Spring Security 5.7.5版本,接入OAuth2登录后需要在配置文件中进行相关配置。如果是框架内置的服务提供者,则配置文件中只需要配置client-id, client-secret即可。那么框架内置了哪些服务提供者呢?
直接上源码:
GOOGLE {@Overridepublic Builder getBuilder(String registrationId) {ClientRegistration.Builder builder = getBuilder(registrationId,ClientAuthenticationMethod.CLIENT_SECRET_BASIC, DEFAULT_REDIRECT_URL);builder.scope("openid", "profile", "email");builder.authorizationUri("https://accounts.google.com/o/oauth2/v2/auth");builder.tokenUri("https://www.googleapis.com/oauth2/v4/token");builder.jwkSetUri("https://www.googleapis.com/oauth2/v3/certs");builder.issuerUri("https://accounts.google.com");builder.userInfoUri("https://www.googleapis.com/oauth2/v3/userinfo");builder.userNameAttributeName(IdTokenClaimNames.SUB);builder.clientName("Google");return builder;}},GITHUB {@Overridepublic Builder getBuilder(String registrationId) {ClientRegistration.Builder builder = getBuilder(registrationId,ClientAuthenticationMethod.CLIENT_SECRET_BASIC, DEFAULT_REDIRECT_URL);builder.scope("read:user");builder.authorizationUri("https://github.com/login/oauth/authorize");builder.tokenUri("https://github.com/login/oauth/access_token");builder.userInfoUri("https://api.github.com/user");builder.userNameAttributeName("id");builder.clientName("GitHub");return builder;}},FACEBOOK {@Overridepublic Builder getBuilder(String registrationId) {ClientRegistration.Builder builder = getBuilder(registrationId,ClientAuthenticationMethod.CLIENT_SECRET_POST, DEFAULT_REDIRECT_URL);builder.scope("public_profile", "email");builder.authorizationUri("https://www.facebook.com/v2.8/dialog/oauth");builder.tokenUri("https://graph.facebook.com/v2.8/oauth/access_token");builder.userInfoUri("https://graph.facebook.com/me?fields=id,name,email");builder.userNameAttributeName("id");builder.clientName("Facebook");return builder;}},OKTA {@Overridepublic Builder getBuilder(String registrationId) {ClientRegistration.Builder builder = getBuilder(registrationId,ClientAuthenticationMethod.CLIENT_SECRET_BASIC, DEFAULT_REDIRECT_URL);builder.scope("openid", "profile", "email");builder.userNameAttributeName(IdTokenClaimNames.SUB);builder.clientName("Okta");return builder;}};
源码位于
org.springframework.security:spring-security-config依赖包下的
org.springframework.security.config.oauth2.client.CommonOAuth2Provider类中。
自己的码云spring-security练习项目:code_practice_2024/spring-security,成功接入了GitHub,华为OAuth2,欢迎访问