我想将oauth2客户机id和客户机机密从springbootbean传递给yaml,而不是直接硬编码yaml文件中的值。我的客户id和客户机密从harshicorp保险库安全检索,我想将它们安全地传递给yaml。我该怎么做?我试过下面这样的方法
@Configuration
@ConfigurationProperties(prefix = "spring.security.oauth2.registration.custom-client")
@Slf4j
public class SSOConfig {
private String client_id;
private String client_secret;
public void setClient_secret(String client_secret) {
this.client_secret = "xxxxxxxxxxxxx";
}
public String getClient_secret() {
return client_secret;
}
public void setClient_id(String client_id) {
this.client_id = "xxxxxxxxxxxx";
}
public String getClient_id() {
return client_id;
}
亚马尔
spring:
thymeleaf:
cache: false
security:
oauth2:
client:
registration:
custom-client:
client-id: (this line is removed completely)
client-secret: (this line is removed completely)
scope: ["openid", "profile", "email", "address", "phone", "groups"]
provider: custom-provider
state: xoxoxo
redirect-uri: http://localhost:8080/login
client-authentication-method: basic
authorization-grant-type: authorization_code
在添加这段代码之后,我从yaml中删除了client id和client secret,但是仍然抛出错误,比如client id不能为空
1条答案
按热度按时间rbpvctlc1#
很抱歉我发晚了。我浏览了spring文档,发现使用最新的spring security oauth2,默认实现将自动配置所有内容,但是如果您想覆盖默认配置,如果您想自己提供客户机详细信息,可以通过创建
@Bean
命名ClientRegistrationRepository
这种方式,了解有关覆盖自动配置的详细信息。链接