2021年8月25日 | Leave a comment 问题: SpringBoot 2.5.x 如何集成 OpenID Connect 登录 解决: OpenID Connect 是在 OAuth2 之上形成的一套身份验证机制,可以实现 SSO pom.xml <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-oauth2-client</artifactId> </dependency> 1234 <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-oauth2-client</artifactId> </dependency> application.yml spring: security: oauth2: client: registration: crcc: client-id: "aaa" client-secret: "bbbb" provider: "crcc-provider" scope: "openid,profile" redirectUri: "https://aaaa:7443/login/oauth2/code/crcc" clientName: dddddd authorizationGrantType: authorization_code provider: crcc-provider: issuer-uri: "https://b.com" 12345678910111213141516 spring: security: oauth2: client: registration: crcc: client-id: "aaa" client-secret: "bbbb" provider: "crcc-provider" scope: "openid,profile" redirectUri: "https://aaaa:7443/login/oauth2/code/crcc" clientName: dddddd authorizationGrantType: authorization_code provider: crcc-provider: issuer-uri: "https://b.com" IndexController package com.telsafe.crccdemo; import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.security.oauth2.core.oidc.user.OidcUser; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.GetMapping; /** * @author tangfh * @date 2021/8/25 */ @Controller public class IndexController { @GetMapping("/") //public String ss(Model mv, Authentication auth) { public String ss(Model mv, @AuthenticationPrincipal OidcUser user) { //mv.addAttribute("name", auth.getName()); mv.addAttribute("name", user.getName()); mv.addAttribute("token", user.getIdToken().getTokenValue()); return "index"; } } 1234567891011121314151617181920212223 package com.telsafe.crccdemo; import org.springframework.security.core.annotation.AuthenticationPrincipal;import org.springframework.security.oauth2.core.oidc.user.OidcUser;import org.springframework.stereotype.Controller;import org.springframework.ui.Model;import org.springframework.web.bind.annotation.GetMapping; /** * @author tangfh * @date 2021/8/25 */@Controllerpublic class IndexController { @GetMapping("/") //public String ss(Model mv, Authentication auth) { public String ss(Model mv, @AuthenticationPrincipal OidcUser user) { //mv.addAttribute("name", auth.getName()); mv.addAttribute("name", user.getName()); mv.addAttribute("token", user.getIdToken().getTokenValue()); return "index"; }} Spring Security 关键类 OidcAuthorizationCodeAuthenticationProvider implements AuthenticationProvider : 获取用户信息 OAuth2LoginAuthenticationFilter: 处理返回认证中心授权回调的参数? OAuth2AuthorizationRequestRedirectFilter: 检测如果没有登录则跳转到认证中心 OidcUserService: 获取用户信息 OidcUser 1234 OidcAuthorizationCodeAuthenticationProvider implements AuthenticationProvider : 获取用户信息OAuth2LoginAuthenticationFilter: 处理返回认证中心授权回调的参数?OAuth2AuthorizationRequestRedirectFilter: 检测如果没有登录则跳转到认证中心OidcUserService: 获取用户信息 OidcUser 参考: