Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
github
/
spring-security
kopia lustrzana https://github.com/spring-projects/spring-security
2
0
Forkuj 0
Pliki Problemy 0 Wiki
Drzewo: c08a317751
Gałęzie Tagi
spring-security
/
docs
/
modules
/
ROOT
/
pages
/
migration-7
/
authentication.adoc

authentication.adoc 2.1 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. = Authentication Changes
    2. 

  2. 

  3. == Opaque Token Credentials Will Be Encoded For You
    4. 

  4. 

  5. In order to comply more closely with the Introspection RFC, Spring Security's opaque token support will encode the client id and secret before creating the authorization header.
    6. 

  6. This change means you will no longer have to encode the client id and secret yourself.
    7. 

  7. 

  8. If your client id or secret contain URL-unsafe characters, then you can prepare yourself for this change by doing the following:
    9. 

  9. 

  10. === Replace Usage of `introspectionClientCredentials`
    11. 

  11. 

  12. Since Spring Security can now do the encoding for you, replace xref:servlet/oauth2/resource-server/opaque-token.adoc#oauth2resourceserver-opaque-introspectionuri-dsl[using `introspectionClientCredentials`] with publishing the following `@Bean`:
    13. 

  13. 

  14. [tabs]
    15. 

  15. ======
    16. 

  16. Java::
    17. 

  17. +
    18. 

  18. [source,java,role="primary"]
    19. 

  19. ----
    20. 

  20. @Bean
    21. 

  21. OpaqueTokenIntrospector introspector() {
    22. 

  22. 	return SpringOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
    23. 

  23.             .clientId(unencodedClientId).clientSecret(unencodedClientSecret).build();
    24. 

  24. }
    25. 

  25. ----
    26. 

  26. 

  27. Kotlin::
    28. 

  28. +
    29. 

  29. [source,kotlin,role="secondary"]
    30. 

  30. ----
    31. 

  31. @Bean
    32. 

  32. fun introspector(): OpaqueTokenIntrospector {
    33. 

  33.     return SpringOpaqueTokenIntrospector.withIntrospectionUri(introspectionUri)
    34. 

  34.             .clientId(unencodedClientId).clientSecret(unencodedClientSecret).build()
    35. 

  35. }
    36. 

  36. ----
    37. 

  37. ======
    38. 

  38. 

  39. The above will be the default in 7.0.
    40. 

  40. 

  41. If this setting gives you trouble or you cannot apply it for now, you can use the `RestOperations` constructor instead:
    42. 

  42. 

  43. [tabs]
    44. 

  44. ======
    45. 

  45. Java::
    46. 

  46. +
    47. 

  47. [source,java,role="primary"]
    48. 

  48. ----
    49. 

  49. @Bean
    50. 

  50. OpaqueTokenIntrospector introspector() {
    51. 

  51. 	RestTemplate rest = new RestTemplate();
    52. 

  52. 	rest.addInterceptor(new BasicAuthenticationInterceptor(encodedClientId, encodedClientSecret));
    53. 

  53. 	return new SpringOpaqueTokenIntrospector(introspectionUri, rest);
    54. 

  54. }
    55. 

  55. ----
    56. 

  56. 

  57. Kotlin::
    58. 

  58. +
    59. 

  59. [source,kotlin,role="secondary"]
    60. 

  60. ----
    61. 

  61. @Bean
    62. 

  62. fun introspector(): OpaqueTokenIntrospector {
    63. 

  63. 	val rest = RestTemplate()
    64. 

  64. 	rest.addInterceptor(BasicAuthenticationInterceptor(encodedClientId, encodedClientSecret))
    65. 

  65. 	return SpringOpaqueTokenIntrospector(introspectionUri, rest)
    66. 

  66. }
    67. 

  67. ----
    68. 

  68. ======
    69.