英文:
Spring Security OAuth2 custom success user
问题
我想要添加使用 Azure AD 的 OAuth 授权。我使用这个指南进行设置。问题在于,我只想将 Azure AD 用作信任提供者(例如,用户属于特定组,也称为目录),但我不想使用 OidcUser 作为 Spring Security 用户。
我希望的过程是:将用户重定向到 Microsoft 登录页面,接收包含所有令牌的用户信息,然后在我的服务器端处理请求,并根据来自 Microsoft 的电子邮件授权我的自定义 Spring Security UserDetails 实现。
英文:
I want to add OAuth authorization wuth Azure AD. I use this guide to setup this. The problem is that I want to use Azure AD only as a Trust Provider(like user belong to specific group aka directory), but I don't want to work with OidcUser Spring Security User.
Process that I would like to have: redirect user to Microsoft login page, receive user info with all tokens, handle request on my server side and authoriza my custom implementation of Spring Security UserDetails based on email from Microsoft
答案1
得分: 1
如果您的情景是要完全消除用户身份验证,并且希望服务器直接进行身份验证,那么可以使用客户端凭证流程来实现。
根据您在第二段提到的涉及用户的过程,可以使用授权码流程来实现。
此外,有关代码示例和实施,请参阅Microsoft Github 文档。
英文:
If your scenario is to eliminate the user authentication completely and your server to directly authenticate then it is possible with client credential flow.
Based on the process you have mentioned in the second paragraph which involves user it is possible with authentication code flow.
Also, for code sample and implementation please refer Microsoft Github Document.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论