spring security oauth2 默认User Approval页面,定制方法
2023-04-18 13:09:14 时间
授权入口
org.springframework.security.oauth2.provider.endpoint.AuthorizationEndpoint
private String userApprovalPage = "forward:/oauth/confirm_access";
// We need explicit approval from the user.
private ModelAndView getUserApprovalPageResponse(Map<String, Object> model,
AuthorizationRequest authorizationRequest, Authentication principal) {
if (logger.isDebugEnabled()) {
logger.debug("Loading user approval page: " + userApprovalPage);
}
model.putAll(userApprovalHandler.getUserApprovalRequest(authorizationRequest, principal));
return new ModelAndView(userApprovalPage, model);
}
页面控制器
org.springframework.security.oauth2.provider.endpoint.WhitelabelApprovalEndpoint
@FrameworkEndpoint
@SessionAttributes("authorizationRequest")
public class WhitelabelApprovalEndpoint {
@RequestMapping("/oauth/confirm_access")
public ModelAndView getAccessConfirmation(Map<String, Object> model, HttpServletRequest request) throws Exception {
final String approvalContent = createTemplate(model, request);
if (request.getAttribute("_csrf") != null) {
model.put("_csrf", request.getAttribute("_csrf"));
}
View approvalView = new View() {
@Override
public String getContentType() {
return "text/html";
}
@Override
public void render(Map<String, ?> model, HttpServletRequest request, HttpServletResponse response) throws Exception {
response.setContentType(getContentType());
response.getWriter().append(approvalContent);
}
};
return new ModelAndView(approvalView, model);
}
protected String createTemplate(Map<String, Object> model, HttpServletRequest request) {
AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");
String clientId = authorizationRequest.getClientId();
StringBuilder builder = new StringBuilder();
builder.append("<html><body><h1>OAuth Approval</h1>");
builder.append("<p>Do you authorize "").append(HtmlUtils.htmlEscape(clientId));
builder.append("" to access your protected resources?</p>");
builder.append("<form id="confirmationForm" name="confirmationForm" action="");
String requestPath = ServletUriComponentsBuilder.fromContextPath(request).build().getPath();
if (requestPath == null) {
requestPath = "";
}
builder.append(requestPath).append("/oauth/authorize" method="post">");
builder.append("<input name="user_oauth_approval" value="true" type="hidden"/>");
String csrfTemplate = null;
CsrfToken csrfToken = (CsrfToken) (model.containsKey("_csrf") ? model.get("_csrf") : request.getAttribute("_csrf"));
if (csrfToken != null) {
csrfTemplate = "<input type="hidden" name="" + HtmlUtils.htmlEscape(csrfToken.getParameterName()) +
"" value="" + HtmlUtils.htmlEscape(csrfToken.getToken()) + "" />";
}
if (csrfTemplate != null) {
builder.append(csrfTemplate);
}
String authorizeInputTemplate = "<label><input name="authorize" value="Authorize" type="submit"/></label></form>";
if (model.containsKey("scopes") || request.getAttribute("scopes") != null) {
builder.append(createScopes(model, request));
builder.append(authorizeInputTemplate);
} else {
builder.append(authorizeInputTemplate);
builder.append("<form id="denialForm" name="denialForm" action="");
builder.append(requestPath).append("/oauth/authorize" method="post">");
builder.append("<input name="user_oauth_approval" value="false" type="hidden"/>");
if (csrfTemplate != null) {
builder.append(csrfTemplate);
}
builder.append("<label><input name="deny" value="Deny" type="submit"/></label></form>");
}
builder.append("</body></html>");
return builder.toString();
}
private CharSequence createScopes(Map<String, Object> model, HttpServletRequest request) {
StringBuilder builder = new StringBuilder("<ul>");
@SuppressWarnings("unchecked")
Map<String, String> scopes = (Map<String, String>) (model.containsKey("scopes") ?
model.get("scopes") : request.getAttribute("scopes"));
for (String scope : scopes.keySet()) {
String approved = "true".equals(scopes.get(scope)) ? " checked" : "";
String denied = !"true".equals(scopes.get(scope)) ? " checked" : "";
scope = HtmlUtils.htmlEscape(scope);
builder.append("<li><div class="form-group">");
builder.append(scope).append(": <input type="radio" name="");
builder.append(scope).append("" value="true"").append(approved).append(">Approve</input> ");
builder.append("<input type="radio" name="").append(scope).append("" value="false"");
builder.append(denied).append(">Deny</input></div></li>");
}
builder.append("</ul>");
return builder.toString();
}
}
定制方法
提供一个controller映射"/oauth/confirm_access"路径即可 控制器上需要添加注解@SessionAttributes(“authorizationRequest”)
相关文章
- Android MVVM框架搭建(五)Navigation + Fragment + BottomNavigationView
- Override ListView getAdapter造成的后果
- 未将对象引用设置到对象的实例–可能出现的问题总结
- String.Format使用方法
- 【算法千题案例】每日LeetCode打卡——81.最长特殊序列 Ⅰ
- linux lvm挂载新的硬盘并且扩容
- PCBA电路板测试常见方法—高拓电子
- 【算法千题案例】每日LeetCode打卡——82.反转字符串 II
- 制作PPT封面页设计的技巧都有哪些?
- 分析一个错误使用MemoryCache导致的BUG
- EF Core如何处理多对多关系
- Linux下各种连接数配置
- Rails MVC 和 CRUD(3)
- Rails MVC 和 CRUD(4)
- Rails MVC 和 CRUD(5)
- Rails MVC 和 CRUD(6)
- Rails MVC 和 CRUD(7)
- TI提供的超详细示波器各个环节设计参考指南
- msbuild Roslyn 行为详解
- 雷电USB4开源示波器,4通道,带宽350MHz,采样率1Gsps,上位机支持Windows和Linux