Browse Source

JWT_BEARER flow

pull/4/head
shengzhaoli.shengz 1 year ago
parent
commit
198fd7ae4d
  1. 3
      others/oauth2.1-flow.md
  2. 10
      src/main/java/com/monkeyk/sos/service/dto/ClientSettingsDto.java

3
others/oauth2.1-flow.md

@ -201,6 +201,7 @@ or [400]
## revoke token API ## revoke token API
Core-Class: OAuth2TokenRevocationEndpointFilter Core-Class: OAuth2TokenRevocationEndpointFilter
@ -273,6 +274,8 @@ https://springdoc.cn/spring-authorization-server/index.html
https://developer.aliyun.com/article/1050110 https://developer.aliyun.com/article/1050110
[jwt-bearer] https://developer.atlassian.com/cloud/jira/software/user-impersonation-for-connect-apps/
在线PKCE生成工具 在线PKCE生成工具
1. PKCEUtils.java 1. PKCEUtils.java
2. https://tonyxu-io.github.io/pkce-generator/ 2. https://tonyxu-io.github.io/pkce-generator/

10
src/main/java/com/monkeyk/sos/service/dto/ClientSettingsDto.java

@ -3,6 +3,7 @@ package com.monkeyk.sos.service.dto;
import com.monkeyk.sos.infrastructure.SettingsUtils; import com.monkeyk.sos.infrastructure.SettingsUtils;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.security.oauth2.jose.jws.JwsAlgorithm; import org.springframework.security.oauth2.jose.jws.JwsAlgorithm;
import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm; import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings; import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
@ -72,8 +73,13 @@ public class ClientSettingsDto implements Serializable {
public ClientSettings toSettings() { public ClientSettings toSettings() {
ClientSettings.Builder builder = ClientSettings.builder() ClientSettings.Builder builder = ClientSettings.builder()
.requireProofKey(requireProofKey) .requireProofKey(requireProofKey)
.requireAuthorizationConsent(requireAuthorizationConsent) .requireAuthorizationConsent(requireAuthorizationConsent);
.tokenEndpointAuthenticationSigningAlgorithm(SignatureAlgorithm.valueOf(tokenEndpointAuthenticationSigningAlgorithm)); //区分不同算法:对称/非对称
if (tokenEndpointAuthenticationSigningAlgorithm.startsWith("HS")) {
builder.tokenEndpointAuthenticationSigningAlgorithm(MacAlgorithm.valueOf(tokenEndpointAuthenticationSigningAlgorithm));
} else {
builder.tokenEndpointAuthenticationSigningAlgorithm(SignatureAlgorithm.valueOf(tokenEndpointAuthenticationSigningAlgorithm));
}
if (StringUtils.isNotBlank(jwkSetUrl)) { if (StringUtils.isNotBlank(jwkSetUrl)) {
builder.jwkSetUrl(jwkSetUrl); builder.jwkSetUrl(jwkSetUrl);
} }

Loading…
Cancel
Save