关于如何使用spring-social-security SocialAuthenticationFilter指定OAuth2范围?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-22 11:14