github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security


			
							12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273
							= HTTP Service Clients Integration

Spring Security's OAuth Support can integrate with `RestClient` and `WebClient` {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[HTTP Service Clients].


[[configuration]]
== Configuration
After xref:features/integrations/rest/http-service-client.adoc#configuration-restclient[RestClient] or xref:features/integrations/rest/http-service-client.adoc#configuration-webclient[WebClient] specific configuration, usage of xref:features/integrations/rest/http-service-client.adoc[] only requires adding a xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`] to methods that require OAuth or their declaring HTTP interface.

Since the presence of xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`] determines if and how the OAuth token will be resolved, it is safe to add Spring Security's OAuth support any configuration.

[[configuration-restclient]]
=== RestClient Configuration

Spring Security's OAuth Support can integrate with {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[HTTP Service Clients] backed by `RestClient`.
The first step is to xref:servlet/oauth2/client/core.adoc#oauth2Client-authorized-manager-provider[create an `OAuthAuthorizedClientManager` Bean].

Next you must configure `HttpServiceProxyFactory` and `RestClient` to be aware of xref:./http-service-client.adoc#client-registration-id[@ClientRegistrationId]
To simplify this configuration, use javadoc:org.springframework.security.oauth2.client.web.client.support.OAuth2RestClientHttpServiceGroupConfigurer[].

include-code::./RestClientHttpInterfaceIntegrationConfiguration[tag=config,indent=0]

The configuration:

- Adds xref:features/integrations/rest/http-service-client.adoc#client-registration-id-processor[`ClientRegistrationIdProcessor`] to {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[`HttpServiceProxyFactory`]
- Adds xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-rest-client[`OAuth2ClientHttpRequestInterceptor`] to the `RestClient`

[[configuration-webclient]]
=== WebClient Configuration

Spring Security's OAuth Support can integrate with {spring-framework-reference-url}integration/rest-clients.html#rest-http-service-client[HTTP Service Clients] backed by `WebClient`.
The first step is to xref:reactive/oauth2/client/core.adoc#oauth2Client-authorized-manager-provider[create an `ReactiveOAuthAuthorizedClientManager` Bean].

Next you must configure `HttpServiceProxyFactory` and `WebRestClient` to be aware of xref:./http-service-client.adoc#client-registration-id[@ClientRegistrationId]
To simplify this configuration, use javadoc:org.springframework.security.oauth2.client.web.reactive.function.client.support.OAuth2WebClientHttpServiceGroupConfigurer[].

include-code::./ServerWebClientHttpInterfaceIntegrationConfiguration[tag=config,indent=0]

The configuration:

- Adds xref:features/integrations/rest/http-service-client.adoc#client-registration-id-processor[`ClientRegistrationIdProcessor`] to {spring-framework-reference-url}/integration/rest-clients.html#rest-http-service-client[`HttpServiceProxyFactory`]
- Adds xref:reactive/oauth2/client/authorized-clients.adoc#oauth2-client-web-client[`ServerOAuth2AuthorizedClientExchangeFilterFunction`] to the `WebClient`


[[client-registration-id]]
== @ClientRegistrationId

You can add the javadoc:org.springframework.security.oauth2.client.annotation.ClientRegistrationId[] on the HTTP Service to specify which javadoc:org.springframework.security.oauth2.client.registration.ClientRegistration[] to use.

include-code::./UserService[tag=getAuthenticatedUser]

The xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`] will be processed by xref:features/integrations/rest/http-service-client.adoc#client-registration-id-processor[`ClientRegistrationIdProcessor`]

[[type]]
=== Type Level Declarations

`@ClientRegistrationId` can also be added at the type level to avoid repeating the declaration on every method.

include-code::./UserService[tag=type]

[[client-registration-id-processor]]
== `ClientRegistrationIdProcessor`

The xref:features/integrations/rest/http-service-client.adoc#configuration[configured] javadoc:org.springframework.security.oauth2.client.web.client.ClientRegistrationIdProcessor[] will:

- Automatically invoke javadoc:org.springframework.security.oauth2.client.web.ClientAttributes#clientRegistrationId(java.lang.String)[] for each xref:features/integrations/rest/http-service-client.adoc#client-registration-id[`@ClientRegistrationId`].
- This adds the javadoc:org.springframework.security.oauth2.client.registration.ClientRegistration#getId()[] to the attributes

The `id` is then processed by:

- `OAuth2ClientHttpRequestInterceptor` for xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-rest-client[RestClient Integration]
- xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-web-client[`ServletOAuth2AuthorizedClientExchangeFilterFunction`] (servlets) or xref:servlet/oauth2/client/authorized-clients.adoc#oauth2-client-web-client[`ServerOAuth2AuthorizedClientExchangeFilterFunction`] (reactive environments) for `WebClient`.