Spring OAuth redirect_uri不使用https

  • Z时代
  • 2024-01-10
  • 分类:问答

我有一个包含Spring Security OAuth的Spring Boot 1.3.0应用程序,作为一种SSO集成。

问题在于,该应用程序在非SSL环境中运行,并且负载平衡器(F5)后面有一个非标准端口,该端口强制SSL,OAuth提供程序要求所有重定向URL都注册为https,但是Spring

OAuth客户端(自动(使用@EnableOAuthSso配置)将仅重定向到具有以下URL的OAuth提供程序…

https:// [provider_host] / oauth / authorize?client_id = [redact]

&response_type = code&scope =

[redact]&state = IpMYTe

请注意,返回的redirect_uri生成为http。即使F5会在返回途中将其强制为https,我们的OAuth提供程序也将不允许非SSL重定向URI。我该如何配置?

除了我的Spring Data JPA控制器外,这就是整个应用程序。

回答:

@SpringBootApplication(exclude = { HibernateJpaAutoConfiguration.class })
@EnableJpaRepositories
public class AppConfig extends SpringBootServletInitializer {
    public static void main(final String... args) {
        SpringApplication.run(AppConfig.class, args);
    }
    @Autowired
    public DataSource dataSource;
    @Bean(name = "entityManagerFactory")
    public LocalContainerEntityManagerFactoryBean getEntityManagerFactoryInfo() {
        final LocalContainerEntityManagerFactoryBean fac = new LocalContainerEntityManagerFactoryBean();
        fac.setDataSource(dataSource);
        fac.setJpaVendorAdapter(new HibernateJpaVendorAdapter());
        fac.setPackagesToScan("[redact]");
        final Properties props = new Properties();
        props.put("hibernate.dialect", "org.hibernate.dialect.SQLServerDialect");
        props.put("hibernate.show_sql", "true");
        props.put("hibernate.format_sql", "true");
        fac.setJpaProperties(props);
        return fac;
    }
    @Bean(name = "transactionManager")
    public PlatformTransactionManager getTransactionManager() {
        final JpaTransactionManager transactMngr = new JpaTransactionManager();
        transactMngr.setEntityManagerFactory(getEntityManagerFactoryInfo().getObject());
        return transactMngr;
    }
}

回答:

@Configuration
@EnableOAuth2Sso
public class SecurityConfig {
}

回答:

server.port=9916
server.contextPath=
server.use-forward-headers=true
security.oauth2.client.clientId=[redact]
security.oauth2.client.clientSecret=[redact]
security.oauth2.client.scope=[redact]
security.oauth2.client.accessTokenUri=https://[provider_host]/oauth/token
security.oauth2.client.userAuthorizationUri=https://[provider_host]/oauth/authorize
security.oauth2.resource.userInfoUri=https://[provider_host]/oauth/me
security.oauth2.resource.preferTokenInfo=false
logging.level.org.springframework=TRACE

回答:

在手动浏览配置类之后,我能够找到并添加以下内容,从而达到了目的…

security.oauth2.client.pre-established-redirect-uri=https://[application_host]/login
security.oauth2.client.registered-redirect-uri=https://[application_host]/login
security.oauth2.client.use-current-uri=false

我不认为没有更好的方法来解决强制HTTPS重定向URL的问题,但是此修复程序对我有用。

以上是 Spring OAuth redirect_uri不使用https 的全部内容, 来源链接: utcz.com/qa/420509.html

回到顶部