OAuth 2.0 受保护资源元数据

OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer 提供了自定义 OAuth 2.0 受保护资源元数据端点 的能力。它定义了一个扩展点,允许您自定义 OAuth 2.0 受保护资源元数据响应

OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer 提供以下配置选项

@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
	http
		.oauth2ResourceServer((resourceServer) ->
			resourceServer
				.protectedResourceMetadata(protectedResourceMetadata ->
                    protectedResourceMetadata
                        .protectedResourceMetadataCustomizer(protectedResourceMetadataCustomizer)   (1)
				)
		);

	return http.build();
}
1 protectedResourceMetadataCustomizer()Consumer 提供对 OAuth2ProtectedResourceMetadata.Builder 的访问,允许自定义资源服务器配置的声明。

OAuth2ResourceServerConfigurer.ProtectedResourceMetadataConfigurer 配置 OAuth2ProtectedResourceMetadataFilter 并将其注册到资源服务器的 SecurityFilterChain @Bean 中。OAuth2ProtectedResourceMetadataFilter 是返回 OAuth2ProtectedResourceMetadata 响应Filter

© . This site is unofficial and not affiliated with VMware.