public RegisteredClientRepository registeredClientRepository() {
RegisteredClient registeredClient = RegisteredClient
.withId(UUID.randomUUID().toString())
.clientId("messaging-client")
.clientSecret("{noop}secret")
.clientAuthenticationMethod(ClientAuthenticationMethod.CLIENT_SECRET_BASIC)
.authorizationGrantType(AuthorizationGrantType.AUTHORIZATION_CODE)
.authorizationGrantType(AuthorizationGrantType.REFRESH_TOKEN)
.authorizationGrantType(AuthorizationGrantType.CLIENT_CREDENTIALS)
.authorizationGrantType(AuthorizationGrantType.PASSWORD)
.redirectUri("http://www.baidu.com") //
.redirectUri("http://127.0.0.1:8080/authorized")
.scope(OidcScopes.OPENID)
.scope(OidcScopes.PROFILE)
.scope("message.read")
.scope("message.write")
.scope("password")
.clientSettings(ClientSettings.builder()
.requireAuthorizationConsent(true)
.build()
)
.tokenSettings(TokenSettings.builder()
.accessTokenTimeToLive(Duration.ofMinutes(1L))
.accessTokenFormat(OAuth2TokenFormat.SELF_CONTAINED)
.reuseRefreshTokens(true)
.refreshTokenTimeToLive(Duration.ofMinutes(120L))
.idTokenSignatureAlgorithm(SignatureAlgorithm.RS256)
.build()
)
.build();
return new InMemoryRegisteredClientRepository(registeredClient);
}
UserDetails user = User.withDefaultPasswordEncoder()`
.username("user1")
.password("password")
.roles("user")
.authorities("usersdsa1")
.build();
}
我通过代码获得许可生成了token。获得的权限是
SCOPE_message.readROLE\_ Userusersdsa1Spring Authorization Server是什么关系,你处理吗?
authentication = SecurityContextHolder.getContext().getAuthentication();
我想得到
role\_ user