慕课网 http://coding.imooc.com/class/134.html 的源代码
集成 spring securit, spring security oauth 和 spring social,实现 用户名密码登录,手机验证码登录,社交账号登录,基于jwt的sso,集群session管理等功能。
慕课网 http://coding.imooc.com/class/134.html 的源代码
集成 spring securit, spring security oauth 和 spring social,实现 用户名密码登录,手机验证码登录,社交账号登录,基于jwt的sso,集群session管理等功能。
rt
@Autowired
private AuthenticationManager authenticationManager;
在SocialConfig中配置了JdbcUsersConnectionRepository,但是运行时SocialAuthenticationProvider中的UsersConnectionRepositor是InMemoryUsersConnectionRepository!
项目启动报错是什么原因呢,Failed to instantiate [org.springframework.social.connect.ConnectionFactoryLocator]: Factory method 'connectionFactoryLocator' threw exception; nested exception is java.lang.IllegalArgumentException: The clientId property cannot be null
jojo老师,我有一个疑问,就是您在视频中是如果用户没登陆就去登陆的接口
@RequestMapping("/social/signUp")
@ResponseStatus(HttpStatus.UNAUTHORIZED)
public SocialUserInfo socialInfo(HttpServletRequest request){
Connection<?> connection = providerSignInUtils.getConnectionFromSession(new ServletWebRequest(request));
SocialUserInfo socialUserInfo = new SocialUserInfo();
ConnectionKey key = connection.getKey();
socialUserInfo.setProviderId(key.getProviderId());
socialUserInfo.setProviderUserId(key.getProviderUserId());
socialUserInfo.setNickName(connection.getDisplayName());
socialUserInfo.getHeadImg();
appSignUpUtils.saveConnectionData(new ServletWebRequest(request), connection.createData());
return socialUserInfo;
}
这是接口,关键是如果是app的话根本无法跳转到这里,然而在这个方法中您使用的是providerSignInUtils.getConnectionFromSession(new ServletWebRequest(request));来获取,此时app已经输入第二次发送请求了,您是在测试工具上应该也会带上session,所以获取到了第一次的connection,如果说是app呢?会拿得到吗?估计有点悬...
其实我有个好主意,利用认证错误处理器来做,这个时候还是属于第一次请求,我可以通过这个 providerSignInUtils来获取到,然后保存到redis中!然后写回去用户信息!这样也就不会发生跳转了!当错误处理器处理后,他也不会跳转页面!因为他会抛出 SocialAuthenticationRedirectException 这个类型i的异常,我还可以检查是这个异常就这样处理!
APP的鉴权模式下 如何展示swagger-ui
我修改了pom文件把imooc-security-authorize模块加到主工程了,删掉了注释,但是运行起来各种问题。所以请教下
你好jojo老师 能否讲解一下 普通请求的过滤流程 (非登陆请求)
我想在每次请求 的返回里加上更新的token(如果需要更新的话) 不知道如何下手 希望指点 谢谢
当我使用QQ授权登录时,它不进入loadUserByUserId里面;第一次授权成功后,跳转到注册界面,注册后UserConnection表里存在数据;但是第二次授权登录时,还是会跳转到注册界面
我不希望第三方授权认证的时候跳转到注册页面,因此做了如下的配置
`
1、创建一个类实现ConnectionSignUp 接口并重写方法
public class DemoConnectionSignUp implements ConnectionSignUp {
// 并重写execute()方法即可
public String execute(Connection<?> connection) {
return connection.getDisplayName();
}
}
然后在Social的配置类里面做修改:SocialConfig
第一步:先注入
@Autowired(required = false)
private ConnectionSignUp connectionSignUp;
第二步:修改getUsersConnectionRepository()方法
if(connectionSignUp != null) {
repository.setConnectionSignUp(connectionSignUp);
}`
可是做了这些配置后,使用QQ授权登录后还是会跳转到注册界面?
qq绑定回调地址,跟登入回调地址不同,绑定时qq报redirect uri is illegal(100010)错误,这个怎么解决?
jojo老师您好,能否提供imooc-security-authorize
模块那五张表的建表语句sql呢,没有那五张表,最后的权限部分运行不起来,谢谢!
原因是 UserConnection 表中的 rank 字段 在mysql 8被 新增为保留关键字
所以无法使用 mysql8
报错sql:select coalesce(max(rank) + 1, 1) as rank from UserConnection where userId = ? and providerId = ?
brower依赖authorize模块,运行不起来。怎么回事啊
master的 test项目下pom.xml文件 中文格式不对
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.