spring-security-oauth2

问题 I have resource, authorization and _ui applications written using Spring Boot 1.5.3, OAuth2 and MongoDB. The resources are going to be accessed from mobile apps as well as a couple of web applications (one for regular users and the other one for admins). The apps are quite similar to the samples from the guides by Dave Syer. What different is that the users are stored in the database and the clients are stored in an xml file located in the resources folder of the authorization server. I am

问题 I have a simple OAuth2 application. I started off by creating a SecurityConfig extending WebSecurityConfigurerAdapter and annotated with @EnableOAuth2Sso. I've created an API as well in a controller to test if authentication is working. Principal gets injected into the controller and it gives the correct name. I'm now trying to add some authorities to the principal by implementing AuthoritiesExtractor and creating it as bean. I also did the same with PrincipalExtractor to check if it is

问题 I have a simple OAuth2 application. I started off by creating a SecurityConfig extending WebSecurityConfigurerAdapter and annotated with @EnableOAuth2Sso. I've created an API as well in a controller to test if authentication is working. Principal gets injected into the controller and it gives the correct name. I'm now trying to add some authorities to the principal by implementing AuthoritiesExtractor and creating it as bean. I also did the same with PrincipalExtractor to check if it is

问题 Based on this example https://spring.io/guides/tutorials/spring-boot-oauth2/ I have implemented application with SSO throught Social Networks. In order to improve this approach and store access/refresh tokens in my database I have added oauth_client_token table: CREATE TABLE IF NOT EXISTS oauth_client_token ( token_id VARCHAR(255), token BLOB, authentication_id VARCHAR(255), user_name VARCHAR(255), client_id VARCHAR(255), PRIMARY KEY(authentication_id) ); and extended ClientResources class in

问题 Based on this example https://spring.io/guides/tutorials/spring-boot-oauth2/ I have implemented application with SSO throught Social Networks. In order to improve this approach and store access/refresh tokens in my database I have added oauth_client_token table: CREATE TABLE IF NOT EXISTS oauth_client_token ( token_id VARCHAR(255), token BLOB, authentication_id VARCHAR(255), user_name VARCHAR(255), client_id VARCHAR(255), PRIMARY KEY(authentication_id) ); and extended ClientResources class in

问题 I am trying to integrate my spring-boot rest api with Firebase by these following tutorial: savicprvoslav I need to verify the userTokenId using Firebase SDK which is generated by a front end application. The above git guide used <dependency> <groupId>com.google.firebase</groupId> <artifactId>firebase-server-sdk</artifactId> <version>3.0.3</version> </dependency> which is already deprecated and suggesting to use latest Firebase SDK [ maven repository] According to the Firebase SDK integration

问题 I tried to configure the authorization code flow as a client. As far the flow is working. I get a redirect to the login page. The oauth2 server gives me an auth code and I can exchange the code for an access token. But I can't get the last step right: get back to the original resource. This is my SecurityConfig: @Configuration @EnableWebSecurity @EnableOAuth2Client public class SecureConfig extends WebSecurityConfigurerAdapter { @Autowired OAuth2ClientContext oauth2ClientContext; @Value("$

问题 I am using Spring Boot 2.1.1.RELEASE ( spring-security-oauth2 - 2.3.4.RELEASE ). I would like to create a filter with precedence after TokenEndpoint#postAccessToken call. Why ? 'cause in that filter I want to take the token from the tokenStore and add it as a cookie to the response. I would expect that, this will give me what I want: @Override protected void configure(HttpSecurity http) throws Exception { http .(...) .addFilterAfter(new MyFilter(), BasicAuthenticationFilter.class); } But it

问题 Following the manual I achieve to connect to the Facebook graph API and retrieve info from the user. The problem comes when I wanted give access (Login) with Facebook, I got this error: org.springframework.security.authentication.InsufficientAuthenticationException: Authentication is required to obtain an access token (anonymous not allowed) at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:88) ~[spring-security-oauth2

问题 Following the manual I achieve to connect to the Facebook graph API and retrieve info from the user. The problem comes when I wanted give access (Login) with Facebook, I got this error: org.springframework.security.authentication.InsufficientAuthenticationException: Authentication is required to obtain an access token (anonymous not allowed) at org.springframework.security.oauth2.client.token.AccessTokenProviderChain.obtainAccessToken(AccessTokenProviderChain.java:88) ~[spring-security-oauth2