问题描述
我正在使用Spring Social和Spring Security对用户进行身份验证,并在我的网络应用上自动创建本地帐户。如何为身份验证提供OAuth2 范围
?
I'm using Spring Social with Spring Security to authenticate users and automatically create local accounts on my web app. How do I provide the OAuth2 scope
for authentication?
在,我看不到范围
应该去哪里。
In the spring-social-samples, I don't see where scope
should go.
<bean id="socialAuthenticationFilter" class="org.springframework.social.security.SocialAuthenticationFilter"
c:_0-ref="authenticationManager"
c:_1-ref="userIdSource"
c:_2-ref="usersConnectionRepository"
c:_3-ref="connectionFactoryLocator"
p:signupUrl="/spring-social-showcase/signup"
p:rememberMeServices-ref="org.springframework.security.web.authentication.rememberme.TokenBasedRememberMeServices#0" />
<bean id="socialAuthenticationProvider" class="org.springframework.social.security.SocialAuthenticationProvider"
c:_0-ref="usersConnectionRepository"
c:_1-ref="socialUsersDetailService" />
范围
的特定用例将是让用户通过Facebook进行身份验证,然后获取用户的Facebook电子邮件( scope =email
)以创建本地帐户。
A specific usecase for scope
would be to let the user authenticate with Facebook and then get the user's Facebook email (scope="email"
) for creating a local account.
推荐答案
在您的配置中,您需要指定范围
作为 FacebookAuthenticationService的属性
。这是处理对 auth / facebook的调用的服务
In your configuration, you need to specify scope
as a property of the FacebookAuthenticationService
. This is the service that handles calls to auth/facebook
在XML配置中,而不是:
In XML configuration, instead of:
<facebook:config app-id="${facebook.clientId}" app-secret="${facebook.clientSecret}"/>
使用:
<bean id="connectionFactoryLocator" class="org.springframework.social.security.SocialAuthenticationServiceRegistry">
<property name="authenticationServices">
<list>
<bean class="org.springframework.social.facebook.security.FacebookAuthenticationService">
<constructor-arg value="${facebook.clientId}" />
<constructor-arg value="${facebook.clientSecret}" />
<!-- Important: The next property name changed from "scope" to "defaultScope" in 1.1.0.M4 -->
<property name="scope" value="email" />
</bean>
</list>
</property>
</bean>
这适用于Spring Social 1.1.0.M3
This works with Spring Social 1.1.0.M3
这篇关于如何使用spring-social-security SocialAuthenticationFilter指定OAuth2范围?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!