【分布式微服务专题】SpringSecurity OAuth2快速入门

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 
@Configuration
public class OAuth2LoginSecurityConfig extends WebSecurityConfigurerAdapter {
 
    private final ClientRegistrationRepository clientRegistrationRepository;
 
    public OAuth2LoginSecurityConfig(ClientRegistrationRepository clientRegistrationRepository) {
        this.clientRegistrationRepository = clientRegistrationRepository;
    }
 
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
            // 配置OAuth2登录注册
            .oauth2Login()
            // 自定义登录成功处理逻辑
            .loginPage("/login")
            .successHandler((req, resp, auth) -> {
                OAuth2AuthorizationRequest authorizationRequest = (OAuth2AuthorizationRequest) req.getAttribute(OAuth2LoginAuthenticationProvider.OAUTH2_AUTHORIZATION_REQUEST_ATTR_NAME);
                // 自定义登录成功后的操作
            })
            // 自定义认证失败处理逻辑
            .failureHandler((req, resp, exception) -> {
                // 自定义认证失败后的操作
            })
            // 其他安全配置
            .and()
            // ...
            ;
    }
}

这个代码示例展示了如何使用Spring Security的OAuth2登录功能来增强你的应用程序的安全性。它定义了一个OAuth2LoginSecurityConfig配置类，继承自WebSecurityConfigurerAdapter，并通过重写configure方法来配置HttpSecurity。在configure方法中，它使用.oauth2Login()来启用OAuth2登录，并提供了自定义的登录成功和失败处理逻辑。