如何删除hasAuthority中的Scope_Prefix

5jvtdoz2  于 2022-09-21  发布在  其他
关注(0)|答案(2)|浏览(157)

这是我的象征性回应。但是Spring会自动添加SCOPE_PREFIX。如何在Spring Boot中配置ScopeVoter.setScope ePrefix(字符串scope ePrefix)。请帮帮我。谢谢

"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI1MkRsOVNTMlREY0M5SkFtZmZ3ZE1BNjJkbFBreDlFMDdRSnhObF9sVDNJIn0.eyJleHAiOjE2MDQwMjM0MDEsImlhdCI6MTYwNDAyMzEwMSwianRpIjoiMTZkMDBjNzEtYTRiZS00MGNhLTk4NjUtZGQxNGVlYmU5MGFjIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21pY3Jvc2VydmljZSIsInN1YiI6IjFkYTEzZGMzLTI0NDUtNGVlNC1iMWE1LTM2NzZjNjIyNjg5NyIsInR5cCI6IkJlYXJlciIsImF6cCI6Im1vYmlsZXJldGFpbCIsInNlc3Npb25fc3RhdGUiOiIyYjM2MzFkYi05ZjAyLTQyMjktOTM4NC1kNDQxYzRjZjY3NTEiLCJhY3IiOiIxIiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIm9mZmxpbmVfYWNjZXNzIiwidW1hX2F1dGhvcml6YXRpb24iXX0sInJlc291cmNlX2FjY2VzcyI6eyJtb2JpbGVyZXRhaWwiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX19LCJzY29wZSI6InBob25lIHByb2ZpbGUgZW1haWwiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudElkIjoibW9iaWxlcmV0YWlsIiwiY2xpZW50SG9zdCI6IjEyNy4wLjAuMSIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1tb2JpbGVyZXRhaWwiLCJjbGllbnRBZGRyZXNzIjoiMTI3LjAuMC4xIn0.L0miTQSm1C_vQdE4DxW4h27R3qphjZ97JVOaoRDkAyiWSu26NpiNH0hBF3_iJ4RUlDm6pjOMQvRntVcpouV7gtTd4Pvi9bkxPI6je-LEhIXHeDsFpMeNIy9T7YyfICsQQULLzwJ9uNDAWcsgSIGAqHcCaHtSh3X3PUyDQtFth8JBqUGESyzqAQ2F2ydtQC4TBe7l6bKeU0hO0rVFWTBOB8KZm4NaV2xgyy3KSkr_iSNctidTyXDQZBIKJsVqUH8uUcCMxsdqVHmMY9i_Sr_GzbMBGNnVeQpvLiqN3yHgwTXJA58Ttt5LL4yOmtJEG7Qj9gESxAmkj1_WKqmhNWp7oA",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIxOGM5ZmRiNy1mNzQ0LTQ2ZjktODQ4Ni0wMTFjNWVkOWNkZDIifQ.eyJleHAiOjE2MDQwMjQ5MDEsImlhdCI6MTYwNDAyMzEwMSwianRpIjoiOTY5ZGMzZTEtMWVhOC00YThkLWIxOTEtZDhlNDg1YTU2ZWVkIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL21pY3Jvc2VydmljZSIsImF1ZCI6Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9hdXRoL3JlYWxtcy9taWNyb3NlcnZpY2UiLCJzdWIiOiIxZGExM2RjMy0yNDQ1LTRlZTQtYjFhNS0zNjc2YzYyMjY4OTciLCJ0eXAiOiJSZWZyZXNoIiwiYXpwIjoibW9iaWxlcmV0YWlsIiwic2Vzc2lvbl9zdGF0ZSI6IjJiMzYzMWRiLTlmMDItNDIyOS05Mzg0LWQ0NDFjNGNmNjc1MSIsInNjb3BlIjoicGhvbmUgcHJvZmlsZSBlbWFpbCJ9.wZtoxah1dofhZOoMfODG2faFIivjjlTIxVeMJgu_Gm8",
"token_type": "bearer",
"not-before-policy": 0,
"session_state": "2b3631db-9f02-4229-9384-d441c4cf6751",
"scope": "phone profile email"

HasAuthority(‘Scope_Phone’)正在工作,但hasAnyAuthority(‘phone’)不工作

@RequestMapping(value = "/user", method = RequestMethod.GET)
    @PreAuthorize("hasAuthority('SCOPE_phone')")
    public ResponseEntity<String> getUser() {
        return ResponseEntity.ok("Hello User");
    }

    @RequestMapping(value = "/test", method = RequestMethod.GET)
    @PreAuthorize("hasAnyAuthority('phone')")
    public ResponseEntity<String> test() {
        return ResponseEntity.ok("Hello test");
    }
oauth-2.0

2条答案

按热度按时间
44u64gxh

44u64gxh1#

在我们的一个应用程序中,我像下面这样管理它。您是否尝试过自定义AccessDecisionManager注入无前缀的Scope Voter。由于默认为SCOPE_。因为我无法找到SCOPE_PREFIX的开箱即用配置。

@Configuration
@EnableWebSecurity
public class ApplicationSecurityConfiguration extends WebSecurityConfigurerAdapter {

    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
            .and()
            ....
            ....
            ....
            ....
            .permitAll();
        http.authorizeRequests()
            .accessDecisionManager(accessDecisionManager());        // passed custom access decision manager
    }
    @Bean
    public AccessDecisionManager accessDecisionManager() {
        java.util.List<AccessDecisionVoter<? extends Object>> decisionVoters
                = Arrays.asList(
                new WebExpressionVoter(),                        // You can add or remove the Role voters as per need
                new RoleVoter(),                                 // For ROLE_ prefix
                new AuthenticatedVoter(),
                scopeVoterWithNoPrefix()                          // Get instance of ScopeVoter
        );
        return new UnanimousBased(decisionVoters);
    }

    @Bean
    public ScopeVoter scopeVoterWithNoPrefix() {
        ScopeVoter scopeVoter = new ScopeVoter();
        scopeVoter.setScopePrefix("")
        return scopeVoter;
    }
}
赞(0)分享  回复(0)举报  2022-09-21
rqenqsqc

rqenqsqc2#

您可以将以下代码片段添加到您的配置中,以清空默认的JWT授权前缀

@Bean
public JwtAuthenticationConverter jwtAuthenticationConverter() {

    JwtGrantedAuthoritiesConverter grantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    grantedAuthoritiesConverter.setAuthorityPrefix("");

    JwtAuthenticationConverter authConverter = new JwtAuthenticationConverter();
    authConverter.setJwtGrantedAuthoritiesConverter(grantedAuthoritiesConverter);
    return authConverter;
}

例如,您可以将其包含在WebSecurityConfiguration

赞(0)分享  回复(0)举报  2022-09-21
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com