Spring Boot + Google OAuth2：如何定義用戶詳細信息服務？

Question

我有簡單的彈簧啓動應用程序，我想在其中使用谷歌oauth2身份驗證。它工作正常，但我不明白如何設置我自己的userDetailsS​​ervice爲用戶設置角色。

我的配置：

@SpringBootApplication 
@EnableWebMvc 
@EnableOAuth2Sso 
public class Application extends WebMvcAutoConfiguration { 

    public static void main(String[] args) { 
     SpringApplication.run(Application.class, args); 
    } 
} 

...和application.properties：

security.oauth2.client.client-id: <client-d> 
security.oauth2.client.client-secret: <secret> 
security.oauth2.client.access-token-uri: https://www.googleapis.com/oauth2/v3/token 
security.oauth2.client.user-authorization-uri: https://accounts.google.com/o/oauth2/auth 
security.oauth2.client.client-authentication-scheme: form 
security.oauth2.client.scope: profile,email 
security.oauth2.resource.user-info-uri: https://www.googleapis.com/userinfo/v2/me 
security.oauth2.resource.prefer-token-info: false 

所以，我應該在哪裏取悅我的UserDetailsS​​ervice的implemantation？只是將bean添加到上下文不起作用，它可能應該設置在某處，但是在哪裏？ 謝謝

Answer 1

我不知道這是否是解決這個問題的最佳方法，但它有效。 我已經添加了新的安全過濾器，用戶權限正從數據庫中檢索。 應用類：

@Autowired 
private UserRepository userRepository; 

@Bean 
public FilterRegistrationBean filterRegistrationBean() { 
    FilterRegistrationBean registration = new FilterRegistrationBean(); 
    AuthoritiesFilter filter = new AuthoritiesFilter(); 
    filter.setUserRepository(userRepository); 
    registration.setFilter(filter); 
    registration.addUrlPatterns("/*"); 
    registration.setName("authoritiesFilter"); 
    registration.setOrder(Ordered.LOWEST_PRECEDENCE); 
    return registration; 
} 

當局過濾器：

public class AuthoritiesFilter extends GenericFilterBean { 
     public static final String EMAIL = "email"; 
     public static final String NAME = "name"; 
     public static final String GIVEN_NAME = "given_name"; 
     public static final String FAMILY_NAME = "family_name"; 
     public static final String PICTURE = "picture"; 
     public static final String GENDER = "gender"; 
     public static final String LOCALE = "locale"; 

     private UserRepository userRepository; 

     @Override 
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { 
      Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); 
      OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication; 

      if (oAuth2Authentication != null && oAuth2Authentication.getUserAuthentication().getDetails() != null) { 
       SecurityContextHolder.getContext().setAuthentication(processAuthentication(authentication)); 
      } 

      chain.doFilter(request, response); 
     } 

     private OAuth2Authentication processAuthentication(Authentication authentication) { 
      OAuth2Authentication oAuth2Authentication = (OAuth2Authentication) authentication; 
      Map<String, String> details = (Map<String, String>) oAuth2Authentication.getUserAuthentication().getDetails(); 

      User user = userRepository.getByEmail(details.get(EMAIL)) 
        .orElse(new User()); 
      updateUser(user, details); 
      userRepository.save(user); 

      UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(
        oAuth2Authentication.getPrincipal(), 
        oAuth2Authentication.getCredentials(), 
        user.getAuthorities().stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList())); 
      oAuth2Authentication = new OAuth2Authentication(oAuth2Authentication.getOAuth2Request(), token); 
      oAuth2Authentication.setDetails(details); 
      return oAuth2Authentication; 
     } 

     private void updateUser(User user, Map<String, String> details) { 
      user.setEmail(details.get(EMAIL)); 
      user.setName(details.get(NAME)); 
      user.setGivenName(details.get(GIVEN_NAME)); 
      user.setFamilyName(details.get(FAMILY_NAME)); 
      user.setPicture(details.get(PICTURE)); 
      user.setGender(details.get(GENDER)); 
      user.setLocale(details.get(LOCALE)); 
     } 

     public void setUserRepository(UserRepository userRepository) { 
      this.userRepository = userRepository; 
     } 
    }