如何在成功的客户端凭证流程中记录客户信息在Spring Boot授权服务器中执行

问题描述 投票:0回答:1
我想记录

RegisteredClient.clientId

RegisteredClient.clientName
当它执行成功的cllient凭据流时。我该如何实现?
电流行为

当客户端交换其应用程序凭据(例如客户端ID和客户端秘密)以获取访问令牌时,我检查了日志(带有跟踪级别)。 贝洛(Below)是我在日志中得到的内容的摘要:
2025-02-26T12:31:25.511+06:00 TRACE 31608 --- [nio-9090-exec-1] o.s.s.authentication.ProviderManager : Authenticating request with ClientSecretAuthenticationProvider (3/20) 2025-02-26T12:31:25.515+06:00 TRACE 31608 --- [nio-9090-exec-1] s.a.a.ClientSecretAuthenticationProvider : Retrieved registered client 2025-02-26T12:31:25.592+06:00 TRACE 31608 --- [nio-9090-exec-1] s.a.a.ClientSecretAuthenticationProvider : Validated client authentication parameters 2025-02-26T12:31:25.593+06:00 TRACE 31608 --- [nio-9090-exec-1] s.a.a.ClientSecretAuthenticationProvider : Authenticated client secret 2025-02-26T12:31:25.593+06:00 DEBUG 31608 --- [nio-9090-exec-1] o.s.a.w.OAuth2ClientAuthenticationFilter : Set SecurityContextHolder authentication to OAuth2ClientAuthenticationToken ... 2025-02-26T12:31:25.593+06:00 TRACE 31608 --- [nio-9090-exec-1] o.s.security.web.FilterChainProxy : Invoking OAuth2TokenEndpointFilter (21/25) 2025-02-26T12:31:25.593+06:00 TRACE 31608 --- [nio-9090-exec-1] o.s.s.authentication.ProviderManager : Authenticating request with OAuth2ClientCredentialsAuthenticationProvider (1/20) 2025-02-26T12:31:25.593+06:00 TRACE 31608 --- [nio-9090-exec-1] 2ClientCredentialsAuthenticationProvider : Retrieved registered client 2025-02-26T12:31:25.593+06:00 TRACE 31608 --- [nio-9090-exec-1] 2ClientCredentialsAuthenticationProvider : Validated token request parameters 2025-02-26T12:31:25.594+06:00 TRACE 31608 --- [nio-9090-exec-1] 2ClientCredentialsAuthenticationProvider : Generated access token 2025-02-26T12:31:25.594+06:00 TRACE 31608 --- [nio-9090-exec-1] 2ClientCredentialsAuthenticationProvider : Saved authorization 2025-02-26T12:31:25.594+06:00 TRACE 31608 --- [nio-9090-exec-1] 2ClientCredentialsAuthenticationProvider : Authenticated token request

上面的日志仅描述客户端成功收到

OAuth2ClientAuthenticationToken
时事件。但是它并没有更多地讲述诸如
clientId

clientName
的信息。是否可以在日志中添加这些信息,因此,如果有人想拥有此信息,他们可以在其记录器配置中启用特定类?
    
spring安全性为成功的每个身份验证都会激发
event

。 实施该事件的听众:
spring-security spring-authorization-server
1个回答
0
投票
@Component public class AuthenticationSuccessEventListener { @EventListener public void onSuccess(AuthenticationSuccessEvent event) { if (event.getAuthentication() instanceof OAuth2ClientAuthenticationToken authentication) { RegisteredClient registeredClient = authentication.getRegisteredClient(); log.info("client_id={}, client_name={}", registeredClient.getClientId(), registeredClient.getClientName()); } } }

最新问题
© www.soinside.com 2019 - 2025. All rights reserved.