介绍
前段时间spring-security团队推出了新的基于Oauth2.0的授权服务器实现,叫做spring-authorization-server,让我们来探究一下里面example。
client :
客户端首先向授权服务器的授权节点(Authorization endpoint)发起授权请求,通过@RegisteredOAuth2AuthorizedClient(“messaging-client-authorization-code”)
1 | OAuth2AuthorizedClientArgumentResolver |
获取注解里面定义的 clientRegistrationId = messaging-client-authorization-code
1 | DefaultOAuth2AuthorizedClientManager |
在authorize()中去寻找OAuth2AuthorizedClient,发现没有之后再去寻找ClientRegistration,在InMemoryClientRegistrationRepository中可以找到clientRegistrationId对应的ClientRegistration。
然后用这个clientRegistration构建OAuth2AuthorizationContext,再使用DelegatingOAuth2AuthorizedClientProvider去调用authorizedClientProviders中的authorize()
1 | AuthorizationCodeOAuth2AuthorizedClientProvider |
抛出ClientAuthorizationRequiredException被OAuth2AuthorizationRequestRedirectFilter捕获
auth-server:
1 | OAuth2AuthorizationEndpointFilter |
处理授权请求,发现没有认证,然后就会经过DelegatingAuthenticationEntryPoint选择对应的LoginUrlAuthenticationEntryPoint返回401状态码
原文链接: https://alexhuihui.github.io/article/20220223.html
版权声明: 转载请注明出处.