Question about Zuul and oauth
jilongs opened this issue · comments
jilongs commented
Hi Dave,
Thanks for your reply here.
For my use case, spring cloud security doesn't suit me well. The OAuth server I'm using only support password grant type, so I don't know how can I achieve that, here is what I tried, but it doesn't seem to work:
@Configuration
protected static class OAuth2Configuration extends OAuth2SsoConfigurerAdapter {
private final Logger log = LoggerFactory.getLogger(this.getClass());
@Bean
public OAuth2RestTemplate oAuth2RestTemplate() {
return new OAuth2RestTemplate(resource());
}
@Bean
protected OAuth2ProtectedResourceDetails resource() {
ResourceOwnerPasswordResourceDetails resource = new ResourceOwnerPasswordResourceDetails();
resource.setAccessTokenUri("http://localhost:9999/uaa/oauth/token");
resource.setClientId("acme");
resource.setId("sparklr");
resource.setUsername("user");
resource.setPassword("password");
resource.setScope(Arrays.asList("openid"));
resource.setClientSecret("acmesecret");
resource.setGrantType("password");
return resource;
}
@Override
public void match(RequestMatchers matchers) {
matchers.anyRequest();
}
@Override
public void configure(HttpSecurity http) throws Exception {
http.authorizeRequests().antMatchers("/index.html", "/home.html", "/")
.permitAll().anyRequest().authenticated().and().csrf()
.csrfTokenRepository(csrfTokenRepository()).and()
.addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
}
... csrf stuff
}
Dave Syer commented
Password grant is not suitable for webapps or Single Sign on. You need to rethink probably.
N.B. the OAuth2 SSO features have moved to Spring Boot.