spring引导资源服务器主体名称

uqcuzwp8  于 2021-07-06  发布在  Java
关注(0)|答案(1)|浏览(240)

我有一个keydepot服务器在运行。以及作为资源服务器的spring引导应用程序。我可以验证并获取令牌,spring boot应用程序将接受令牌。但是当我想从校长那里得到用户名时,我会得到一个uuid,而不是我的电子邮件或用户名。我还添加了一个Map器到我的key斗篷,它将首选的\u用户名Map到用户名。它在工作。
jwt信息

...
  "scope": "openid profile email",
  "email_verified": true,
  "username": "test@test.com",
  "DOB": "12345",
  "name": "test test",
  "preferred_username": "test@test.com",
  "given_name": "test",
  "family_name": "test",
  "email": "test@test.com"
}

我的spring应用程序属性:

spring:
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: http://localhost:8080/auth/realms/test
lmyy7pcs

lmyy7pcs1#

@Configuration
@EnableWebSecurity
@ComponentScan(basePackageClasses = KeycloakSecurityComponents.class)
public class JWTSecurityConfig extends KeycloakWebSecurityConfigurerAdapter {

    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        KeycloakAuthenticationProvider keycloakAuthenticationProvider = keycloakAuthenticationProvider();
        keycloakAuthenticationProvider.setGrantedAuthoritiesMapper(new SimpleAuthorityMapper());
        auth.authenticationProvider(keycloakAuthenticationProvider);
    }

    @Bean
    public KeycloakConfigResolver KeycloakConfigResolver() {
        return new KeycloakSpringBootConfigResolver();
    }

    /**
     * Defines the session authentication strategy.
     */
    @Bean
    @Override
    protected SessionAuthenticationStrategy sessionAuthenticationStrategy() {
        return new RegisterSessionAuthenticationStrategy(new SessionRegistryImpl());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
          .authorizeRequests(authz -> authz
            .anyRequest().permitAll().permitAll())
          .oauth2ResourceServer(OAuth2ResourceServerConfigurer::jwt);
    }
}

相关问题