Question about Zuul and oauth
jilongs opened this issue · comments
Hi Dave,
Thanks for your reply here.
For my use case, spring cloud security doesn't suit me well. The OAuth server I'm using only support password grant type, so I don't know how can I achieve that, here is what I tried, but it doesn't seem to work:
@Configuration
protected static class OAuth2Configuration extends OAuth2SsoConfigurerAdapter {
private final Logger log = LoggerFactory.getLogger(this.getClass());
@Bean
public OAuth2RestTemplate oAuth2RestTemplate() {
return new OAuth2RestTemplate(resource());
}
@Bean
protected OAuth2ProtectedResourceDetails resource() {
ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
resource.setAccessTokenUri("http://localhost:9999/uaa/oauth/token");
resource.setClientId("acme");
resource.setId("sparklr");
resource.setUsername("user");
resource.setPassword("password");
resource.setScope(Arrays.asList("openid"));
resource.setClientSecret("acmesecret");
resource.setGrantType("password");
return resource;
}
@Override
public void match(RequestMatchers matchers) {
matchers.anyRequest();
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/index.html", "/home.html", "/")
.permitAll().anyRequest().authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
}
... csrf stuff
}
Password grant is not suitable for webapps or Single Sign on. You need to rethink probably.
N.B. the OAuth2 SSO features have moved to Spring Boot.